Build workflow with multi-arch images

ozangunalp · Feb 29, 2024 · 69bdd7e · 69bdd7e
1 parent 37a7a39
commit 69bdd7e
Show file tree

Hide file tree

Showing 2 changed files with 120 additions and 36 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -13,55 +13,143 @@ concurrency:
 jobs:
   build:
     runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        arch:
+          - amd64
+          - arm64
+    permissions:
+      contents: read
+      packages: write
+    name: Build Docker Images for ${{ matrix.arch }}
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-java@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
         with:
           java-version: 17
           distribution: temurin
           cache: maven
-          server-id: ossrh
-          server-username: OSSRH_USERNAME # env variable for username in deploy
-          server-password: OSSRH_TOKEN # env variable for token in deploy
-          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Value of the GPG private key to import
-          gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
-          overwrite-settings: false
       - name: Set Image Tag
         run: |
           echo "BUILD_IMAGE_TAG=${GITHUB_REF_NAME}-${GITHUB_SHA}" >> $GITHUB_ENV
+          echo "CONTAINER_REGISTRY=quay.io" >> $GITHUB_ENV
+          echo "CONTAINER_GROUP=ogunalp" >> $GITHUB_ENV
+          echo "ADDITIONAL_TAG=latest-snapshot" >> $GITHUB_ENV
+      - name: Set up QEMU
+        if: matrix.arch == 'arm64'
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: ${{ matrix.arch }}
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          install: true
       - name: Build with Maven
         run: |
-          mvn -s .github/ci-maven-settings.xml -B \
-            clean package -Dnative \
-            -Dquarkus.native.container-build=true \
-            -Dquarkus.container-image.build=true \
-            -Dquarkus.container-image.tag=${BUILD_IMAGE_TAG} \
-            -Dquarkus.container-image.additional-tags=latest-snapshot
+          mvn -s .github/ci-maven-settings.xml -B clean package -Dnative \
+          -Dquarkus.native.additional-build-args=${{ matrix.arch == 'arm64' && '-H:PageSize=65536' || '-march=compatibility' }} \
+          -Dquarkus.container-image.registry=${{ env.CONTAINER_REGISTRY }} \
+          -Dquarkus.container-image.group=${{ env.CONTAINER_GROUP }} \
+          -Dquarkus.native.container-build=true \
+          -Dquarkus.native.container-runtime-options=--platform=linux/${{ matrix.arch }} \
+          -Dquarkus.docker.buildx.platform=linux/${{ matrix.arch }} \
+          -Dquarkus.container-image.build=true \
+          -Dquarkus.container-image.push=false \
+          -Dquarkus.container-image.tag=${{ env.BUILD_IMAGE_TAG }}-${{ matrix.arch }} \
+          -Dquarkus.container-image.additional-tags=${{ env.ADDITIONAL_TAG }}-${{ matrix.arch }}
       - name: Integration Tests with Maven
         run: |
-          mvn -s .github/ci-maven-settings.xml -B \
-            clean verify -Dtest-container \
-            -Dkafka-native-container-version=${BUILD_IMAGE_TAG} \
-            -Dzookeeper-native-container-version=${BUILD_IMAGE_TAG}
-      - name: Release Snapshots
-        run: |
-          mvn -s .github/ci-maven-settings.xml -B \
-            clean deploy -DskipTests -Prelease
-        env:
-          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
-          OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
-          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
-      - name: Push To quay.io
-        id: push-to-quay
-        uses: redhat-actions/push-to-registry@v2
+          mvn -s .github/ci-maven-settings.xml -B clean verify -Dtest-container \
+            -Dkafka-native-container-image=${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/kafka-native \
+            -Dkafka-native-container-version=${{ env.BUILD_IMAGE_TAG }}-${{ matrix.arch }} \
+            -Dzookeeper-native-container-image=${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/zookeeper-native \
+            -Dzookeeper-native-container-version=${{ env.BUILD_IMAGE_TAG }}-${{ matrix.arch }}
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
         with:
-          tags: quay.io/ogunalp/kafka-native:latest-snapshot quay.io/ogunalp/kafka-native:${{ env.BUILD_IMAGE_TAG }} quay.io/ogunalp/zookeeper-native:latest-snapshot quay.io/ogunalp/zookeeper-native:${{ env.BUILD_IMAGE_TAG }}
-          username: ${{ secrets.QUAY_USERNAME }}
-          password: ${{ secrets.QUAY_ROBOT_TOKEN }}
+          registry: ${{ env.CONTAINER_REGISTRY }}
