ci: Add reusable build workflow

Signed-off-by: Ryan Northey <[email protected]>
envoyproxy · Sep 2, 2023 · b458a1d · b458a1d
1 parent f029007
commit b458a1d
Show file tree

Hide file tree

Showing 2 changed files with 128 additions and 113 deletions.
diff --git a/.github/workflows/_build_image.yml b/.github/workflows/_build_image.yml
@@ -0,0 +1,104 @@
+name: Build image
+
+permissions:
+  contents: read
+
+on:
+  workflow_call:
+    secrets:
+      dockerhub_username:
+      dockerhub_password:
+      gcp_key:
+
+    inputs:
+      image_prefix:
+        type: string
+        default: envoyproxy/envoy-build-
+
+      os_family:
+        type: string
+        default: linux
+
+      distro:
+        type: string
+        required: true
+      test_toolchain:
+        type: boolean
+        default: false
+
+      host_platform:
+        type: string
+        default: ubuntu-22.04
+
+      gcr_push:
+        type: boolean
+        default: false
+      gcr_name:
+        type: string
+        default:
+
+jobs:
+  image:
+    runs-on: ${{ inputs.host_platform }}
+    name: Build and test Docker image
+    steps:
+    - uses: envoyproxy/toolshed/gh-actions/[email protected]
+      if: ${{ inputs.os_family != 'windows' }}
+    - name: 'Checkout Repository'
+      uses: actions/checkout@v3
+    - run: |
+        curl -fsSL --output "$TEMP/gcloud-sdk.zip" "$GCLOUD_SDK_ARCHIVE_URL"
+        echo "${GCLOUD_SDK_ARCHIVE_CHECKSUM} $TEMP/gcloud-sdk.zip" | sha256sum --check
+        unzip -q "$TEMP/gcloud-sdk.zip" -d "$PROGRAMFILES"
+      shell: bash
+      if: ${{ inputs.os_family == 'windows' }}
+      env:
+        GCLOUD_SDK_ARCHIVE_URL: https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-289.0.0-windows-x86_64.zip
+        GCLOUD_SDK_ARCHIVE_CHECKSUM: c81e80040f7f609dbc50c42cd0cd402988a5c47f467372d40b5aaca0733f46f4
+    - run: |
+        if [[ "${{inputs.os_family }}" == "windows" ]]; then
+            export PATH="${PROGRAMFILES}/google-cloud-sdk/bin:${PATH}"
+        fi
+        cd build_container
+        ./docker_push.sh
+      shell: bash
+      env:
+        OS_FAMILY: ${{ inputs.os_family }}
+        SOURCE_BRANCH: ${{ github.ref }}
+        DOCKERHUB_USERNAME: ${{ inputs.dockerhub_username }}
+        DOCKERHUB_PASSWORD: ${{ inputs.dockerhub_password }}
+        GCP_SERVICE_ACCOUNT_KEY: ${{ inputs.gcp_key }}
+        IMAGE_PREFIX: ${{ inputs.image_prefix }}
+        OS_DISTRO: ${{ inputs.distro }}
+        PUSH_GCR_IMAGE: ${{ inputs.gcr_push }}
+        GCR_IMAGE_NAME: ${{ inputs.gcr_name }}
+    - name: Set up Go
+      uses: actions/setup-go@v4
+      if: ${{ inputs.test_toolchain }}
+      with:
+        go-version: '1.16'
+    - run: |
+        CONTAINER_TAG=$(git log -1 --pretty=format:"%H" "./build_container")
+        echo "tag=${CONTAINER_TAG}" >> "$GITHUB_OUTPUT"
+      id: container
+      if: ${{ inputs.test_toolchain }}
+      shell: bash
+    - uses: envoyproxy/toolshed/gh-actions/docker/[email protected]
+      if: ${{ inputs.test_toolchain && inputs.os_family != 'windows' }}
+      with:
+        load: envoyproxy/envoy-build-ubuntu:${{ steps.container.outputs.tag }}-amd64
+        as: envoy-build-ubuntu:${{ steps.container.outputs.tag }}
+    - uses: envoyproxy/toolshed/gh-actions/docker/[email protected]
+      if: ${{ inputs.test_toolchain && inputs.os_family == 'windows' }}
+      with:
+        image: stefanscherer/registry-windows:2.6.2
+        load: envoyproxy/envoy-build-windows2019:${{ steps.container.outputs.tag }}
+    - run: |
+        toolchains/regenerate.sh
+      if: ${{ inputs.test_toolchain }}
+      shell: bash
+      env:
+        OS_FAMILY: ${{ inputs.os_family }}
+        SOURCE_BRANCH: ${{ github.ref }}
+        NO_PULL_IMAGE: true
+        DOCKER_IMAGE: localhost:5000/envoy-build-${{ inputs.distro }}
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -9,17 +9,13 @@ on:
     - main
   pull_request:
 
