Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Releasing versioned (base) images #10827

Merged
merged 144 commits into from
Sep 20, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
144 commits
Select commit Hold shift + click to select a range
376f31d
ci(ct): do no longer run base push workflow in PRs
poikilotherm Apr 10, 2024
b8b95a9
ci(ct): add a job for base images to discover branches to work on
poikilotherm Apr 10, 2024
6f04620
ci(ct): setup base image build job as matrix of discovered branches
poikilotherm Apr 10, 2024
4fc0267
ci(ct): upgrade java action in base image and determine java version …
poikilotherm Apr 10, 2024
8d30971
ci(ct): remove pull request safeguards from base image workflow
poikilotherm Apr 10, 2024
bb06a94
ci(ct): remove pull request safeguards from base image workflow
poikilotherm Apr 10, 2024
0ba86b2
ci(ct): stop on purpose to test the feature branch before we actually…
poikilotherm Apr 10, 2024
37f4a51
feat(ct): make the container base image follow sequential, incrementi…
poikilotherm Apr 10, 2024
20c6a58
ci(ct): add missing output definitions to base image workflow matrix …
poikilotherm Apr 10, 2024
e923663
test(ct): for testing, determine if matrix discovery works for schedu…
poikilotherm Apr 10, 2024
def5d9e
fix(ct): base image build matrix output must be on a single line
poikilotherm Apr 10, 2024
b028c26
fix(ct): do not stop building other base images if one build fails
poikilotherm Apr 10, 2024
b453a12
fix(ct): avoid costly lookup of Java version to be used via Maven, gr…
poikilotherm Apr 10, 2024
cb2fac0
test(ct): no longer stop before Docker, but tell DMP to skip pushing
poikilotherm Apr 10, 2024
afa51c7
fix(ct): skip building and pushing the base image for v6.0 and v6.1, …
poikilotherm Apr 10, 2024
8afac92
test(ct): try to limit QEMU architectures, maybe shaving off a few se…
poikilotherm Apr 10, 2024
7c4242e
feat(ct): add additional tags for base images
poikilotherm Apr 10, 2024
c08220d
test(ct): add feature branch to matrix and build for everything but it.
poikilotherm Apr 10, 2024
c4cbc57
chore,test(ct): update script action to v7
poikilotherm Apr 10, 2024
05e4887
fix(ct): add missing option for DMP to add additional tags to base image
poikilotherm Apr 10, 2024
be5b9c9
feat(ct): trigger build of app image when all builds of base image su…
poikilotherm Apr 11, 2024
d4a196b
test(ct): let's skip the build for anything but our feature branch
poikilotherm Apr 11, 2024
77aec0d
style(ct): fix wording to test CI pipeline
poikilotherm Apr 11, 2024
c3e1d4f
test(ct): try what happens when removing the on purpose failure of ba…
poikilotherm Apr 11, 2024
2887d13
fix(ct): make secrets available to app workflow again
poikilotherm Apr 11, 2024
bbe527d
chore(ct,build): upgrade to DMP plugin v0.44.0
poikilotherm Apr 12, 2024
c496ef3
feat(ct): pin down name of the builder for base image
poikilotherm Apr 12, 2024
82c8e72
ci(ct): make number of past release configurable via env var
poikilotherm Apr 12, 2024
0c91541
fix(ct): correction of tags specification for base image workflow
poikilotherm Apr 12, 2024
eef60f2
refactor(ct): when pushes for a tag or branch occur, build for it
poikilotherm Apr 12, 2024
90cb9ce
feat(ct): replace QEMU with remote builder for ARM64 in base image
poikilotherm Apr 12, 2024
d7fbf87
feat(ct): disable caching during base image build
poikilotherm Apr 12, 2024
b6fb122
style(ct): fix typo in secrets reference
poikilotherm Apr 12, 2024
b3ac714
fix(ct): add missing pipe redirection for builder config
