From abba6074284930ecc2bea94b624c8dc07fab9aad Mon Sep 17 00:00:00 2001 From: Russel Waters Date: Tue, 3 Nov 2020 13:16:29 -0800 Subject: [PATCH] github container repo (#3034) update dockerfiles to include required label for github container repo reference tags are generated for both locations using build-docker-image push to ghcr.io using module for login in and push --- .github/workflows/beta_artifacts.yml | 10 ++- .github/workflows/develop.yml | 8 ++ .github/workflows/live_artifacts.yml | 8 ++ .github/workflows/test_network_artifacts.yml | 10 ++- ci/actions/linux/deploy-docker.sh | 87 +++++++++++--------- ci/actions/linux/ghcr_push.sh | 15 ++++ ci/build-docker-image.sh | 9 +- docker/ci/Dockerfile-base | 3 + docker/ci/Dockerfile-clang | 2 + docker/ci/Dockerfile-clang-6 | 2 + docker/ci/Dockerfile-gcc | 2 + docker/node/Dockerfile | 2 + 12 files changed, 112 insertions(+), 46 deletions(-) create mode 100755 ci/actions/linux/ghcr_push.sh diff --git a/.github/workflows/beta_artifacts.yml b/.github/workflows/beta_artifacts.yml index 137b7401a4..dfd4d4bcce 100644 --- a/.github/workflows/beta_artifacts.yml +++ b/.github/workflows/beta_artifacts.yml @@ -73,7 +73,15 @@ jobs: run: TRAVIS_TAG=${TAG} ci/actions/linux/deploy-docker.sh env: DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - + - name: Login to ghcr.io + uses: docker/login-action@adb7347 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GHCR_PAT }} + - name: Deploy Docker (ghcr.io) + run: ci/actions/linux/ghcr_push.sh + windows_job: runs-on: windows-latest steps: diff --git a/.github/workflows/develop.yml b/.github/workflows/develop.yml index 6bfe426e68..6097581b5d 100644 --- a/.github/workflows/develop.yml +++ b/.github/workflows/develop.yml @@ -13,6 +13,14 @@ jobs: run: git submodule update --init --recursive - name: Fetch Deps run: ci/actions/linux/install_deps.sh + - name: Login to ghcr.io + uses: docker/login-action@adb7347 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GHCR_PAT }} + - name: Deploy Docker (ghcr.io) + run: ci/actions/linux/ghcr_push.sh - name: Deploy Docker (nanocurrency/nano-env) run: ci/actions/linux/deploy-docker.sh env: diff --git a/.github/workflows/live_artifacts.yml b/.github/workflows/live_artifacts.yml index 8b6e5eb1fd..a8211f8197 100644 --- a/.github/workflows/live_artifacts.yml +++ b/.github/workflows/live_artifacts.yml @@ -72,6 +72,14 @@ jobs: run: TRAVIS_TAG=${TAG} ci/actions/linux/deploy-docker.sh env: DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + - name: Login to ghcr.io + uses: docker/login-action@adb7347 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GHCR_PAT }} + - name: Deploy Docker (ghcr.io + run: ci/actions/linux/ghcr_push.sh windows_job: runs-on: windows-latest diff --git a/.github/workflows/test_network_artifacts.yml b/.github/workflows/test_network_artifacts.yml index 7be9db06fd..d819328e45 100644 --- a/.github/workflows/test_network_artifacts.yml +++ b/.github/workflows/test_network_artifacts.yml @@ -72,7 +72,15 @@ jobs: run: TRAVIS_TAG=${TAG} ci/actions/linux/deploy-docker.sh env: DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - + - name: Login to ghcr.io + uses: docker/login-action@adb7347 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GHCR_PAT }} + - name: Deploy Docker (ghcr.io) + run: ci/actions/linux/ghcr_push.sh + windows_job: runs-on: windows-latest steps: diff --git a/ci/actions/linux/deploy-docker.sh b/ci/actions/linux/deploy-docker.sh index 777ec6191c..2e4f131424 100755 --- a/ci/actions/linux/deploy-docker.sh +++ b/ci/actions/linux/deploy-docker.sh @@ -2,11 +2,49 @@ set -e + +scripts="$PWD/ci" +TRAVIS_BRANCH=`git branch| cut -f2 -d' '` +tags=() +if [ -n "$TRAVIS_TAG" ]; then + tags+=("$TRAVIS_TAG" latest) + if [[ "$GITHUB_WORKFLOW" = "Beta" || "$GITHUB_WORKFLOW" = "TestNetwork" ]]; then + tags+=(latest-including-rc) + fi +elif [ -n "$TRAVIS_BRANCH" ]; then + TRAVIS_TAG=$TRAVIS_BRANCH + tags+=("$TRAVIS_BRANCH") +fi +if [[ "$GITHUB_WORKFLOW" = "Live" ]]; then + echo "Live" + network_tag_suffix='' + network="live" +elif [[ "$GITHUB_WORKFLOW" = "Beta" ]]; then + echo "Beta" + network_tag_suffix="-beta" + network="beta" +elif [[ "$GITHUB_WORKFLOW" = "TestNetwork" ]]; then + echo "Test" + network_tag_suffix="-test" + network="test" +fi +if [[ "$GITHUB_WORKFLOW" != "Develop" ]]; then + docker_image_name="nanocurrency/nano${network_tag_suffix}" + ghcr_image_name="ghcr.io/${GITHUB_REPOSITORY}/nano${network_tag_suffix}" + "$scripts"/build-docker-image.sh docker/node/Dockerfile "$docker_image_name" --build-arg NETWORK="$network" --build-arg CI_BUILD=true --build-arg TRAVIS_TAG="$TRAVIS_TAG" + for tag in "${tags[@]}"; do + # Sanitize docker tag + # https://docs.docker.com/engine/reference/commandline/tag/ + tag="$(printf '%s' "$tag" | tr -c '[a-z][A-Z][0-9]_.-' -)" + if [ "$tag" != "latest" ]; then + docker tag "$docker_image_name" "${docker_image_name}:$tag" + docker tag "$ghcr_image_name" "${ghcr_image_name}:$tag" + fi + done +fi + if [ -n "$DOCKER_PASSWORD" ]; then echo "$DOCKER_PASSWORD" | docker login -u nanoreleaseteam --password-stdin - - scripts="$PWD/ci" - TRAVIS_BRANCH=`git branch| cut -f2 -d' '` if [[ "$GITHUB_WORKFLOW" = "Develop" ]]; then "$scripts"/custom-timeout.sh 30 docker push "nanocurrency/nano-env:base" "$scripts"/custom-timeout.sh 30 docker push "nanocurrency/nano-env:gcc" @@ -14,46 +52,13 @@ if [ -n "$DOCKER_PASSWORD" ]; then echo "Deployed nano-env" exit 0 else - tags=() - if [ -n "$TRAVIS_TAG" ]; then - tags+=("$TRAVIS_TAG" latest) - if [[ "$GITHUB_WORKFLOW" = "Beta" || "$GITHUB_WORKFLOW" = "TestNetwork" ]]; then - tags+=(latest-including-rc) - fi - elif [ -n "$TRAVIS_BRANCH" ]; then - TRAVIS_TAG=$TRAVIS_BRANCH - tags+=("$TRAVIS_BRANCH") - fi - if [[ "$GITHUB_WORKFLOW" = "Live" ]]; then - echo "Live" - network_tag_suffix='' - network="live" - elif [[ "$GITHUB_WORKFLOW" = "Beta" ]]; then - echo "Beta" - network_tag_suffix="-beta" - network="beta" - elif [[ "$GITHUB_WORKFLOW" = "TestNetwork" ]]; then - echo "Test" - network_tag_suffix="-test" - network="test" - else - echo "Nothing to deploy" - exit 1 - fi - docker_image_name="nanocurrency/nano${network_tag_suffix}" - "$scripts"/custom-timeout.sh 30 docker build --build-arg NETWORK="$network" --build-arg CI_BUILD=true --build-arg TRAVIS_TAG="$TRAVIS_TAG" -f docker/node/Dockerfile -t "$docker_image_name" . - for tag in "${tags[@]}"; do - # Sanitize docker tag - # https://docs.docker.com/engine/reference/commandline/tag/ - tag="$(printf '%s' "$tag" | tr -c '[a-z][A-Z][0-9]_.-' -)" - if [ "$tag" != "latest" ]; then - docker tag "$docker_image_name" "${docker_image_name}:$tag" - fi - "$scripts"/custom-timeout.sh 30 docker push "${docker_image_name}:$tag" + tags=`docker images --format '{{.Repository}}:{{.Tag }}'| grep nanocurrency |grep -vE "env|ghcr.io|none"` + for a in $tags; do + "$scripts"/custom-timeout.sh 30 docker push "$a" done + echo "$docker_image_name with tags ${tags//$'\n'/' '} deployed" fi - echo "$docker_image_name with tags ${tags[*]} deployed" else echo "\$DOCKER_PASSWORD environment variable required" - exit 1 + exit 0 fi \ No newline at end of file diff --git a/ci/actions/linux/ghcr_push.sh b/ci/actions/linux/ghcr_push.sh new file mode 100755 index 0000000000..d99a582503 --- /dev/null +++ b/ci/actions/linux/ghcr_push.sh @@ -0,0 +1,15 @@ +#!