From 27e65c9ce44a6fbf0f83a245234a304dcc12722a Mon Sep 17 00:00:00 2001 From: Huan-Cheng Chang Date: Thu, 23 Jan 2025 09:18:41 +0000 Subject: [PATCH] ci: build images reuse workflow --- .github/workflows/docker-multiplatform.yml | 117 +++++++++++++++++++++ .github/workflows/docker.yml | 116 ++++---------------- 2 files changed, 138 insertions(+), 95 deletions(-) create mode 100644 .github/workflows/docker-multiplatform.yml diff --git a/.github/workflows/docker-multiplatform.yml b/.github/workflows/docker-multiplatform.yml new file mode 100644 index 000000000..70c750609 --- /dev/null +++ b/.github/workflows/docker-multiplatform.yml @@ -0,0 +1,117 @@ +name: Build multiplatform docker image + +on: + workflow_call: + inputs: + octez-tag: + description: "tezos/tezos docker tag to be used" + required: true + type: string + docker_registry: + description: Docker registry + required: true + type: string + docker_image_base: + description: Docker image base + required: true + type: string + image: + description: Image + required: true + type: string + dockerfile: + description: Dockerfile + required: true + type: string + kernel_artifact_name: + description: Kernel artifact name + required: true + type: string + outputs: + tag: + description: "docker image tag" + value: ${{ jobs.merge.outputs.tag }} + +jobs: + build-docker-arm64: + name: Build (Docker arm64) + runs-on: ubuntu-24.04-arm + permissions: + contents: read + packages: write + steps: + - name: Build + uses: jstz-dev/jstz/.github/actions/build-docker-image@huanchengchang-jstz-286 + with: + platform: linux + arch: arm64 + repo_token: ${{ secrets.GITHUB_TOKEN }} + octez-tag: ${{ inputs.octez-tag }} + docker_registry: ${{ inputs.docker_registry }} + docker_registry_username: ${{ github.actor }} + docker_registry_password: ${{ secrets.GITHUB_TOKEN }} + docker_image_base: ${{ inputs.docker_image_base }} + image: ${{ inputs.image }} + dockerfile: ${{ inputs.dockerfile }} + kernel_artefact_name: ${{ inputs.kernel_artifact_name }} + build-docker-amd64: + name: Build (Docker amd64) + runs-on: ubuntu-24.04 + permissions: + contents: read + packages: write + steps: + - name: Build + uses: jstz-dev/jstz/.github/actions/build-docker-image@huanchengchang-jstz-286 + with: + platform: linux + arch: amd64 + repo_token: ${{ secrets.GITHUB_TOKEN }} + octez-tag: ${{ inputs.octez-tag }} + docker_registry: ${{ inputs.docker_registry }} + docker_registry_username: ${{ github.actor }} + docker_registry_password: ${{ secrets.GITHUB_TOKEN }} + docker_image_base: ${{ inputs.docker_image_base }} + image: ${{ inputs.image }} + dockerfile: ${{ inputs.dockerfile }} + kernel_artefact_name: ${{ inputs.kernel_artifact_name }} + merge: + runs-on: ubuntu-latest + needs: + - build-docker-amd64 + - build-docker-arm64 + outputs: + tag: ${{ fromJson(steps.meta.outputs.json).tags[0] }} + steps: + - uses: actions/checkout@v4 + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: ${{ runner.temp }}/digests/${{ inputs.image }} + pattern: digests-${{ inputs.image }}-* + merge-multiple: true + - name: Login to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Extract metadata + id: meta + uses: docker/metadata-action@v3 + with: + images: ${{ inputs.docker_registry }}/${{ inputs.docker_image_base }}/${{ inputs.image }} + tags: | + type=ref,event=tag + {{sha}} + - name: Create manifest list and push + working-directory: ${{ runner.temp }}/digests/${{ inputs.image }} + run: | + docker buildx imagetools create -t ${{ fromJson(steps.meta.outputs.json).tags[0] }} \ + $(printf '${{ inputs.docker_registry }}/${{ inputs.docker_image_base }}/${{ inputs.image }}@sha256:%s ' *) + - name: Inspect image + id: inspect-image + run: | + docker buildx imagetools inspect "${{ fromJson(steps.meta.outputs.json).tags[0] }}" diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index df5ebc769..7114c49a8 