poikilotherm Apr 12, 2024
898d905
refactor(ct): switch back to "maven" as builder name
poikilotherm Apr 12, 2024
577804b
refactor(ct): use remote ARM64 builder only for pushes, but not sched…
poikilotherm Apr 12, 2024
25cbdd7
test(ct): use DMP v0.45-SNAPSHOT to see if pushing images that have a…
poikilotherm Apr 12, 2024
2de674f
feat(build,ci): workflow pre-seeding Maven cache from develop #10428
poikilotherm Apr 12, 2024
b1943c1
fix(build,ci): ignore not found when deleting common cache
poikilotherm Apr 12, 2024
941fbc9
style(ct): remove some stale comments
poikilotherm Apr 12, 2024
b64b6af
feat(ct): make use of common cache in app container builds #10428
poikilotherm Apr 12, 2024
4f48123
feat(ci): remove feature branch from maven seed workflow
poikilotherm Apr 12, 2024
721814a
style(ct): rename base image revision from RX to revX
poikilotherm Apr 12, 2024
3c0650f
feat(ct): make dataverse app image use base rev1 image
poikilotherm Apr 12, 2024
06a2161
refactor(ci): delete common cache after we downloaded the old one #10428
poikilotherm Apr 12, 2024
818bfd4
test(ci): readd feature branch to test cache handling logic
poikilotherm Apr 12, 2024
a28997c
style(ct): add common cache download to base image
poikilotherm Apr 12, 2024
085e41e
style(ct): remove stale comment about platforms empty in base image
poikilotherm Apr 12, 2024
2fe0ca3
fix(build,ci): downgrade to cache action v2
poikilotherm Apr 12, 2024
afad97e
fix(build,ci,ct): fix missing path for cache restore
poikilotherm Apr 12, 2024
1c1c30e
test(ci): fix a comment to trigger base image workflow
poikilotherm Apr 12, 2024
0b7387c
style(ci): remove feature branch from maven cache seeding again
poikilotherm Apr 12, 2024
4340243
doc(ci): add note about cache availability to seeding workflow
poikilotherm Apr 12, 2024
899e8aa
feat(ci): make sure to rejuvenate the common cache every 7 days
poikilotherm Apr 12, 2024
f538896
chore(ct): replace wait-for with wait4x
poikilotherm Apr 15, 2024
149ab0b
build(ct): make target architecture available in base image build
poikilotherm Apr 15, 2024
e861334
chore(ct): upgrade base image with jattach v2.2
poikilotherm Apr 15, 2024
f315e33
Merge branch 'develop' into 10478-version-base-img
poikilotherm Apr 16, 2024
0c4ce21
chore: remove obsolete Maven Cache seed workflow
poikilotherm Apr 16, 2024
54fe365
style(ci): remove superfluous empty line
poikilotherm Apr 16, 2024
082715b
Merge branch 'develop' into 10478-version-base-img
poikilotherm Aug 26, 2024
50a9ede
ci(ct): temporarily allow other repos to run the base image workflow
poikilotherm Aug 26, 2024
19de76d
ci(ct): temporarily disable remote docker builder in fork
poikilotherm Aug 26, 2024
a9a5709
feat(ct): introduce backports for older base images
poikilotherm Aug 26, 2024
0691d4d
feat(ct): add patches for v6.1, 6.2 and 6.3 base images
poikilotherm Aug 26, 2024
ae8ced2
ci,fix(ct): only apply 1 patch file at a time for base images
poikilotherm Aug 26, 2024
37fb155
ci,fix(ct): correction of v6.3 Dockerfile patches
poikilotherm Aug 26, 2024
c177d9a
ci,fix(ct): make v6.3 get alpha tag
poikilotherm Aug 26, 2024
fffcfe0
refactor(ct): align base POM tags with suitable policy across release…
poikilotherm Aug 27, 2024
c5b9ccc
docs(ct): document new tagging and release policy for base image
poikilotherm Aug 28, 2024
c8f95a0
refactor(ct): align base image tagging with documented policy
poikilotherm Aug 28, 2024
1360213
ci(ct): split up push releases and maintenance workflows
poikilotherm Aug 28, 2024
