Updating image build GH actions WF

Signed-off-by: Matt Oswalt <[email protected]>
nre-learning · Mar 20, 2021 · dcb6a6d · dcb6a6d
1 parent 5bb42d4
commit dcb6a6d
Show file tree

Hide file tree

Showing 2 changed files with 139 additions and 29 deletions.
diff --git a/.github/workflows/generate-preview.yml b/.github/workflows/generate-preview.yml
@@ -0,0 +1,107 @@
+name: Generate Preview
+on:
+  workflow_run:
+    workflows: ["CI"]
+    branches: [master]
+    types: 
+      - completed
+
+jobs:
+  prebuild:
+    runs-on: ubuntu-latest
+    steps:
+
+    # TODO - for security reasons (that we will absolutely want) this will run on the default branch. However we still want to check out the PR branch
+    # so we can build the images.
+
+    - uses: actions/checkout@v2
+
+    # https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/
+
+
+    # - name: Create Preview
+    #   id: create_preview
+    #   run: |
+    #     echo ::set-output name=preview_id::$(./create-preview.sh | jq -r '.ID')
+
+    - name: Get Buildables
+      id: get_buildables
+      run: |
+        echo ::set-output name=buildables::$(cd images && find . -maxdepth 2 -type f -name 'Makefile' -printf '%h;' | tr -d './' | rev | cut -c 2- | rev | jq -Rc 'split(";")')
+
+    - name: Get Changed
+      id: get_buildables
+      run: |
+        echo ::set-output name=changed::$(git diff --name-only master..HEAD images/ | sed -rn 's/images\/([^/]*)\/.*/\\1/p' | tr '\n' ';' | rev | cut -c 2- | rev)
+
+    - name: Get PR number
+      id: get_pr_number
+      run: |
+        echo ::set-output name=pr_number::$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")
+      if: ${{ success() }}
+
+    # - name: Set up QEMU
+    #   uses: docker/setup-qemu-action@v1
+    # - name: Set up Docker Buildx
+    #   uses: docker/setup-buildx-action@v1
+
+    # - name: Login to DockerHub
+    #   uses: docker/login-action@v1
+    #   with:
+    #     username: ${{ secrets.DOCKERHUB_USERNAME }}
+    #     password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+    # https://stackoverflow.com/questions/59175332/using-output-from-a-previous-job-in-a-new-one-in-a-github-action/61236803#61236803
+    outputs:
+      # preview_id: ${{ steps.create_preview.outputs.preview_id }}
+      pr_number: ${{ steps.get_pr_number.outputs.pr_number }}
+      buildables: ${{ steps.get_buildables.outputs.buildables }}
+      changed: ${{ steps.get_changed.outputs.changed }}
+
+  # build:
+  #   needs: prebuild
+  #   runs-on: ubuntu-latest
+
+  #   strategy:
+  #     matrix:
+  #       images_to_build: ${{ fromJson(needs.prebuild.outputs.buildables) }}
+
+  #   steps:
+  #   - uses: actions/checkout@v2
+  #   - name: Build and push
+  #     # VERY IMPORTANT that we statically have "preview-" in the tag name so we don't conflict with existing prod images
+  #     # run: "cd images/${{ matrix.images_to_build }} && TARGET_VERSION=preview-$preview_id make docker"
+
+  #     # TODO - remove this and comment back in the "make docker equivalent" above once you're confident that the directory iteration is done properly
+  #     # with parallelism
+  #     run: "cd images/${{ matrix.images_to_build }} && TARGET_VERSION=preview-$preview_id echo $(pwd)"
+
+  #     env:
+  #       preview_id: ${{needs.prebuild.outputs.preview_id}}
+
+  # # TODO(mierdin) need two retag jobs. One that you populate dynamically and one that you do statically. OR, figure out how to append to an array in github actions
+  # retag_static:
+  #   # Some images can't be built automatically, and therefore should just be retagged from a known-good "source" tag, like a curriculum release.
+
+  #   needs: prebuild
+  #   runs-on: ubuntu-latest
+
+  #   strategy:
+  #     matrix:
+  #       images_to_retag: [
+  #         "vqfx-snap1",
+  #         "vqfx-snap2",
+  #         "vqfx-snap3",
+  #       ]
+
+  #   steps:
+  #   - uses: actions/checkout@v2
+  #   - name: Build and push
+  #     run: "cd images/${{ matrix.images_to_retag }} && docker tag antidotelabs/${{ matrix.images_to_retag }}:$retag_source antidotelabs/${{ matrix.images_to_retag }}:preview-$preview_id && docker push antidotelabs/${{ matrix.images_to_retag }}:preview-$preview_id"
+
+  #     env:
+
+  #       # TODO - this is a weak point, as this may need to get updated every release, if these images change. They often don't, so maybe
+  #       # this is okay for now, and the right thing to do is just fix these images so they can be built properly, at which point
+  #       # this whole job can be deleted.
+  #       retag_source: v1.3.0
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -28,37 +28,40 @@ jobs:
       run: ./check-changelog.sh
       if: ${{ success() }}
 
