Skip to content
Snippets Groups Projects
Unverified Commit ec9ca7a3 authored by Joel Takvorian's avatar Joel Takvorian Committed by GitHub
Browse files

Update workflow, setup workflow-test (#126)

* Update workflow, setup workflow-test

- Can trigger workflow from branch workflow-test
- Make default multi-arch to single amd64
- Remove specific ci targets; make shortlive builds more straightforward
- Disambiguate makefile env vs workflow env
- Remove unused targets
- Remove now unused shortlived dockerfile

* Prefer docker over podman for ci
parent 3df4bfe0
Branches
Tags
No related merge requests found
name: Build and push to quay.io name: Build and push to quay.io
on: on:
push: push:
branches: [ main ] branches: [ main, workflow-test ]
env: env:
REGISTRY_USER: netobserv+github_ci WF_REGISTRY_USER: netobserv+github_ci
REGISTRY: quay.io/netobserv WF_ORG: netobserv
IMAGE: netobserv-ebpf-agent WF_MULTIARCH_TARGETS: amd64 arm64 ppc64le
ORG: netobserv WF_VERSION: ${{ github.ref_name }}
VERSION: main
jobs: jobs:
push-image: push-image:
...@@ -29,10 +28,12 @@ jobs: ...@@ -29,10 +28,12 @@ jobs:
- name: docker login to quay.io - name: docker login to quay.io
uses: docker/login-action@v2 uses: docker/login-action@v2
with: with:
username: ${{ env.REGISTRY_USER }} username: ${{ env.WF_REGISTRY_USER }}
password: ${{ secrets.QUAY_SECRET }} password: ${{ secrets.QUAY_SECRET }}
registry: quay.io registry: quay.io
- name: get short sha
run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
- name: build and push manifest with images - name: build and push manifest with images
run: IMAGE_ORG=${{ env.ORG }} VERSION=${{ env.VERSION }} make ci run: |
- name: print image url MULTIARCH_TARGETS="${{ env.WF_MULTIARCH_TARGETS }}" IMAGE_ORG=${{ env.WF_ORG }} VERSION=${{ env.WF_VERSION }} make images
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" MULTIARCH_TARGETS="${{ env.WF_MULTIARCH_TARGETS }}" IMAGE_ORG=${{ env.WF_ORG }} VERSION=${{ env.short_sha }} OCI_BUILD_OPTS="--label quay.expires-after=2w" make images
\ No newline at end of file
...@@ -4,10 +4,10 @@ on: ...@@ -4,10 +4,10 @@ on:
types: [labeled] types: [labeled]
env: env:
REGISTRY_USER: netobserv+github_ci WF_REGISTRY_USER: netobserv+github_ci
REGISTRY: quay.io/netobserv WF_REGISTRY: quay.io/netobserv
IMAGE: netobserv-ebpf-agent WF_IMAGE: netobserv-ebpf-agent
ORG: netobserv WF_ORG: netobserv
jobs: jobs:
push-pr-image: push-pr-image:
...@@ -31,15 +31,13 @@ jobs: ...@@ -31,15 +31,13 @@ jobs:
- name: docker login to quay.io - name: docker login to quay.io
uses: docker/login-action@v2 uses: docker/login-action@v2
with: with:
username: ${{ env.REGISTRY_USER }} username: ${{ env.WF_REGISTRY_USER }}
password: ${{ secrets.QUAY_SECRET }} password: ${{ secrets.QUAY_SECRET }}
registry: quay.io registry: quay.io
- name: get short sha - name: get short sha
run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_ENV run: echo "short_sha=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
- name: build and push images - name: build and push manifest with images
run: IMAGE_ORG=${{ env.ORG }} IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.short_sha }} make images run: OCI_BUILD_OPTS="--label quay.expires-after=2w" IMAGE_ORG=${{ env.WF_ORG }} IMAGE=${{ env.WF_REGISTRY }}/${{ env.WF_IMAGE }}:${{ env.short_sha }} make images
- name: build and push manifest
run: IMAGE_ORG=${{ env.ORG }} IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.short_sha }} make ci-manifest
- uses: actions/github-script@v6 - uses: actions/github-script@v6
with: with:
github-token: ${{secrets.GITHUB_TOKEN}} github-token: ${{secrets.GITHUB_TOKEN}}
...@@ -48,5 +46,5 @@ jobs: ...@@ -48,5 +46,5 @@ jobs:
issue_number: context.issue.number, issue_number: context.issue.number,
owner: context.repo.owner, owner: context.repo.owner,
repo: context.repo.repo, repo: context.repo.repo,
body: 'New image: ${{ env.REGISTRY }}/${{ env.IMAGE }}:${{ env.short_sha }}. It will expire after two weeks.' body: 'New image: ${{ env.WF_REGISTRY }}/${{ env.WF_IMAGE }}:${{ env.short_sha }}. It will expire after two weeks.'