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -22,20 +22,16 @@ on: outputs: jstz-cli: description: "jstz docker image tag" - value: ${{ jobs.build-docker.outputs.jstz-cli }} + value: ${{ jobs.build-image.outputs.tag }} jstz-rollup: description: "jstz-rollup docker image tag" - value: ${{ jobs.build-docker.outputs.jstz-rollup }} + value: ${{ jobs.build-image.outputs.tag }} jstz-node: description: "jstz-node docker image tag" - value: ${{ jobs.build-docker.outputs.jstz-node }} + value: ${{ jobs.build-image.outputs.tag }} jstzd: description: "jstzd docker image tag" - value: ${{ jobs.build-docker.outputs.jstzd }} - -env: - DOCKER_REGISTRY: ghcr.io - DOCKER_IMAGE_BASE: jstz-dev/jstz + value: ${{ jobs.build-image.outputs.tag }} jobs: build-kernel: @@ -56,96 +52,26 @@ jobs: with: name: jstz-kernel path: result/lib/jstz_kernel.wasm - - build-docker-arm64: - name: Build (Docker arm64) - needs: [build-kernel] - runs-on: ubuntu-24.04-arm - permissions: - contents: read - packages: write - strategy: - matrix: - include: - - image: jstz-rollup - dockerfile: ./crates/jstz_rollup/Dockerfile - steps: - - uses: jstz-dev/jstz/.github/actions/build-docker-image@huanchengchang-jstz-286 - with: - platform: linux - arch: arm64 - repo_token: ${{ secrets.GITHUB_TOKEN }} - octez-tag: ${{ inputs.octez-tag }} - docker_registry: ${{ env.DOCKER_REGISTRY }} - docker_registry_username: ${{ github.actor }} - docker_registry_password: ${{ secrets.GITHUB_TOKEN }} - docker_image_base: ${{ env.DOCKER_IMAGE_BASE }} - image: ${{ matrix.image }} - dockerfile: ${{ matrix.dockerfile }} - kernel_artefact_name: jstz-kernel - build-docker-amd64: - name: Build (Docker amd64) + build-image: + name: Build image needs: [build-kernel] - runs-on: ubuntu-24.04 - permissions: - contents: read - packages: write strategy: matrix: include: - image: jstz-rollup dockerfile: ./crates/jstz_rollup/Dockerfile - steps: - - uses: jstz-dev/jstz/.github/actions/build-docker-image@huanchengchang-jstz-286 - with: - platform: linux - arch: amd64 - repo_token: ${{ secrets.GITHUB_TOKEN }} - octez-tag: ${{ inputs.octez-tag }} - docker_registry: ${{ env.DOCKER_REGISTRY }} - docker_registry_username: ${{ github.actor }} - docker_registry_password: ${{ secrets.GITHUB_TOKEN }} - docker_image_base: ${{ env.DOCKER_IMAGE_BASE }} - image: ${{ matrix.image }} - dockerfile: ${{ matrix.dockerfile }} - kernel_artefact_name: jstz-kernel - merge: - runs-on: ubuntu-latest - needs: - - build-docker-amd64 - - build-docker-arm64 - strategy: - matrix: - include: - - image: jstz-rollup - steps: - - name: Download digests - uses: actions/download-artifact@v4 - with: - path: ${{ runner.temp }}/digests/${{ matrix.image }} - pattern: digests-${{ matrix.image }}-* - merge-multiple: true - - name: Login to GHCR - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Extract metadata - id: meta - uses: docker/metadata-action@v3 - with: - images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }} - tags: | - type=ref,event=tag - {{sha}} - - name: Create manifest list and push - working-directory: ${{ runner.temp }}/digests/${{ matrix.image }} - run: | - docker buildx imagetools create -t ${{ fromJson(steps.meta.outputs.json).tags[0] }} \ - $(printf '${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }}@sha256:%s ' *) - - name: Inspect image - run: | - docker buildx imagetools inspect ${{ fromJson(steps.meta.outputs.json).tags[0] }} + - image: jstzd + dockerfile: ./crates/jstzd/Dockerfile + - image: jstz-cli + dockerfile: ./crates/jstz_cli/Dockerfile + - image: jstz-node + dockerfile: ./crates/jstz_node/Dockerfile + uses: jstz-dev/jstz/.github/workflows/docker-multiplatform.yml@huanchengchang-jstz-286 + with: + octez-tag: ${{ inputs.octez-tag }} + docker_registry: ghcr.io + docker_image_base: jstz-dev/jstz + image: ${{ matrix.image }} + dockerfile: ${{ matrix.dockerfile }} + kernel_artifact_name: jstz-kernel + secrets: inherit