attempt a different build strategy to share base image #347
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
# Controls when the action will run. Triggers the workflow on push or pull request | |
# events but only for the master branch | |
on: | |
push: | |
# temporarily run on every push for testing | |
# branches: [ master ] | |
# pull_request: | |
# branches: [ master ] | |
# A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
# ┌──────────────────┐ ┌────────────────┐ ┌────────────────┐ | |
# ┌─────────┐ ┌─────────┬────► Build Latest NJS ├────────►Test Latest NJS ├─────►│Push Latest NJS │ | |
# │Build OSS├────►│Test OSS │ └──────────────────┘ └────────────────┘ └────────────────┘ | |
# └─────────┘ └──┬──────┤ | |
# │ │ ┌──────────────────┐ ┌──────────────────┐ ┌─────────────────┐ | |
# │ └────►Build Unprivileged├───────►Test Unprivileged ├────►│Push Unprivileged│ | |
# │ └──────────────────┘ └──────────────────┘ ├────────┬────────┘ | |
# │ ├────────┤ | |
# └──────────────────────────────────────────────────────────────►│Push OSS│ | |
# └────────┘ | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
# Note that uploading the artifact won't work. We will need to build and push it to a local registry. | |
# See here https://docs.docker.com/build/ci/github-actions/named-contexts/#using-with-a-container-builder | |
# This person has my problem: https://stackoverflow.com/questions/75831482/how-to-use-a-local-docker-registry2-from-one-job-as-a-container-for-another-job | |
# The issue is that the docker container that is the registery does not persist between jobs. | |
# So I"d need to do something dumb like use the artifact upload and download to get to to the next | |
# step then do it there. | |
# Time to cut my losses and do it mostly in one run. | |
if: github.ref != 'refs/heads/master' | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
# network=host driver-opt needed to push to local registry | |
driver-opts: network=host | |
- name: Build and export oss image | |
uses: docker/build-push-action@v5 | |
with: | |
file: Dockerfile.oss | |
context: . | |
tags: localhost:5000/nginx-s3-gateway , localhost:5000/nginx-s3-gateway:oss | |
push: true | |
- name: save image for upload | |
run: | | |
docker save localhost:5000/nginx-s3-gateway > oss.tar | |
- name: Upload artifact - oss | |
uses: actions/upload-artifact@v3 | |
with: | |
name: oss | |
path: /tmp/oss.tar | |
- name: Build and export latest-njs image | |
uses: docker/build-push-action@v5 | |
with: | |
file: Dockerfile.latest-njs | |
context: . | |
tags: localhost:5000/nginx-s3-gateway:latest-njs-oss | |
push: false | |
outputs: type=docker,dest=/tmp/latest-njs.tar | |
build-contexts: | | |
nginx-s3-gateway=docker-image://localhost:5000/nginx-s3-gateway:oss | |
- name: Upload artifact - latest-njs | |
uses: actions/upload-artifact@v3 | |
with: | |
name: latest-njs | |
path: /tmp/latest-njs.tar | |
- name: Build and export - unprivileged | |
uses: docker/build-push-action@v5 | |
with: | |
file: Dockerfile.unprivileged | |
context: . | |
tags: localhost:5000/nginx-s3-gateway:unprivileged | |
push: false | |
outputs: type=docker,dest=/tmp/unprivileged.tar | |
build-contexts: | | |
nginx-s3-gateway=docker-image://localhost:5000/nginx-s3-gateway:oss | |
- name: Upload artifact - unprivileged | |
uses: actions/upload-artifact@v3 | |
with: | |
name: unprivileged | |
path: /tmp/unprivileged.tar | |
test: | |
runs-on: ubuntu-latest | |
if: github.ref != 'refs/heads/master' | |
steps: | |
- uses: actions/checkout@v4 | |
## Start tests. Keep things here because we can't keep the registry between jobs | |
## TODO: Try saving the artifact after all are built? What happens to the other archs? | |
- name: Install dependencies | |
run: sudo apt-get update -qq && sudo apt-get install -y curl wait-for-it | |
- name: Restore cached binaries | |
id: cache-binaries-restore | |
uses: actions/cache/restore@v3 | |
with: | |
path: .bin | |
key: ${{ runner.os }}-binaries | |
- name: Install MinIO Client | |
run: | | |
mkdir .bin || exit 0 | |
cd .bin | |
curl --insecure --retry 6 --fail --location --output mc.RELEASE.2023-06-19T19-31-19Z "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z" | |
curl --insecure --retry 6 --fail --silent --location "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z.sha256sum" | sha256sum --check - | |
mv mc.RELEASE.2023-06-19T19-31-19Z mc | |
chmod +x mc | |
## OSS Test. No retagging needed | |
- name: Download artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: oss | |
path: /tmp | |
- name: Load image | |
run: | | |
docker load --input /tmp/oss.tar | |
- name: Run tests - stable njs version | |
run: ./test.sh --type oss | |
# ## Latest NJS test. Requires that we retag the latest njs one as the primary for now | |
# - name: Load image latest-oss | |
# run: | | |
# docker pull localhost:5000/nginx-s3-gateway:latest-njs-oss | |
# docker tag nginx-s3-gateway:latest-njs-oss nginx-s3-gateway | |
# - name: Run tests - latest njs version | |
# run: ./test.sh --latest-njs --type oss | |
# - name: Load image - unprivilegedp | |
# run: | | |
# docker pull localhost:5000/nginx-s3-gateway:unprivileged | |
# docker tag nginx-s3-gateway:unprivileged nginx-s3-gateway | |
# - name: Run tests - stable njs version - unprivileged process | |
# run: ./test.sh --unprivileged --type oss | |
# build_and_deploy: | |
# runs-on: ubuntu-latest | |
# if: github.ref == 'refs/heads/master' | |
# steps: | |
# # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
# - uses: actions/checkout@v2 | |
# - name: Get