}) })
...@@ -4,16 +4,14 @@ on: ...@@ -4,16 +4,14 @@ on:
tags: [v*] tags: [v*]
env: env:
REGISTRY_USER: netobserv+github_ci WF_REGISTRY_USER: netobserv+github_ci
REGISTRY_PASSWORD: ${{ secrets.QUAY_SECRET }} WF_ORG: netobserv
REGISTRY: quay.io/netobserv WF_MULTIARCH_TARGETS: amd64 arm64 ppc64le
IMAGE: netobserv-ebpf-agent
IMAGE_ORG: netobserv
jobs: jobs:
push-image: push-image:
name: push image name: push image
runs-on: ubuntu-20.04 runs-on: ubuntu-latest
strategy: strategy:
matrix: matrix:
go: ['1.19'] go: ['1.19']
...@@ -40,10 +38,8 @@ jobs: ...@@ -40,10 +38,8 @@ jobs:
- name: docker login to quay.io - name: docker login to quay.io
uses: docker/login-action@v2 uses: docker/login-action@v2
with: with:
username: ${{ env.REGISTRY_USER }} username: ${{ env.WF_REGISTRY_USER }}
password: ${{ env.REGISTRY_PASSWORD }} password: ${{ secrets.QUAY_SECRET }}
registry: quay.io registry: quay.io
- name: build and push images - name: build and push manifest with images
run: VERSION="${{ env.tag }}" make images run: MULTIARCH_TARGETS="${{ env.WF_MULTIARCH_TARGETS }}" IMAGE_ORG=${{ env.WF_ORG }} VERSION=${{ env.tag }} make images
- name: print image url
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"
...@@ -17,15 +17,3 @@ push-manifest: manifest-push ## Push MULTIARCH_TARGETS manifest ...@@ -17,15 +17,3 @@ push-manifest: manifest-push ## Push MULTIARCH_TARGETS manifest
.PHONY: images .PHONY: images
images: image-build image-push manifest-build manifest-push ## Build and push MULTIARCH_TARGETS images and related manifest images: image-build image-push manifest-build manifest-push ## Build and push MULTIARCH_TARGETS images and related manifest
.PHONY: build-ci-manifest
build-ci-manifest: ci-manifest-build ## Build CI manifest
.PHONY: push-ci-manifest
push-ci-manifest: ci-manifest-push ## Push CI manifest
.PHONY: ci-manifest
ci-manifest: ci-manifest-build ci-manifest-push ## Build and push CI manifest
.PHONY: ci
ci: images ci-manifest ## Build and push CI images and manifest
\ No newline at end of file
...@@ -18,7 +18,7 @@ endif ...@@ -18,7 +18,7 @@ endif
# Go architecture and targets images to build # Go architecture and targets images to build
GOARCH ?= amd64 GOARCH ?= amd64
MULTIARCH_TARGETS ?= amd64 arm64 ppc64le MULTIARCH_TARGETS ?= amd64
# In CI, to be replaced by `netobserv` # In CI, to be replaced by `netobserv`
IMAGE_ORG ?= $(USER) IMAGE_ORG ?= $(USER)
...@@ -28,10 +28,10 @@ IMAGE_TAG_BASE ?= quay.io/$(IMAGE_ORG)/netobserv-ebpf-agent ...@@ -28,10 +28,10 @@ IMAGE_TAG_BASE ?= quay.io/$(IMAGE_ORG)/netobserv-ebpf-agent
# Image URL to use all building/pushing image targets # Image URL to use all building/pushing image targets
IMAGE ?= $(IMAGE_TAG_BASE):$(VERSION) IMAGE ?= $(IMAGE_TAG_BASE):$(VERSION)
IMAGE_SHA = $(IMAGE_TAG_BASE):$(BUILD_SHA) OCI_BUILD_OPTS ?=
# Image building tool (docker / podman) # Image building tool (docker / podman) - docker is preferred in CI
OCI_BIN_PATH := $(shell which podman || which docker) OCI_BIN_PATH := $(shell which docker || which podman)
OCI_BIN ?= $(shell basename ${OCI_BIN_PATH}) OCI_BIN ?= $(shell basename ${OCI_BIN_PATH})
LOCAL_GENERATOR_IMAGE ?= ebpf-generator:latest LOCAL_GENERATOR_IMAGE ?= ebpf-generator:latest
...@@ -49,7 +49,7 @@ EXCLUDE_COVERAGE_FILES="(/cmd/)|(bpf_bpfe)|(/examples/)|(/pkg/pbflow/)" ...@@ -49,7 +49,7 @@ EXCLUDE_COVERAGE_FILES="(/cmd/)|(bpf_bpfe)|(/examples/)|(/pkg/pbflow/)"