-env:
-  image_prefix: envoyproxy/envoy-build-
-
 concurrency:
   group: ${{ github.event.inputs.head_ref || github.run_id }}-${{ github.workflow }}
   cancel-in-progress: true
 
 
 jobs:
-  build_container_linux:
-    runs-on: ubuntu-20.04
+  build_image:
     if: >-
       ${{
           github.repository == 'envoyproxy/envoy-build-tools'
@@ -30,113 +26,29 @@ jobs:
       matrix:
         include:
         - target: ubuntu
-          gcrPushImage: true
-          gcrImageName: envoy-build
+          name: Linux Ubuntu
+          gcr_push: true
         - target: centos
-          gcrPushImage: false
-    name: Build (Linux ${{ matrix.target }})
-    steps:
-    - uses: envoyproxy/toolshed/gh-actions/[email protected]
-    - name: 'Checkout Repository'
-      uses: actions/checkout@v3
-    - run: |
-        cd build_container
-        ./docker_push.sh
-      env:
-        OS_FAMILY: linux
-        SOURCE_BRANCH: ${{ github.ref }}
-        DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-        DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
-        GCP_SERVICE_ACCOUNT_KEY: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}
-        IMAGE_PREFIX: ${{ env.image_prefix }}
-        OS_DISTRO: ${{ matrix.target }}
-        PUSH_GCR_IMAGE: ${{ matrix.gcrPushImage }}
-        GCR_IMAGE_NAME: ${{ matrix.gcrImageName }}
-    - name: Set up Go
-      uses: actions/setup-go@v4
-      if: ${{ github.event_name == 'pull_request' && matrix.target == 'ubuntu' }}
-      with:
-        go-version: '1.16'
-    - run: |
-        CONTAINER_TAG=$(git log -1 --pretty=format:"%H" "./build_container")
-        echo "tag=${CONTAINER_TAG}" >> "$GITHUB_OUTPUT"
-      id: container
-      if: ${{ github.event_name == 'pull_request' && matrix.target == 'ubuntu' }}
-    - uses: envoyproxy/toolshed/gh-actions/docker/[email protected]
-      if: ${{ github.event_name == 'pull_request' && matrix.target == 'ubuntu' }}
-      with:
-        load: envoyproxy/envoy-build-ubuntu:${{ steps.container.outputs.tag }}-amd64
-        as: envoy-build-ubuntu:${{ steps.container.outputs.tag }}
-    - run: |
-        toolchains/regenerate.sh
-      if: ${{ github.event_name == 'pull_request' && matrix.target == 'ubuntu' }}
-      env:
-        OS_FAMILY: linux
-        SOURCE_BRANCH: ${{ github.ref }}
-        NO_PULL_IMAGE: true
-        DOCKER_IMAGE: localhost:5000/envoy-build-ubuntu
-
-  build_container_windows:
-    name: Build (Windows)
-    runs-on: windows-2019
-    if: >-
-      ${{
-          github.repository == 'envoyproxy/envoy-build-tools'
-          || vars.ENVOY_CI_RUN == 'true'
-      }}
-    steps:
-    - name: 'Checkout Repository'
-      uses: actions/checkout@v3
-    - run: |
-        curl -fsSL --output "$TEMP/gcloud-sdk.zip" "$GCLOUD_SDK_ARCHIVE_URL"
-        echo "${GCLOUD_SDK_ARCHIVE_CHECKSUM} $TEMP/gcloud-sdk.zip" | sha256sum --check
-        unzip -q "$TEMP/gcloud-sdk.zip" -d "$PROGRAMFILES"
-      shell: bash
-      env:
-        GCLOUD_SDK_ARCHIVE_URL: https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-289.0.0-windows-x86_64.zip