current date | |
# id: date | |
# run: echo "date=$(date +'%Y%m%d')" >> $GITHUB_OUTPUT | |
# - name: Configure Github Package Registry | |
# run: echo ${{ secrets.GITHUB_TOKEN }} | docker login docker.pkg.github.com -u $GITHUB_ACTOR --password-stdin | |
# - name: Install dependencies | |
# run: sudo apt-get update -qq && sudo apt-get install -y curl wait-for-it | |
# - name: Restore cached binaries | |
# id: cache-binaries-restore | |
# uses: actions/cache/restore@v3 | |
# with: | |
# path: .bin | |
# key: ${{ runner.os }}-binaries | |
# - name: Install MinIO Client | |
# run: | | |
# mkdir .bin || exit 0 | |
# cd .bin | |
# curl --insecure --retry 6 --fail --silent --location --output mc.RELEASE.2023-06-19T19-31-19Z "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z" | |
# curl --insecure --retry 6 --fail --silent --location "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z.sha256sum" | sha256sum --check - | |
# mv mc.RELEASE.2023-06-19T19-31-19Z mc | |
# chmod +x mc | |
# # Run tests and builds image | |
# - name: Run tests - latest njs version | |
# run: ./test.sh --latest-njs --type oss | |
# # latest-njs-oss image push [Github] | |
# - name: Tag container image for Push to github [latest-njs-oss date] | |
# run: docker tag nginx-s3-gateway:latest-njs-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to github [latest-njs-oss] | |
# run: docker tag nginx-s3-gateway:latest-njs-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss | |
# - name: Push container image to github [latest-njs-oss date] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }} | |
# - name: Push container image to github [latest-njs-oss] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-njs-oss | |
# # Run tests and builds image | |
# - name: Run tests - stable njs version - unprivileged process | |
# run: ./test.sh --unprivileged --type oss | |
# # unprivileged-oss image push [Github] | |
# - name: Tag container image for Push to github [unprivileged-oss date] | |
# run: docker tag nginx-s3-gateway:unprivileged-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:unprivileged-oss-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to github [unprivileged-oss] | |
# run: docker tag nginx-s3-gateway:unprivileged-oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:unprivileged-oss | |
# - name: Push container image to github [unprivileged-oss date] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:unprivileged-oss-${{ steps.date.outputs.date }} | |
# - name: Push container image to github [unprivileged-oss] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:unprivileged-oss | |
# # Run tests and builds image | |
# - name: Run tests - stable njs version | |
# run: ./test.sh --type oss | |
# # oss image push [Github] | |
# - name: Tag container image for Push to github [oss date] | |
# run: docker tag nginx-s3-gateway:oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to github [oss] | |
# run: docker tag nginx-s3-gateway:oss docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest | |
# - name: Push container image to github [oss date] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest-${{ steps.date.outputs.date }} | |
# - name: Push container image to github [oss latest] | |
# run: docker push docker.pkg.github.com/$GITHUB_REPOSITORY/nginx-oss-s3-gateway:latest | |
# # Login to Docker Hub | |
# - name: Login to Docker Hub | |
# uses: docker/login-action@v1 | |
# with: | |
# username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
# password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
# # latest-njs-oss image push [Docker Hub] | |
# - name: Tag container image for Push to Docker Hub [latest-njs-oss date] | |
# run: docker tag nginx-s3-gateway:latest-njs-oss nginxinc/nginx-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to Docker Hub [latest-njs-oss] | |
# run: docker tag nginx-s3-gateway:latest-njs-oss nginxinc/nginx-s3-gateway:latest-njs-oss | |
# - name: Push container image to Docker Hub [latest-njs-oss date] | |
# run: docker push nginxinc/nginx-s3-gateway:latest-njs-oss-${{ steps.date.outputs.date }} | |
# - name: Push container image to Docker Hub [latest-njs-oss] | |
# run: docker push nginxinc/nginx-s3-gateway:latest-njs-oss | |
# # unprivileged-oss image push [Docker Hub] | |
# - name: Tag container image for Push to Docker Hub [unprivileged-oss date] | |
# run: docker tag nginx-s3-gateway:unprivileged-oss nginxinc/nginx-s3-gateway:unprivileged-oss-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to Docker Hub [unprivileged-oss] | |
# run: docker tag nginx-s3-gateway:unprivileged-oss nginxinc/nginx-s3-gateway:unprivileged-oss | |
# - name: Push container image to Docker Hub [unprivileged-oss date] | |
# run: docker push nginxinc/nginx-s3-gateway:unprivileged-oss-${{ steps.date.outputs.date }} | |
# - name: Push container image to Docker Hub [unprivileged-oss] | |
# run: docker push nginxinc/nginx-s3-gateway:unprivileged-oss | |
# # oss image push [Docker Hub] | |
# - name: Tag container image for Push to Docker Hub [oss date] | |
# run: docker tag nginx-s3-gateway:oss nginxinc/nginx-s3-gateway:latest-${{ steps.date.outputs.date }} | |
# - name: Tag container image for Push to Docker Hub [oss] | |
# run: docker tag nginx-s3-gateway:oss nginxinc/nginx-s3-gateway:latest | |
# - name: Push container image to Docker Hub [oss date] | |
# run: docker push nginxinc/nginx-s3-gateway:latest-${{ steps.date.outputs.date }} | |
# - name: Push container image to Docker Hub [oss latest] | |
# run: docker push nginxinc/nginx-s3-gateway:latest |