716e289
ci(ct): exclude app image rebuilds for easier testing
poikilotherm Aug 29, 2024
d6339a9
ci(ct): detect necessary rebuilds and calculate revision number
poikilotherm Aug 29, 2024
289f352
build(ct): update base image with wait4x 2.14.1
poikilotherm Aug 29, 2024
3a771f9
ci(ct): add option to manual trigger of maintenance workflow to force…
poikilotherm Aug 29, 2024
899bba6
ci(ct): no longer react to pushes in maintenance workflow
poikilotherm Aug 29, 2024
ed17240
ci(ct): extract revision logic into separate script
poikilotherm Aug 29, 2024
454fbe6
ci(ct): add revision logic to base image release workflow on push
poikilotherm Aug 29, 2024
f1e3a3f
ci(ct): temporarily disable release of app image when rebuilding base
poikilotherm Aug 29, 2024
266c7bc
ci(ct): temporarily enable triggering release workflow from feature b…
poikilotherm Aug 29, 2024
c04d9e4
ci(ct): use script for revision logic in maintenance flow
poikilotherm Aug 29, 2024
2efd1b5
ci(ct): fix revision logic to return 0 when rolling tag not present b…
poikilotherm Aug 29, 2024
b61395a
build,doc(parent): add special base image versioning
poikilotherm Aug 30, 2024
f95476a
build(ct,parent): adapt base image POM to new tagging policy
poikilotherm Aug 30, 2024
a4354c0
ci(ct): determine base image name once in maintenance workflow
poikilotherm Aug 30, 2024
f15c9d6
style,ci(ct): use shell parameter extension and less cut
poikilotherm Aug 30, 2024
e3de4a1
ci(ct): on release branches make the base image tags short and add ad…
poikilotherm Aug 30, 2024
59b676b
docs(ct): update tagging policy for base image
poikilotherm Sep 2, 2024
6567e02
ci: add setup-maven action
poikilotherm Sep 3, 2024
0966eda
ci(ct): run maintenance with the new setup-maven action
poikilotherm Sep 3, 2024
7177c32
ci: add action to check for newer releases of base images
poikilotherm Sep 3, 2024
8bc6bce
ci: add action to check for newer releases of base images
poikilotherm Sep 3, 2024
19fcf89
ci(ct): use newer image action in maintenance workflow
poikilotherm Sep 3, 2024
dbf2372
ci: add action to determine next image revision
poikilotherm Sep 3, 2024
54e21cc
ci(ct): use image revision action in maintenance workflow
poikilotherm Sep 3, 2024
db64fdf
fix,ci(ct): don't grep for package updates from apt update output
poikilotherm Sep 3, 2024
2685351
doc tweaks for versioned base images: making releases #10827
pdurbin Sep 6, 2024
b47d09a
iterate on "supported image tags" section #10827
pdurbin Sep 6, 2024
2ecbd69
chore(ct): update base image wait4x to 2.14.2 for stdlib update
poikilotherm Sep 13, 2024
6efd5b7
Merge pull request #1 from IQSS/10827-doc-tweaks
poikilotherm Sep 16, 2024
66bcbbb
chore(ci): delete duplicate action after renaming
poikilotherm Sep 16, 2024
d3dc5c6
docs(ct): update base image tag policy from latest discussion #10827
poikilotherm Sep 16, 2024
08a94bb
style,docs(ct): minor tweaks to base image policy as per @pdurbin
poikilotherm Sep 16, 2024
8cc9d20
feat(ct): switch latest to unstable in base image flow
poikilotherm Sep 16, 2024
466d2ef
style,docs(ct): minor tweaks to base image policy as per @pdurbin
poikilotherm Sep 16, 2024
4c9e80f
fix(ct): remove auth for revision action
poikilotherm Sep 16, 2024
86f2c84
fix(ct): try to avoid shell substitution in base image flow
poikilotherm Sep 16, 2024
997f7eb
fix(ct): avoid shell substitutions going awry for base image release tag
poikilotherm Sep 16, 2024
48ccdf2
ci(ct): remove out of scope actions for #10478
poikilotherm Sep 17, 2024
cc39131
