From b458a1df276f26f7eaf66e3b88b01c072454de42 Mon Sep 17 00:00:00 2001 From: Ryan Northey Date: Sat, 2 Sep 2023 12:42:14 +0100 Subject: [PATCH] ci: Add reusable build workflow Signed-off-by: Ryan Northey --- .github/workflows/_build_image.yml | 104 ++++++++++++++++++++++ .github/workflows/build.yml | 137 +++++------------------------ 2 files changed, 128 insertions(+), 113 deletions(-) create mode 100644 .github/workflows/_build_image.yml diff --git a/.github/workflows/_build_image.yml b/.github/workflows/_build_image.yml new file mode 100644 index 00000000..63f35798 --- /dev/null +++ b/.github/workflows/_build_image.yml @@ -0,0 +1,104 @@ +name: Build image + +permissions: + contents: read + +on: + workflow_call: + secrets: + dockerhub_username: + dockerhub_password: + gcp_key: + + inputs: + image_prefix: + type: string + default: envoyproxy/envoy-build- + + os_family: + type: string + default: linux + + distro: + type: string + required: true + test_toolchain: + type: boolean + default: false + + host_platform: + type: string + default: ubuntu-22.04 + + gcr_push: + type: boolean + default: false + gcr_name: + type: string + default: + +jobs: + image: + runs-on: ${{ inputs.host_platform }} + name: Build and test Docker image + steps: + - uses: envoyproxy/toolshed/gh-actions/diskspace@actions-v0.0.17 + if: ${{ inputs.os_family != 'windows' }} + - name: 'Checkout Repository' + uses: actions/checkout@v3 + - run: | + curl -fsSL --output "$TEMP/gcloud-sdk.zip" "$GCLOUD_SDK_ARCHIVE_URL" + echo "${GCLOUD_SDK_ARCHIVE_CHECKSUM} $TEMP/gcloud-sdk.zip" | sha256sum --check + unzip -q "$TEMP/gcloud-sdk.zip" -d "$PROGRAMFILES" + shell: bash + if: ${{ inputs.os_family == 'windows' }} + env: + GCLOUD_SDK_ARCHIVE_URL: https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-289.0.0-windows-x86_64.zip + GCLOUD_SDK_ARCHIVE_CHECKSUM: c81e80040f7f609dbc50c42cd0cd402988a5c47f467372d40b5aaca0733f46f4 + - run: | + if [[ "${{inputs.os_family }}" == "windows" ]]; then + export PATH="${PROGRAMFILES}/google-cloud-sdk/bin:${PATH}" + fi + cd build_container + ./docker_push.sh + shell: bash + env: + OS_FAMILY: ${{ inputs.os_family }} + SOURCE_BRANCH: ${{ github.ref }} + DOCKERHUB_USERNAME: ${{ inputs.dockerhub_username }} + DOCKERHUB_PASSWORD: ${{ inputs.dockerhub_password }} + GCP_SERVICE_ACCOUNT_KEY: ${{ inputs.gcp_key }} + IMAGE_PREFIX: ${{ inputs.image_prefix }} + OS_DISTRO: ${{ inputs.distro }} + PUSH_GCR_IMAGE: ${{ inputs.gcr_push }} + GCR_IMAGE_NAME: ${{ inputs.gcr_name }} + - name: Set up Go + uses: actions/setup-go@v4 + if: ${{ inputs.test_toolchain }} + with: + go-version: '1.16' + - run: | + CONTAINER_TAG=$(git log -1 --pretty=format:"%H" "./build_container") + echo "tag=${CONTAINER_TAG}" >> "$GITHUB_OUTPUT" + id: container + if: ${{ inputs.test_toolchain }} + shell: bash + - uses: envoyproxy/toolshed/gh-actions/docker/registry@actions-v0.0.18 + if: ${{ inputs.test_toolchain && inputs.os_family != 'windows' }} + with: + load: envoyproxy/envoy-build-ubuntu:${{ steps.container.outputs.tag }}-amd64 + as: envoy-build-ubuntu:${{ steps.container.outputs.tag }} + - uses: envoyproxy/toolshed/gh-actions/docker/registry@actions-v0.0.18 + if: ${{ inputs.test_toolchain && inputs.os_family == 'windows' }} + with: + image: stefanscherer/registry-windows:2.6.2 + load: envoyproxy/envoy-build-windows2019:${{ steps.container.outputs.tag }} + - run: | + toolchains/regenerate.sh + if: ${{ inputs.test_toolchain }} + shell: bash + env: + OS_FAMILY: ${{ inputs.os_family }} + SOURCE_BRANCH: ${{ github.ref }} + NO_PULL_IMAGE: true + DOCKER_IMAGE: localhost:5000/envoy-build-${{ inputs.distro }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 02e70de9..36fee037 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -9,17 +9,13 @@ on: - main pull_request: -env: - image_prefix: envoyproxy/envoy-build- - concurrency: group: ${{ github.event.inputs.head_ref || github.run_id }}-${{ github.workflow }} cancel-in-progress: true jobs: - build_container_linux: - runs-on: ubuntu-20.04 + build_image: if: >- ${{ github.repository == 'envoyproxy/envoy-build-tools' @@ -30,113 +26,29 @@ jobs: matrix: include: - target: ubuntu - gcrPushImage: true - gcrImageName: envoy-build + name: Linux Ubuntu + gcr_push: true - target: centos - gcrPushImage: false - name: Build (Linux ${{ matrix.target }}) - steps: - - uses: envoyproxy/toolshed/gh-actions/diskspace@actions-v0.0.17 - - name: 'Checkout Repository' - uses: actions/checkout@v3 - - run: | - cd build_container - ./docker_push.sh - env: - OS_FAMILY: linux - SOURCE_BRANCH: ${{ github.ref }} - DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} - GCP_SERVICE_ACCOUNT_KEY: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} - IMAGE_PREFIX: ${{ env.image_prefix }} - OS_DISTRO: ${{ matrix.target }} - PUSH_GCR_IMAGE: ${{ matrix.gcrPushImage }} - GCR_IMAGE_NAME: ${{ matrix.gcrImageName }} - - name: Set up Go - uses: actions/setup-go@v4 - if: ${{ github.event_name == 'pull_request' && matrix.target == 'ubuntu' }} - with: - go-version: '1.16' - - run: | - CONTAINER_TAG=$(git log -1 --pretty=format:"%H" "./build_container") - echo "tag=${CONTAINER_TAG}" >> "$GITHUB_OUTPUT" - id: container - if: ${{ github.event_name == 'pull_request' && matrix.target == 'ubuntu' }} - - uses: envoyproxy/toolshed/gh-actions/docker/registry@actions-v0.0.18 - if: ${{ github.event_name == 'pull_request' && matrix.target == 'ubuntu' }} - with: - load: envoyproxy/envoy-build-ubuntu:${{ steps.container.outputs.tag }}-amd64 - as: envoy-build-ubuntu:${{ steps.container.outputs.tag }} - - run: | - toolchains/regenerate.sh - if: ${{ github.event_name == 'pull_request' && matrix.target == 'ubuntu' }} - env: - OS_FAMILY: linux - SOURCE_BRANCH: ${{ github.ref }} - NO_PULL_IMAGE: true - DOCKER_IMAGE: localhost:5000/envoy-build-ubuntu - - build_container_windows: - name: Build (Windows) - runs-on: windows-2019 - if: >- - ${{ - github.repository == 'envoyproxy/envoy-build-tools' - || vars.ENVOY_CI_RUN == 'true' - }} - steps: - - name: 'Checkout Repository' - uses: actions/checkout@v3 - - run: | - curl -fsSL --output "$TEMP/gcloud-sdk.zip" "$GCLOUD_SDK_ARCHIVE_URL" - echo "${GCLOUD_SDK_ARCHIVE_CHECKSUM} $TEMP/gcloud-sdk.zip" | sha256sum --check - unzip -q "$TEMP/gcloud-sdk.zip" -d "$PROGRAMFILES" - shell: bash - env: - GCLOUD_SDK_ARCHIVE_URL: https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-289.0.0-windows-x86_64.zip - GCLOUD_SDK_ARCHIVE_CHECKSUM: c81e80040f7f609dbc50c42cd0cd402988a5c47f467372d40b5aaca0733f46f4 - - run: | - export PATH="${PROGRAMFILES}/google-cloud-sdk/bin:${PATH}" - cd build_container - ./docker_push.sh - shell: bash - env: - OS_FAMILY: windows - SOURCE_BRANCH: ${{ github.ref }} - DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} - GCP_SERVICE_ACCOUNT_KEY: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} - IMAGE_PREFIX: ${{ env.image_prefix }} - OS_DISTRO: windows2019 - PUSH_GCR_IMAGE: true - GCR_IMAGE_NAME: envoy-build-windows - - name: Set up Go - uses: actions/setup-go@v4 - if: ${{ github.event_name == 'pull_request' }} - with: - go-version: '1.16' - - run: | - CONTAINER_TAG=$(git log -1 --pretty=format:"%H" "./build_container") - echo "tag=${CONTAINER_TAG}" >> "$GITHUB_OUTPUT" - id: container - if: ${{ github.event_name == 'pull_request' }} - shell: bash - - uses: envoyproxy/toolshed/gh-actions/docker/registry@actions-v0.0.18 - with: - image: stefanscherer/registry-windows:2.6.2 - load: envoyproxy/envoy-build-windows2019:${{ steps.container.outputs.tag }} - if: ${{ github.event_name == 'pull_request' }} - - run: | - toolchains/regenerate.sh || { - echo "::error file=toolchains/regenerate.sh::Unable to regenerate Windows toolchains" - } - if: ${{ github.event_name == 'pull_request' }} - shell: bash - env: - OS_FAMILY: windows - SOURCE_BRANCH: ${{ github.ref }} - NO_PULL_IMAGE: true - DOCKER_IMAGE: localhost:5000/envoy-build-windows2019 + name: Linux Centos + gcr_push: false + - target: windows2019 + name: Windows 2019 + gcr_push: true + gcr_name: envoy-build-windows + host_platform: windows-2019 + os_family: windows + name: Build (${{ matrix.name || matrix.target }}) + uses: ./.github/workflows/_build_image.yml + with: + distro: ${{ matrix.target }} + gcr_push: ${{ matrix.gcr_push }} + gcr_name: ${{ matrix.gcr_name != '' && matrix.gcr_name || 'envoy-build' }} + os_family: ${{ matrix.os_family != '' && matrix.os_family || 'linux' }} + host_platform: ${{ matrix.host_platform != '' && matrix.host_platform || 'ubuntu-22.04' }} + secrets: + dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }} + dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }} + gcp_key: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }} regenerate_linux: runs-on: ubuntu-20.04 @@ -145,7 +57,7 @@ jobs: contents: write name: Regenerate toolchains (Linux) needs: - - build_container_linux + - build_image steps: - id: appauth uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.0.17 @@ -176,7 +88,6 @@ jobs: contents: write name: Regenerate toolchains (Windows) needs: - - build_container_windows - regenerate_linux steps: - id: appauth