name: Build and Push Docker Image on: workflow_call: inputs: dockerfile-path: required: true type: string image-name: required: true type: string outputs: build-tools-tag: description: "tag generated for build tools" value: ${{ jobs.tag.outputs.build-tools-tag }} jobs: check-if-build-tools-dockerfile-changed: runs-on: ubuntu-latest outputs: docker_file_changed: ${{ steps.dockerfile.outputs.docker_file_changed }} steps: - name: Check if Dockerfile.buildtools has changed id: dockerfile run: | if [[ "$GITHUB_EVENT_NAME" != "pull_request" ]]; then echo "docker_file_changed=false" >> $GITHUB_OUTPUT exit fi updated_files=$(gh pr --repo neondatabase/neon diff ${{ github.event.pull_request.number }} --name-only) if [[ $updated_files == *"Dockerfile.buildtools"* ]]; then echo "docker_file_changed=true" >> $GITHUB_OUTPUT fi env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} tag: runs-on: ubuntu-latest needs: [ check-if-build-tools-dockerfile-changed ] outputs: build-tools-tag: ${{steps.buildtools-tag.outputs.image_tag}} steps: - name: Get buildtools tag env: DOCKERFILE_CHANGED: ${{ needs.check-if-build-tools-dockerfile-changed.outputs.docker_file_changed }} run: | if [[ "$GITHUB_EVENT_NAME" == "pull_request" ]] && [[ "${DOCKERFILE_CHANGED}" == "true" ]]; then IMAGE_TAG=$GITHUB_RUN_ID else IMAGE_TAG=pinned fi echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT shell: bash id: buildtools-tag kaniko: if: needs.check-if-build-tools-dockerfile-changed.outputs.docker_file_changed == 'true' needs: [ tag, check-if-build-tools-dockerfile-changed ] runs-on: [ self-hosted, dev, x64 ] container: gcr.io/kaniko-project/executor:v1.7.0-debug steps: - name: Checkout uses: actions/checkout@v1 - name: Configure ECR login run: echo "{\"credsStore\":\"ecr-login\"}" > /kaniko/.docker/config.json - name: Kaniko build run: | /kaniko/executor \ --reproducible \ --snapshotMode=redo \ --skip-unused-stages \ --dockerfile ${{ inputs.dockerfile-path }} \ --cache=true \ --cache-repo 369495373322.dkr.ecr.eu-central-1.amazonaws.com/cache \ --destination 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}-amd64 kaniko-arm: if: needs.check-if-build-tools-dockerfile-changed.outputs.docker_file_changed == 'true' needs: [ tag, check-if-build-tools-dockerfile-changed ] runs-on: [ self-hosted, dev, arm64 ] container: gcr.io/kaniko-project/executor:v1.7.0-debug steps: - name: Checkout uses: actions/checkout@v1 - name: Configure ECR login run: echo "{\"credsStore\":\"ecr-login\"}" > /kaniko/.docker/config.json - name: Kaniko build run: | /kaniko/executor \ --reproducible \ --snapshotMode=redo \ --skip-unused-stages \ --dockerfile ${{ inputs.dockerfile-path }} \ --cache=true \ --cache-repo 369495373322.dkr.ecr.eu-central-1.amazonaws.com/cache \ --destination 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}-arm64 manifest: if: needs.check-if-build-tools-dockerfile-changed.outputs.docker_file_changed == 'true' name: 'manifest' runs-on: [ self-hosted, dev, x64 ] needs: - tag - kaniko - kaniko-arm - check-if-build-tools-dockerfile-changed steps: - name: Create manifest run: | docker manifest create 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }} \ --amend 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}-amd64 \ --amend 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}-arm64 - name: Push manifest run: docker manifest push 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}