-    - name: Create Preview
-      id: create_preview
-      run: |
-        echo ::set-output name=preview_id::$(./create-preview.sh | jq -r '.ID')
-      if: ${{ success() }}
+  # ---------------------------
 
-    - name: Get PR number
-      id: get_pr_number
-      run: |
-        echo ::set-output name=pr_number::$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")
-      if: ${{ success() }}
 
-    - name: Build Preview Images
-      id: build_preview_images
-      run: |
-        curl -k -X POST https://abathur.nrelabs.io/api/v1/webhooks/preview_images_build -H "St2-Api-Key: $PREVIEWER_APIK" -H "Content-Type: application/json" \
-          --data "{\"preview_id\": \"$PREVIEW_ID\", \"pr_number\": \"$PREVIEW_PR_NUMBER\", \"status_commit_id\": \"$PREVIEW_STATUS_COMMIT\", \"github_token\": \"$GH_TOKEN\"}"
-      env:
-        PREVIEW_ID: ${{ steps.create_preview.outputs.preview_id }}
-        PREVIEW_STATUS_COMMIT: ${{ github.event.pull_request.head.sha }}
-        PREVIEW_PR_NUMBER: ${{ steps.get_pr_number.outputs.pr_number }}
-        GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    # - name: Create Preview
+    #   id: create_preview
+    #   run: |
+    #     echo ::set-output name=preview_id::$(./create-preview.sh | jq -r '.ID')
+    #   if: ${{ success() }}
 
-        # Locked down account which can only invoke preview webhook
-        PREVIEWER_APIK: MjE0ZTlkYWZjMDg1OTNkOWJkMjQxZDA0Mzk0NzIzNDI1MTc2Nzk0NDVkMjk0MGE5NTNhODkxOTNiMzVmNWM5Mg
-      if: ${{ success() }}
+    # - name: Get PR number
+    #   id: get_pr_number
+    #   run: |
+    #     echo ::set-output name=pr_number::$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")
+    #   if: ${{ success() }}
 
-    - name: Wait for status
-      run: ./wait-for-status.sh ${{ github.event.pull_request.head.sha }}
-      if: ${{ success() }}
+    # - name: Build Preview Images
+    #   id: build_preview_images
+    #   run: |
+    #     curl -k -X POST https://abathur.nrelabs.io/api/v1/webhooks/preview_images_build -H "St2-Api-Key: $PREVIEWER_APIK" -H "Content-Type: application/json" \
+    #       --data "{\"preview_id\": \"$PREVIEW_ID\", \"pr_number\": \"$PREVIEW_PR_NUMBER\", \"status_commit_id\": \"$PREVIEW_STATUS_COMMIT\", \"github_token\": \"$GH_TOKEN\"}"
+    #   env:
+    #     PREVIEW_ID: ${{ steps.create_preview.outputs.preview_id }}
+    #     PREVIEW_STATUS_COMMIT: ${{ github.event.pull_request.head.sha }}
+    #     PREVIEW_PR_NUMBER: ${{ steps.get_pr_number.outputs.pr_number }}
+    #     GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-    - name: Request preview
-      run: ./start-preview.sh ${{ steps.create_preview.outputs.preview_id }}
-      if: ${{ success() }}
+    #     # Locked down account which can only invoke preview webhook
+    #     PREVIEWER_APIK: MjE0ZTlkYWZjMDg1OTNkOWJkMjQxZDA0Mzk0NzIzNDI1MTc2Nzk0NDVkMjk0MGE5NTNhODkxOTNiMzVmNWM5Mg
+    #   if: ${{ success() }}
+
+    # - name: Wait for status
+    #   run: ./wait-for-status.sh ${{ github.event.pull_request.head.sha }}
+    #   if: ${{ success() }}
+
+    # - name: Request preview
+    #   run: ./start-preview.sh ${{ steps.create_preview.outputs.preview_id }}
+    #   if: ${{ success() }}