ci(ct): reorganise tags for develop branch #10478
poikilotherm Sep 17, 2024
c6b992a
chore(parent): remove OSS plugin snapshot repo after upgrade to DMP 0.45
poikilotherm Sep 17, 2024
8955ef0
build(ct): make application image use new base image flexi stack #10478
poikilotherm Sep 17, 2024
2788fe1
Merge branch 'develop' into 10478-version-base-img
poikilotherm Sep 17, 2024
710cf3c
style(ct): remove stale comment from base module pom
poikilotherm Sep 17, 2024
b043edf
chore(ct): add comment about apt sec updates detection via list hack
poikilotherm Sep 17, 2024
9b12bc2
ci(ct): use new setup-maven action in base image push workflow
poikilotherm Sep 17, 2024
4f8499f
ci(ct): replace logic in base image push workflow
poikilotherm Sep 17, 2024
b43af73
test(ct): temporarily set dev branch in base image push flow to featu…
poikilotherm Sep 17, 2024
415bae3
ci(ct): use setup-maven action in app image push workflow to simplify…
poikilotherm Sep 17, 2024
5eb6d1a
test(ct): temporarily enable app image push flow execution in all forks
poikilotherm Sep 17, 2024
71f4399
ci(ct): use an optional base image ref for app image push flow
poikilotherm Sep 17, 2024
5a0cfa0
ci(setup-maven): try to auto-detect git ref
poikilotherm Sep 17, 2024
34db758
chore(ct): add notes in flows about adding a path filter
poikilotherm Sep 17, 2024
314fa33
chore(ct): add note about missing triggers for base push flow
poikilotherm Sep 17, 2024
09f7264
fix,ci(ct): don't trigger the base push flow for backports
poikilotherm Sep 17, 2024
44ec28d
ci(ct): trigger app flow from base push flow
poikilotherm Sep 17, 2024
26be5c1
ci(ct): reshape maintenance workflow into external matrix script
poikilotherm Sep 18, 2024
ff0498b
ci(ct): remove obsolete actions for revisions and parent image change…
poikilotherm Sep 18, 2024
2794d3a
ci(ct): re-enable forced build for maintenance workflow
poikilotherm Sep 18, 2024
585bc8c
ci(ct): add outputs to maintenance matrix job
poikilotherm Sep 18, 2024
6adc5c4
ci(ct): remove draft of building app images in maintenance matrix job
poikilotherm Sep 18, 2024
feeb126
style,ci(ct): reword the maintenance build workflow name
poikilotherm Sep 19, 2024
1301020
ci(ct): make the maintenance workflow push the hub description for th…
poikilotherm Sep 19, 2024
fbec22d
style(ct): fix simple typo in base image README
poikilotherm Sep 19, 2024
6b7a9d6
fix(ct): remove bug from package upgrade detection in maintenance wor…
poikilotherm Sep 19, 2024
8573100
docs,style(ct): small rewording about immutable tags for base image
poikilotherm Sep 19, 2024
9c91798
feat,ci(ct): add immutable tags to list of base image tags in mainten…
poikilotherm Sep 19, 2024
4528494
style,ci(ct): add some more verbosity about progress in maintenance job
poikilotherm Sep 19, 2024
9b9ab10
refactor,ci(ct): finishing touches for #10478
poikilotherm Sep 19, 2024
45b412b
fix,ci(ct): only add base image Maven option when the input is defined
poikilotherm Sep 19, 2024
fdc65bf
Merge branch 'develop' into 10478-version-base-img
poikilotherm Sep 19, 2024
52e6408
docs(ct): add release note for maintenance workflow #10478
poikilotherm Sep 19, 2024
dc6b597
style(ct): add comment explaining what a flavor is in base image Mave…
poikilotherm Sep 19, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 37 additions & 0 deletions .github/actions/setup-maven/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
---
name: "Setup Maven and Caches"
description: "Determine Java version and setup Maven, including necessary caches."