/bin/bash +set -e + + +scripts="$PWD/ci" +if [[ "$GITHUB_WORKFLOW" = "Develop" ]]; then + "$scripts"/custom-timeout.sh 30 docker push "ghcr.io/${GITHUB_REPOSITORY}/nano-env:base" + "$scripts"/custom-timeout.sh 30 docker push "ghcr.io/${GITHUB_REPOSITORY}/nano-env:gcc" + "$scripts"/custom-timeout.sh 30 docker push "ghcr.io/${GITHUB_REPOSITORY}/nano-env:clang-6" +else + tags=`docker images --format '{{.Repository}}:{{.Tag }}'| grep "ghcr.io" | grep -vE "env|none"` + for a in $tags; do + "$scripts"/custom-timeout.sh 30 docker push "$a" + done +fi \ No newline at end of file diff --git a/ci/build-docker-image.sh b/ci/build-docker-image.sh index 6268adb39f..e76a1eb126 100755 --- a/ci/build-docker-image.sh +++ b/ci/build-docker-image.sh @@ -8,10 +8,13 @@ fi dockerFile="$1" dockerTag="$2" +githubTag="ghcr.io/${GITHUB_REPOSITORY}/${dockerTag#*/}" shift; shift scripts="$(dirname "$0")" -"$scripts"/custom-timeout.sh 20 docker pull "${dockerTag}" || true -echo "Building $dockerTag" -"$scripts"/custom-timeout.sh 30 docker build "$@" -f "${dockerFile}" -t "${dockerTag}" --cache-from "${dockerTag}" . +"$scripts"/custom-timeout.sh 20 docker pull "${githubTag}" || true +echo "Building $githubTag" +"$scripts"/custom-timeout.sh 30 docker build "$@" --build-arg REPOSITORY=${GITHUB_REPOSITORY} -f "${dockerFile}" -t "${githubTag}" --cache-from "${githubTag}" . +echo "Tagging ${dockerTag} from ${githubTag}" +docker tag $githubTag $dockerTag \ No newline at end of file diff --git a/docker/ci/Dockerfile-base b/docker/ci/Dockerfile-base index 3bcd7bf290..bd7b9676e5 100644 --- a/docker/ci/Dockerfile-base +++ b/docker/ci/Dockerfile-base @@ -17,3 +17,6 @@ RUN apt-get update -qq && apt-get install -yqq \ qt5-default \ valgrind \ xorg xvfb xauth xfonts-100dpi xfonts-75dpi xfonts-scalable xfonts-cyrillic + +ARG REPOSITORY=nanocurrency/nano-node +LABEL org.opencontainers.image.source https://github.com/$REPOSITORY \ No newline at end of file diff --git a/docker/ci/Dockerfile-clang b/docker/ci/Dockerfile-clang index 2f2aa6d614..323b21b5ac 100644 --- a/docker/ci/Dockerfile-clang +++ b/docker/ci/Dockerfile-clang @@ -19,3 +19,5 @@ RUN ./fetch_boost.sh # see https://www.boost.org/doc/libs/1_70_0/doc/html/stacktrace/configuration_and_build.html#stacktrace.configuration_and_build.f3 RUN ln -s /usr/lib/gcc/x86_64-linux-gnu/5/include/backtrace.h /tmp/backtrace.h +ARG REPOSITORY=nanocurrency/nano-node +LABEL org.opencontainers.image.source https://github.com/$REPOSITORY \ No newline at end of file diff --git a/docker/ci/Dockerfile-clang-6 b/docker/ci/Dockerfile-clang-6 index 47c47052b4..1168b99fb0 100644 --- a/docker/ci/Dockerfile-clang-6 +++ b/docker/ci/Dockerfile-clang-6 @@ -25,3 +25,5 @@ RUN COMPILER=clang-6 ./fetch_boost.sh # see https://www.boost.org/doc/libs/1_70_0/doc/html/stacktrace/configuration_and_build.html#stacktrace.configuration_and_build.f3 RUN ln -s /usr/lib/gcc/x86_64-linux-gnu/5/include/backtrace.h /tmp/backtrace.h +ARG REPOSITORY=nanocurrency/nano-node +LABEL org.opencontainers.image.source https://github.com/$REPOSITORY \ No newline at end of file diff --git a/docker/ci/Dockerfile-gcc b/docker/ci/Dockerfile-gcc index 5b012fb7ec..528c073847 100644 --- a/docker/ci/Dockerfile-gcc +++ b/docker/ci/Dockerfile-gcc @@ -7,3 +7,5 @@ ENV BOOST_ROOT=/tmp/boost ADD util/build_prep/fetch_boost.sh fetch_boost.sh RUN COMPILER=gcc ./fetch_boost.sh +ARG REPOSITORY=nanocurrency/nano-node +LABEL org.opencontainers.image.source https://github.com/$REPOSITORY \ No newline at end of file diff --git a/docker/node/Dockerfile b/docker/node/Dockerfile index 36b81ded92..1399df6448 100644 --- a/docker/node/Dockerfile +++ b/docker/node/Dockerfile @@ -40,3 +40,5 @@ USER root ENV PATH="${PATH}:/usr/bin" ENTRYPOINT ["/usr/bin/entry.sh"] CMD ["nano_node", "daemon", "-l"] +ARG REPOSITORY=nanocurrency/nano-node +LABEL org.opencontainers.image.source https://github.com/$REPOSITORY \ No newline at end of file