+          username: ${{ secrets.QUAY_USERNAME }} # ${{ github.actor }}
+          password: ${{ secrets.QUAY_ROBOT_TOKEN }} # ${{ secrets.GITHUB_TOKEN }}
+      - name: Push kafka-native images
+        working-directory: ${{ matrix.project.name }}
+        run: "docker push -a ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/kafka-native"
+      - name: Push zookeeper-native images
+        working-directory: ${{ matrix.project.name }}
+        run: "docker push -a ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/zookeeper-native"
       - name: Upload artifacts
         if: failure()
         uses: actions/upload-artifact@v3
         with:
           name: integration-test-logs
           retention-days: 3
           path: kafka-native-test-container/target/container-logs/
+
+  create-multiarch-manifest:
+    needs: build
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        container:
+          - kafka-native
+          - zookeeper-native
+    permissions:
+      contents: read
+      packages: write
+    name: Create Multiarch Docker Images for ${{ matrix.container }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          java-version: 17
+          distribution: temurin
+          cache: maven
+      - name: Set Image Tag
+        run: |
+          echo "BUILD_IMAGE_TAG=${GITHUB_REF_NAME}-${GITHUB_SHA}" >> $GITHUB_ENV
+          echo "CONTAINER_REGISTRY=quay.io" >> $GITHUB_ENV
+          echo "CONTAINER_GROUP=ogunalp" >> $GITHUB_ENV
+          echo "ADDITIONAL_TAG=latest-snapshot" >> $GITHUB_ENV
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.CONTAINER_REGISTRY }}
+          username: ${{ secrets.QUAY_USERNAME }} # ${{ github.actor }}
+          password: ${{ secrets.QUAY_ROBOT_TOKEN }} # ${{ secrets.GITHUB_TOKEN }}
+      - name: Create and push multi-arch manifests ${{ matrix.container }}
+        shell: bash
+        run: |
+          docker manifest create ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/${{ matrix.container }}:${{ env.BUILD_IMAGE_TAG }} \
+            -a ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/${{ matrix.container }}:${{ env.BUILD_IMAGE_TAG }}-amd64 \
+            -a ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/${{ matrix.container }}:${{ env.BUILD_IMAGE_TAG }}-arm64
+          docker manifest push ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/${{ matrix.container }}:${{ env.BUILD_IMAGE_TAG }}
+          docker manifest create ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/${{ matrix.container }}:${{ env.ADDITIONAL_TAG }} \
+            -a ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/${{ matrix.container }}:${{ env.ADDITIONAL_TAG }}-amd64 \
+            -a ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/${{ matrix.container }}:${{ env.ADDITIONAL_TAG }}-arm64
+          docker manifest push ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/${{ matrix.container }}:${{ env.ADDITIONAL_TAG }}
+
+  release-maven:
+    needs: create-multiarch-manifest
+    runs-on: ubuntu-latest
+    name: Release Snapshots to Maven Central
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          java-version: 17
+          distribution: temurin
+          cache: maven
+          server-id: ossrh
+          server-username: OSSRH_USERNAME # env variable for username in deploy
+          server-password: OSSRH_TOKEN # env variable for token in deploy
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Value of the GPG private key to import
+          gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
+          overwrite-settings: false
+      - name: Release Snapshots
+        run: |
+          mvn -s .github/ci-maven-settings.xml -B \
+            clean deploy -DskipTests -Prelease
+        env:
+          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
diff --git a/.github/workflows/multi-arch-images.yml b/.github/workflows/multi-arch-images.yml
@@ -2,8 +2,6 @@
 name: Multi-Arch Images Test
 
 on:
-  push:
-    branches: [ "multi-arch-images" ]
   workflow_dispatch:
 
 concurrency:
@@ -57,8 +55,6 @@ jobs:
           -Dquarkus.container-image.push=false \
           -Dquarkus.container-image.tag=${{ env.BUILD_IMAGE_TAG }}-${{ matrix.arch }} \
           -Dquarkus.container-image.additional-tags=latest-snapshot-${{ matrix.arch }}
-      - name: Inspect Image
-        run: docker inspect ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_GROUP }}/kafka-native:${{ env.BUILD_IMAGE_TAG }}-${{ matrix.arch }}
       - name: Integration Tests with Maven
         run: |
           mvn -s .github/ci-maven-settings.xml -B clean verify -Dtest-container \