-        GCLOUD_SDK_ARCHIVE_CHECKSUM: c81e80040f7f609dbc50c42cd0cd402988a5c47f467372d40b5aaca0733f46f4
-    - run: |
-        export PATH="${PROGRAMFILES}/google-cloud-sdk/bin:${PATH}"
-        cd build_container
-        ./docker_push.sh
-      shell: bash
-      env:
-        OS_FAMILY: windows
-        SOURCE_BRANCH: ${{ github.ref }}
-        DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-        DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
-        GCP_SERVICE_ACCOUNT_KEY: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}
-        IMAGE_PREFIX: ${{ env.image_prefix }}
-        OS_DISTRO: windows2019
-        PUSH_GCR_IMAGE: true
-        GCR_IMAGE_NAME: envoy-build-windows
-    - name: Set up Go
-      uses: actions/setup-go@v4
-      if: ${{ github.event_name == 'pull_request' }}
-      with:
-        go-version: '1.16'
-    - run: |
-        CONTAINER_TAG=$(git log -1 --pretty=format:"%H" "./build_container")
-        echo "tag=${CONTAINER_TAG}" >> "$GITHUB_OUTPUT"
-      id: container
-      if: ${{ github.event_name == 'pull_request' }}
-      shell: bash
-    - uses: envoyproxy/toolshed/gh-actions/docker/[email protected]
-      with:
-        image: stefanscherer/registry-windows:2.6.2
-        load: envoyproxy/envoy-build-windows2019:${{ steps.container.outputs.tag }}
-      if: ${{ github.event_name == 'pull_request' }}
-    - run: |
-        toolchains/regenerate.sh || {
-            echo "::error file=toolchains/regenerate.sh::Unable to regenerate Windows toolchains"
-        }
-      if: ${{ github.event_name == 'pull_request' }}
-      shell: bash
-      env:
-        OS_FAMILY: windows
-        SOURCE_BRANCH: ${{ github.ref }}
-        NO_PULL_IMAGE: true
-        DOCKER_IMAGE: localhost:5000/envoy-build-windows2019
+          name: Linux Centos
+          gcr_push: false
+        - target: windows2019
+          name: Windows 2019
+          gcr_push: true
+          gcr_name: envoy-build-windows
+          host_platform: windows-2019
+          os_family: windows
+    name: Build (${{ matrix.name || matrix.target }})
+    uses: ./.github/workflows/_build_image.yml
+    with:
+      distro: ${{ matrix.target }}
+      gcr_push: ${{ matrix.gcr_push }}
+      gcr_name: ${{ matrix.gcr_name != '' && matrix.gcr_name || 'envoy-build' }}
+      os_family: ${{ matrix.os_family != '' && matrix.os_family || 'linux' }}
+      host_platform: ${{ matrix.host_platform != '' && matrix.host_platform || 'ubuntu-22.04' }}
+    secrets:
+      dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
+      dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }}
+      gcp_key: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}
 
   regenerate_linux:
     runs-on: ubuntu-20.04
@@ -145,7 +57,7 @@ jobs:
       contents: write
     name: Regenerate toolchains (Linux)
     needs:
-    - build_container_linux
+    - build_image
     steps:
     - id: appauth
       uses: envoyproxy/toolshed/gh-actions/[email protected]
@@ -176,7 +88,6 @@ jobs:
       contents: write
     name: Regenerate toolchains (Windows)
     needs:
-    - build_container_windows
     - regenerate_linux
     steps:
     - id: appauth