-
Notifications
You must be signed in to change notification settings - Fork 108
149 lines (133 loc) · 5.22 KB
/
sub-build-lightwalletd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
# TODO: we should stop using this build approach with lightwalletd and move to using our
# reusable workflow to building all the docker images of our repo
name: Build lightwalletd
# Ensures that only one workflow task will run at a time. Previous builds, if
# already in process, will get cancelled. Only the latest commit will be allowed
# to run, cancelling any workflows in between
#
# Cancelling old jobs is the most efficient approach, because the workflow is quick.
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
on:
workflow_dispatch:
# Update the lightwalletd image when related changes merge to the `zebra/main` branch
push:
branches:
- 'main'
paths:
# rebuild lightwalletd whenever the related Zebra code changes
#
# TODO: this code isn't compiled in this docker image
# rebuild whenever the actual code at lightwalletd/master changes
- 'zebra-rpc/**'
- 'zebrad/tests/acceptance.rs'
- 'zebrad/src/config.rs'
- 'zebrad/src/commands/start.rs'
# these workflow definitions actually change the docker image
- 'docker/zcash-lightwalletd/Dockerfile'
- '.github/workflows/sub-build-lightwalletd.yml'
# Update the lightwalletd image when each related PR changes
pull_request:
paths:
# rebuild lightwalletd whenever the related Zebra code changes
# (this code isn't actually compiled in this docker image)
- 'zebra-rpc/**'
- 'zebrad/tests/acceptance.rs'
- 'zebrad/src/config.rs'
- 'zebrad/src/commands/start.rs'
# these workflow definitions actually change the docker image
- 'docker/zcash-lightwalletd/Dockerfile'
- '.github/workflows/sub-build-lightwalletd.yml'
env:
IMAGE_NAME: lightwalletd
jobs:
build:
name: Build lightwalletd Docker
runs-on: ubuntu-latest
permissions:
contents: 'read'
id-token: 'write'
steps:
- uses: actions/checkout@v4.1.1
with:
# Note: check service.proto when modifying lightwalletd repo
repository: zcash/lightwalletd
ref: 'master'
persist-credentials: false
- uses: actions/checkout@v4.1.1
with:
path: zebra
persist-credentials: false
- name: Inject slug/short variables
uses: rlespinasse/github-slug-action@v4
with:
short-length: 7
# Automatic tag management and OCI Image Format Specification for labels
- name: Docker meta
id: meta
uses: docker/metadata-action@v5.0.0
with:
# list of Docker images to use as base name for tags
images: |
us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra/${{ env.IMAGE_NAME }}
# generate Docker tags based on the following events/attributes
# set latest tag for default branch
tags: |
type=schedule
# semver and ref,tag automatically add a "latest" tag, but only on stable releases
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=ref,event=tag
type=ref,event=branch
type=ref,event=pr
type=sha
# edge is the latest commit on the default branch.
type=edge,enable={{is_default_branch}}
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v3
with:
image: tonistiigi/binfmt:latest
platforms: all
# Setup Docker Buildx to allow use of docker cache layers from GH
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
# Setup gcloud CLI
- name: Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v1.2.0
with:
retries: '3'
workload_identity_provider: '${{ vars.GCP_WIF }}'
service_account: '${{ vars.GCP_ARTIFACTS_SA }}'
token_format: 'access_token'
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v1.1.1
- name: Login to Google Artifact Registry
uses: docker/login-action@v3.0.0
with:
registry: us-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
# Build and push image to Google Artifact Registry
- name: Build & push
id: docker_build
uses: docker/build-push-action@v5.1.0
with:
target: build
context: .
file: ./zebra/docker/zcash-lightwalletd/Dockerfile
platforms: |
linux/amd64
linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: true
cache-from: |
type=registry,ref=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra-caching/${{ env.IMAGE_NAME }}:${{ env.GITHUB_REF_SLUG_URL }}-cache
type=registry,ref=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra-caching/${{ env.IMAGE_NAME }}:main-cache
cache-to: |
type=registry,ref=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra-caching/${{ env.IMAGE_NAME }}:${{ env.GITHUB_REF_SLUG_URL }}-cache,mode=max