# build a single arch target provided as argument # build a single arch target provided as argument
define build_target define build_target
echo 'building image for arch $(1)'; \ echo 'building image for arch $(1)'; \
DOCKER_BUILDKIT=1 $(OCI_BIN) buildx build --load --build-arg TARGETPLATFORM=linux/$(1) --build-arg TARGETARCH=$(1) --build-arg BUILDPLATFORM=linux/amd64 -t ${IMAGE}-$(1) -f Dockerfile .; DOCKER_BUILDKIT=1 $(OCI_BIN) buildx build --load --build-arg TARGETPLATFORM=linux/$(1) --build-arg TARGETARCH=$(1) --build-arg BUILDPLATFORM=linux/amd64 ${OCI_BUILD_OPTS} -t ${IMAGE}-$(1) -f Dockerfile .;
endef endef
# push a single arch target image # push a single arch target image
...@@ -59,9 +59,9 @@ define push_target ...@@ -59,9 +59,9 @@ define push_target
endef endef
# manifest create a single arch target provided as argument # manifest create a single arch target provided as argument
define manifest_create_target define manifest_add_target
echo 'manifest create for arch $(1)'; \ echo 'manifest add target $(1)'; \
DOCKER_BUILDKIT=1 $(OCI_BIN) manifest add ${IMAGE} ${IMAGE}-$(target); DOCKER_BUILDKIT=1 $(OCI_BIN) manifest add ${IMAGE} ${IMAGE}-$(1);
endef endef
##@ General ##@ General
...@@ -181,7 +181,7 @@ ifeq (${OCI_BIN}, docker) ...@@ -181,7 +181,7 @@ ifeq (${OCI_BIN}, docker)
else else
trap 'exit' INT; \ trap 'exit' INT; \
DOCKER_BUILDKIT=1 $(OCI_BIN) manifest create ${IMAGE} ||: DOCKER_BUILDKIT=1 $(OCI_BIN) manifest create ${IMAGE} ||:
$(foreach target,$(MULTIARCH_TARGETS),$(call manifest_create_target,$(target))) $(foreach target,$(MULTIARCH_TARGETS),$(call manifest_add_target,$(target)))
endif endif
.PHONY: manifest-push .PHONY: manifest-push
...@@ -193,21 +193,4 @@ else ...@@ -193,21 +193,4 @@ else
DOCKER_BUILDKIT=1 $(OCI_BIN) manifest push ${IMAGE} docker://${IMAGE}; DOCKER_BUILDKIT=1 $(OCI_BIN) manifest push ${IMAGE} docker://${IMAGE};
endif endif
.PHONY: ci-manifest-build
ci-manifest-build: manifest-build ## Build CI manifest
$(OCI_BIN) build --build-arg BASE_IMAGE=$(IMAGE) -t $(IMAGE_SHA) -f scripts/shortlived.Dockerfile .
ifeq ($(VERSION), main)
# Also tag "latest" only for branch "main"
$(OCI_BIN) build -t $(IMAGE) -t $(IMAGE_TAG_BASE):latest -f scripts/shortlived.Dockerfile .
endif
.PHONY: ci-manifest-push
ci-manifest-push: ## Push CI manifest
$(OCI_BIN) push $(IMAGE_SHA)
ifeq ($(VERSION), main)
# Also tag "latest" only for branch "main"
$(OCI_BIN) push ${IMAGE}
$(OCI_BIN) push $(IMAGE_TAG_BASE):latest
endif
include .mk/shortcuts.mk include .mk/shortcuts.mk
...@@ -9,10 +9,3 @@ to run this script unless you want to e.g. update any of them to a newer version ...@@ -9,10 +9,3 @@ to run this script unless you want to e.g. update any of them to a newer version
Dockerfile for the eBPF binaries and Protobuf implementation generator. It is invoked from the root Dockerfile for the eBPF binaries and Protobuf implementation generator. It is invoked from the root
`Makefile`, in the `make docker-generate` target. `Makefile`, in the `make docker-generate` target.
## `shortlived.Dockerfile`
Dockerfile to generate a short-lived image of the agent that corresponds to the commits in the
`main` branch of the project Git.
The published images expire after 2 weeks.
\ No newline at end of file
ARG BASE_IMAGE=quay.io/netobserv/netobserv-ebpf-agent:main
FROM $BASE_IMAGE
LABEL quay.expires-after=2w
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment