mirror of
https://github.com/neondatabase/neon.git
synced 2025-12-22 21:59:59 +00:00
4c245b0f5a
## Problem - `docker.io/neondatabase/build-tools:pinned` image is frequently outdated on Docker Hub because there's no automated way to update it. - `update_build_tools_image.yml` workflow contains legacy roll-back logic, which is not required anymore because it updates only a single image. ## Summary of changes - Make `update_build_tools_image.yml` workflow push images to both ECR and Docker Hub - Remove unneeded roll-back logic
125 lines
4.5 KiB
YAML
125 lines
4.5 KiB
YAML
name: Build and Push Docker Image
|
|
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
dockerfile-path:
|
|
required: true
|
|
type: string
|
|
image-name:
|
|
required: true
|
|
type: string
|
|
outputs:
|
|
build-tools-tag:
|
|
description: "tag generated for build tools"
|
|
value: ${{ jobs.tag.outputs.build-tools-tag }}
|
|
|
|
jobs:
|
|
check-if-build-tools-dockerfile-changed:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
docker_file_changed: ${{ steps.dockerfile.outputs.docker_file_changed }}
|
|
steps:
|
|
- name: Check if Dockerfile.buildtools has changed
|
|
id: dockerfile
|
|
run: |
|
|
if [[ "$GITHUB_EVENT_NAME" != "pull_request" ]]; then
|
|
echo "docker_file_changed=false" >> $GITHUB_OUTPUT
|
|
exit
|
|
fi
|
|
updated_files=$(gh pr --repo neondatabase/neon diff ${{ github.event.pull_request.number }} --name-only)
|
|
if [[ $updated_files == *"Dockerfile.buildtools"* ]]; then
|
|
echo "docker_file_changed=true" >> $GITHUB_OUTPUT
|
|
fi
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
tag:
|
|
runs-on: ubuntu-latest
|
|
needs: [ check-if-build-tools-dockerfile-changed ]
|
|
outputs:
|
|
build-tools-tag: ${{steps.buildtools-tag.outputs.image_tag}}
|
|
|
|
steps:
|
|
- name: Get buildtools tag
|
|
env:
|
|
DOCKERFILE_CHANGED: ${{ needs.check-if-build-tools-dockerfile-changed.outputs.docker_file_changed }}
|
|
run: |
|
|
if [[ "$GITHUB_EVENT_NAME" == "pull_request" ]] && [[ "${DOCKERFILE_CHANGED}" == "true" ]]; then
|
|
IMAGE_TAG=$GITHUB_RUN_ID
|
|
else
|
|
IMAGE_TAG=pinned
|
|
fi
|
|
|
|
echo "image_tag=${IMAGE_TAG}" >> $GITHUB_OUTPUT
|
|
shell: bash
|
|
id: buildtools-tag
|
|
|
|
kaniko:
|
|
if: needs.check-if-build-tools-dockerfile-changed.outputs.docker_file_changed == 'true'
|
|
needs: [ tag, check-if-build-tools-dockerfile-changed ]
|
|
runs-on: [ self-hosted, dev, x64 ]
|
|
container: gcr.io/kaniko-project/executor:v1.7.0-debug
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v1
|
|
|
|
- name: Configure ECR login
|
|
run: echo "{\"credsStore\":\"ecr-login\"}" > /kaniko/.docker/config.json
|
|
|
|
- name: Kaniko build
|
|
run: |
|
|
/kaniko/executor \
|
|
--reproducible \
|
|
--snapshotMode=redo \
|
|
--skip-unused-stages \
|
|
--dockerfile ${{ inputs.dockerfile-path }} \
|
|
--cache=true \
|
|
--cache-repo 369495373322.dkr.ecr.eu-central-1.amazonaws.com/cache \
|
|
--destination 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}-amd64
|
|
|
|
kaniko-arm:
|
|
if: needs.check-if-build-tools-dockerfile-changed.outputs.docker_file_changed == 'true'
|
|
needs: [ tag, check-if-build-tools-dockerfile-changed ]
|
|
runs-on: [ self-hosted, dev, arm64 ]
|
|
container: gcr.io/kaniko-project/executor:v1.7.0-debug
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v1
|
|
|
|
- name: Configure ECR login
|
|
run: echo "{\"credsStore\":\"ecr-login\"}" > /kaniko/.docker/config.json
|
|
|
|
- name: Kaniko build
|
|
run: |
|
|
/kaniko/executor \
|
|
--reproducible \
|
|
--snapshotMode=redo \
|
|
--skip-unused-stages \
|
|
--dockerfile ${{ inputs.dockerfile-path }} \
|
|
--cache=true \
|
|
--cache-repo 369495373322.dkr.ecr.eu-central-1.amazonaws.com/cache \
|
|
--destination 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}-arm64
|
|
|
|
manifest:
|
|
if: needs.check-if-build-tools-dockerfile-changed.outputs.docker_file_changed == 'true'
|
|
name: 'manifest'
|
|
runs-on: [ self-hosted, dev, x64 ]
|
|
needs:
|
|
- tag
|
|
- kaniko
|
|
- kaniko-arm
|
|
- check-if-build-tools-dockerfile-changed
|
|
|
|
steps:
|
|
- name: Create manifest
|
|
run: |
|
|
docker manifest create 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }} \
|
|
--amend 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}-amd64 \
|
|
--amend 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}-arm64
|
|
|
|
- name: Push manifest
|
|
run: docker manifest push 369495373322.dkr.ecr.eu-central-1.amazonaws.com/${{ inputs.image-name }}:${{ needs.tag.outputs.build-tools-tag }}
|