Skip to content

Commit

Permalink
fix: allow to run CD also as workflow_dispatch, increase image push r…
Browse files Browse the repository at this point in the history
…etry as quay.io throttles calls
  • Loading branch information
matihost committed Nov 5, 2024
1 parent e05f444 commit 46bfb20
Show file tree
Hide file tree
Showing 5 changed files with 15 additions and 14 deletions.
3 changes: 1 addition & 2 deletions .github/workflows/cd.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,7 @@ env:
jobs:
sources:
name: Checkout

if: ${{ github.event.workflow_run.conclusion == 'success' }}
if: ${{ github.event_name != 'workflow_run' || github.event.workflow_run.conclusion == 'success' }}
runs-on: ${{ inputs.runner || 'ubuntu-24.04' }}
timeout-minutes: 5
container:
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,7 @@ jobs:
run: |
mkdir -p /kaniko/.docker
echo "{\"auths\":{\"${{ env.REGISTRY }}\":{\"username\":\"${{ env.REGISTRY_USER }}\",\"password\":\"${{ env.REGISTRY_PASSWORD }}\"}}}" > /kaniko/.docker/config.json
/kaniko/executor -f ./Dockerfile -c "$(pwd)" --insecure --ignore-path=/var/mail --ignore-path=/var/spool/mail --push-retry 2 --skip-tls-verify --cache=false \
/kaniko/executor -f ./Dockerfile -c "$(pwd)" --insecure --ignore-path=/var/mail --ignore-path=/var/spool/mail --push-retry 5 --skip-tls-verify --cache=false \
--use-new-run --snapshot-mode=redo \
--build-arg JAR_FILE=target/*.jar \
--destination="${{ env.REGISTRY }}/matihost/mq/basic-client:${{ env.IMAGE_TAG }}"
Expand Down Expand Up @@ -167,7 +167,7 @@ jobs:
mkdir -p /kaniko/.docker
echo "{\"auths\":{\"${{ env.REGISTRY }}\":{\"username\":\"${{ env.REGISTRY_USER }}\",\"password\":\"${{ env.REGISTRY_PASSWORD }}\"}}}" > /kaniko/.docker/config.json
echo "Building Java commandline image"
/kaniko/executor -f ./Dockerfile -c "$(pwd)" --insecure --ignore-path=/var/mail --ignore-path=/var/spool/mail --push-retry 2 --skip-tls-verify --cache=false \
/kaniko/executor -f ./Dockerfile -c "$(pwd)" --insecure --ignore-path=/var/mail --ignore-path=/var/spool/mail --push-retry 5 --skip-tls-verify --cache=false \
--use-new-run --snapshot-mode=redo \
--build-arg JAR_FILE=target/*.jar \
--destination="${{ env.REGISTRY }}/matihost/commandline:${{ env.IMAGE_TAG }}"
Expand Down Expand Up @@ -356,7 +356,7 @@ jobs:
run: |
mkdir -p /kaniko/.docker
echo "{\"auths\":{\"${{ env.REGISTRY }}\":{\"username\":\"${{ env.REGISTRY_USER }}\",\"password\":\"${{ env.REGISTRY_PASSWORD }}\"}}}" > /kaniko/.docker/config.json
/kaniko/executor -f ./Dockerfile -c "$(pwd)" --insecure --push-retry 2 - --skip-tls-verify --cache=true --ignore-path=/var/mail --ignore-path=/var/spool/mail \
/kaniko/executor -f ./Dockerfile -c "$(pwd)" --insecure --push-retry 5 - --skip-tls-verify --cache=true --ignore-path=/var/mail --ignore-path=/var/spool/mail \
--destination="${{ env.REGISTRY }}/matihost/ansible:${{ env.IMAGE_TAG }}"
image-build-ghcr:
needs: sources
Expand Down Expand Up @@ -385,4 +385,4 @@ jobs:
-f ./Dockerfile \
--destination="ghcr.io/${{ github.repository }}/ansible:${{ env.IMAGE_TAG }}" \
--insecure --skip-tls-verify --cache=true --ignore-path=/var/mail --ignore-path=/var/spool/mail \
--push-retry 2
--push-retry 5
2 changes: 1 addition & 1 deletion .github/workflows/gcp.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ jobs:
- name: Build
working-directory: k8s/images/ansible
run: |-
/kaniko/executor -f ./Dockerfile -c "$(pwd)" --insecure --push-retry 2 - --skip-tls-verify --cache=true --ignore-path=/var/mail --ignore-path=/var/spool/mail \
/kaniko/executor -f ./Dockerfile -c "$(pwd)" --insecure --push-retry 5 - --skip-tls-verify --cache=true --ignore-path=/var/mail --ignore-path=/var/spool/mail \
