Bake remotely #3497
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
# Trigger CI on all branch pushes but... | |
branches: | |
- "**" | |
# don't double trigger on new tag push when creating release. Should only | |
# trigger once for the release. | |
tags-ignore: | |
- "*.*.*" | |
pull_request: | |
release: | |
types: [created] | |
jobs: | |
check-lint-and-format: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./mkchain | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up Python 3.9 | |
uses: actions/setup-python@v1 | |
with: | |
python-version: 3.9 | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
pip install black isort==5.7.0 autoflake | |
- name: Remove unused imports | |
run: | | |
# one run to output unused imports, another run for exit code | |
autoflake . -r --remove-all-unused-imports | |
autoflake . -r --remove-all-unused-imports -c | |
- name: Sort imports | |
run: isort . --check --diff | |
- name: black | |
run: black . --check | |
# We don't have mkchain tests yet | |
# test: | |
# runs-on: ${{ matrix.os }} | |
# needs: check-lint-and-format | |
# defaults: | |
# run: | |
# working-directory: ./mkchain | |
# strategy: | |
# fail-fast: false | |
# matrix: | |
# python-version: [3.7, 3.8, 3.9] | |
# os: [ubuntu-latest, macos-latest, windows-latest] | |
# steps: | |
# - uses: actions/checkout@v2 | |
# - name: Set up Python ${{ matrix.python-version }} | |
# uses: actions/setup-python@v1 | |
# with: | |
# python-version: ${{ matrix.python-version }} | |
# - name: Install dependencies | |
# run: | | |
# python -m pip install --upgrade pip | |
# pip install pyyaml kubernetes | |
# pip install pytest | |
# - name: Build Python package | |
# run: pip install . | |
# - name: pytest | |
# run: pytest tests | |
publish_mkchain: | |
needs: check-lint-and-format | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
# after we test that the module works on all systems we only need to build one since this is a pure python module | |
matrix: | |
python-version: [3.8] | |
os: [ubuntu-latest] | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-python@v1 | |
with: | |
python-version: ${{ matrix.python-version }} | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
pip install pyyaml | |
pip install wheel | |
- name: Build Python package | |
run: python setup.py bdist_wheel | |
working-directory: mkchain | |
- name: Install wheels | |
run: pip install dist/*.whl | |
working-directory: mkchain | |
- name: Release | |
uses: softprops/action-gh-release@v1 | |
if: startsWith(github.ref, 'refs/tags/') | |
with: | |
files: "**/mkchain/dist/*.whl" | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Publish package to PyPI | |
if: github.event_name == 'release' && github.event.action == 'created' | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
user: __token__ | |
password: ${{ secrets.PYPI_TOKEN }} | |
packages_dir: mkchain/dist/ | |
list_containers_to_publish: | |
# based on | |
# https://stackoverflow.com/a/62953566/207209 | |
runs-on: ubuntu-latest | |
needs: check-lint-and-format | |
outputs: | |
matrix: ${{ steps.gen-containers-matrix.outputs.matrix }} | |
steps: | |
- uses: actions/checkout@v2 | |
- id: gen-containers-matrix | |
run: | | |
container_list=$(jq -c -n --arg cont "$(find -name 'Dockerfile' -printf '%h\n' | sort -u | sed 's/.\///')" '{ container: $cont | split("\n")}') | |
echo "Dynamically generated container list based on subdirectories of the repo with a dockerfile in it. The following list will be passed to next build step:" | |
echo $container_list | |
echo "::set-output name=matrix::$container_list" | |
publish-to-ghcr: | |
runs-on: ubuntu-latest | |
needs: list_containers_to_publish | |
strategy: | |
matrix: ${{fromJson(needs.list_containers_to_publish.outputs.matrix)}} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 | |
submodules: "true" | |
# We configure docker image caching for faster builds. See: | |
# https://evilmartians.com/chronicles/build-images-on-github-actions-with-docker-layer-caching | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@master | |
with: | |
install: true | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Login to registry | |
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Cache Docker layers | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-multi-buildx-${{ matrix.container }}-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-multi-buildx-${{ matrix.container }} | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v3 | |
with: | |
images: ghcr.io/${{ github.repository_owner }}/tezos-k8s-${{ matrix.container }} | |
tags: | | |
type=ref,event=branch | |
type=ref,event=pr | |
type=match,pattern=([0-9]+\.[0-9]+\.[0-9]+),group=1 | |
- name: Push ${{ matrix.container }} container to GHCR | |
uses: docker/build-push-action@v4 | |
with: | |
push: true | |
provenance: false | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
file: ${{ matrix.container }}/Dockerfile | |
context: ${{ matrix.container}}/. | |
platforms: linux/amd64,linux/arm64 | |
# Cache settings | |
builder: ${{ steps.buildx.outputs.name }} | |
cache-from: type=local,src=/tmp/.buildx-cache | |
# Note the mode=max here | |
# More: https://github.com/moby/buildkit#--export-cache-options | |
# And: https://github.com/docker/buildx#--cache-tonametypetypekeyvalue | |
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new | |
# Temp fix | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
- name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
lint_helm_charts: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up Helm | |
uses: azure/setup-helm@v1 | |
with: | |
version: v3.8.1 | |
- name: Lint Helm Charts | |
run: helm lint charts/* | |
test-helm-charts: | |
runs-on: ubuntu-latest | |
needs: lint_helm_charts | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Set up Helm | |
uses: azure/setup-helm@v1 | |
with: | |
version: v3.8.1 | |
- name: Run Helm Template Tests | |
run: ./bin/test-charts | |
publish_helm_charts: | |
runs-on: ubuntu-latest | |
needs: [test-helm-charts, lint_helm_charts, publish-to-ghcr] | |
if: github.event_name == 'release' && github.event.action == 'created' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Install yq | |
run: | | |
sudo wget -q https://github.com/mikefarah/yq/releases/download/v4.2.0/yq_linux_amd64 -O /usr/bin/yq | |
sudo chmod +x /usr/bin/yq | |
- name: Get Release Version | |
id: get_release_version | |
run: echo "::set-output name=RELEASE_VERSION::${GITHUB_REF/refs\/tags\//}" | |
- name: Set Helm Chart and Image Versions | |
run: | | |
set -x | |
RELEASE_VERSION=${{ steps.get_release_version.outputs.RELEASE_VERSION }} | |
for chart in charts/*; do | |
[[ ! -d "$chart" ]] && continue | |
echo $chart | |
# Update Chart.yaml with release version | |
yq e ".version = \"$RELEASE_VERSION\"" -i "$chart/Chart.yaml" | |
# Get oxheadalpha/tezos-k8s images specified in values.yaml | |
tq_images=$(yq e '(.tezos_k8s_images[]) | path | .[-1]' "$chart/values.yaml") | |
# Update the release version of each of tezos-k8s images | |
for image in $tq_images; do | |
image_name=$(yq e ".tezos_k8s_images.$image" $chart/values.yaml | sed -E "s/ghcr.io\/oxheadalpha\/tezos-k8s-(.*):.*/\1/") | |
yq e ".tezos_k8s_images.$image = \"ghcr.io/oxheadalpha/tezos-k8s-$image_name:$RELEASE_VERSION\"" -i $chart/values.yaml | |
done | |
done | |
- name: Publish Helm charts | |
uses: stefanprodan/helm-gh-pages@master | |
with: | |
linting: off # We already linted in a job before | |
token: ${{ secrets.CI_GITHUB_TOKEN }} | |
branch: main | |
owner: ${{ github.repository_owner }} | |
repository: tezos-helm-charts |