--destination="${GAR_LOCATION}-docker.pkg.dev/${GCP_PROJECT}/${GAR_REPOSITORY}/ansible:${{ env.IMAGE_TAG }}"
- name: Set up GKE credentials
uses: google-github-actions/get-gke-credentials@v2
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/images-wo-checkout.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ jobs:
-f ./k8s/images/ansible/Dockerfile \
--destination="gcr.io/${{ env.GCP_PROJECT }}/ansible:${{ env.IMAGE_TAG }}" \
--insecure --skip-tls-verify --cache=true --ignore-path=/var/mail --ignore-path=/var/spool/mail \
--push-retry 2 --image-name-with-digest-file /workspace/image-digest.txt
--push-retry 5 --image-name-with-digest-file /workspace/image-digest.txt
image-build-generic-registry:
runs-on: ${{ inputs.runner || 'ubuntu-24.04' }}
Expand All @@ -76,7 +76,7 @@ jobs:
-f ./k8s/images/ansible/Dockerfile \
--destination="${{ env.REGISTRY }}/matihost/ansible:${{ env.IMAGE_TAG }}" \
--insecure --skip-tls-verify --cache=true --ignore-path=/var/mail --ignore-path=/var/spool/mail \
--push-retry 2 --image-name-with-digest-file /workspace/image-digest.txt
--push-retry 5 --image-name-with-digest-file /workspace/image-digest.txt
# kaniko does not allow to build second image - hence it has to run as separated job
# https://github.com/GoogleContainerTools/kaniko/issues/1118
Expand All @@ -101,4 +101,4 @@ jobs:
-f ./k8s/images/ansible/Dockerfile \
--destination="ghcr.io/${{ github.repository }}/ansible:${{ env.IMAGE_TAG }}" \
--insecure --skip-tls-verify --cache=true --ignore-path=/var/mail --ignore-path=/var/spool/mail \
--push-retry 2 --image-name-with-digest-file /workspace/image-digest.txt
--push-retry 5 --image-name-with-digest-file /workspace/image-digest.txt
10 changes: 6 additions & 4 deletions k8s/images/gh-images/cd/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
# syntax=docker/dockerfile:1
FROM ubuntu:24.04
RUN apt -y update && apt -y install make binutils curl wget lsb-release gnupg apt-transport-https ca-certificates jq \
RUN apt -y update && apt -y install make binutils curl wget lsb-release gnupg apt-transport-https ca-certificates jq unzip \
&& curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - \
&& echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" > /etc/apt/sources.list.d/google-cloud-sdk.list \
&& apt -y update && apt -y install google-cloud-cli kubectl google-cloud-cli-kubectl-oidc google-cloud-cli-gke-gcloud-auth-plugin
RUN curl -sL https://api.github.com/repos/opentofu/opentofu/releases/latest | jq -r ".assets[] | select(.name | test(\"amd64.deb\")) | .browser_download_url" | xargs curl -s -L -o "/tmp/tofu.deb" \
&& apt -y update && apt -y install google-cloud-cli kubectl google-cloud-cli-kubectl-oidc google-cloud-cli-gke-gcloud-auth-plugin \
&& curl -sL https://api.github.com/repos/opentofu/opentofu/releases/latest | jq -r ".assets[] | select(.name | test(\"amd64.deb\")) | .browser_download_url" | xargs curl -s -L -o "/tmp/tofu.deb" \
&& apt -y install /tmp/tofu.deb && rm -rf /tmp/tofu.deb \
&& curl -sL https://api.github.com/repos/gruntwork-io/terragrunt/releases/latest | jq -r ".assets[] | select(.name | test(\"linux_amd64\")) | .browser_download_url" | xargs curl -s -L -o "/usr/local/bin/terragrunt" \
&& chmod a+x /usr/local/bin/terragrunt \
&& rm -rf /var/lib/apt/lists/*
&& rm -rf /var/lib/apt/lists/* \
&& cd $(mktemp -d) && curl -sSLO "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" && unzip awscli-exe-linux-x86_64.zip && aws/install --update \
&& cd .. && rm -rf /tmp/tmp.*

0 comments on commit 46bfb20

Please sign in to comment.