inputs:
git-reference:
description: 'The git reference (branch/tag) to check out'
required: false
default: '${{ github.ref }}'
pom-paths:
description: "List of paths to Maven POM(s) for cache dependency setup"
required: false
default: 'pom.xml'
runs:
using: composite
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ inputs.git-reference }}
- name: Determine Java version by reading the Maven property
shell: bash
run: |
echo "JAVA_VERSION=$(grep '<target.java.version>' ${GITHUB_WORKSPACE}/modules/dataverse-parent/pom.xml | cut -f2 -d'>' | cut -f1 -d'<')" | tee -a ${GITHUB_ENV}
- name: Set up JDK ${{ env.JAVA_VERSION }}
id: setup-java
uses: actions/setup-java@v4
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: 'temurin'
cache: 'maven'
cache-dependency-path: ${{ inputs.pom-paths }}
- name: Download common cache on branch cache miss
if: ${{ steps.setup-java.outputs.cache-hit != 'true' }}
uses: actions/cache/restore@v4
with:
key: dataverse-maven-cache
path: ~/.m2/repository
41 changes: 27 additions & 14 deletions .github/workflows/container_app_push.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@ on:
# We are deliberately *not* running on push events here to avoid double runs.
# Instead, push events will trigger from the base image and maven unit tests via workflow_call.
workflow_call:
inputs:
base-image-ref:
type: string
description: "Reference of the base image to build on in full qualified form [<registry>/]<namespace>/<repo>:<tag>"
required: false
default: "gdcc/base:unstable"
pull_request:
branches:
- develop
Expand All @@ -16,7 +22,6 @@ on:

env:
IMAGE_TAG: unstable
BASE_IMAGE_TAG: unstable
REGISTRY: "" # Empty means default to Docker Hub
PLATFORMS: "linux/amd64,linux/arm64"
MASTER_BRANCH_TAG: alpha
Expand All @@ -33,20 +38,24 @@ jobs:
if: ${{ github.repository_owner == 'IQSS' }}

steps:
- name: Checkout repository
uses: actions/checkout@v3

- name: Set up JDK
uses: actions/setup-java@v3
- name: Checkout and Setup Maven
uses: IQSS/dataverse/.github/actions/setup-maven@develop
with:
java-version: "17"
distribution: temurin
cache: maven
pom-paths: |
pom.xml
modules/container-configbaker/pom.xml
modules/dataverse-parent/pom.xml

# TODO: Add a filter step here, that avoids building the image if this is a PR and there are other files touched than declared above.
# Use https://github.com/dorny/paths-filter to solve this. This will ensure we do not run this twice if this workflow
# will be triggered by the other workflows already (base image or java changes)
# To become a part of #10618.

- name: Build app and configbaker container image with local architecture and submodules (profile will skip tests)
run: >
mvn -B -f modules/dataverse-parent
-P ct -pl edu.harvard.iq:dataverse -am
$( [[ -n "${{ inputs.base-image-ref }}" ]] && echo "-Dbase.image=${{ inputs.base-image-ref }}" )
install

# TODO: add smoke / integration testing here (add "-Pct -DskipIntegrationTests=false")
Expand Down Expand Up @@ -106,11 +115,13 @@ jobs:
if: needs.check-secrets.outputs.available == 'true' &&
( github.event_name != 'push' || ( github.event_name == 'push' && contains(fromJSON('["develop", "master"]'), github.ref_name)))
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
- name: Checkout and Setup Maven
uses: IQSS/dataverse/.github/actions/setup-maven@develop
with:
java-version: "17"
distribution: temurin
pom-paths: |
pom.xml
modules/container-configbaker/pom.xml
modules/dataverse-parent/pom.xml

# Depending on context, we push to different targets. Login accordingly.
- if: github.event_name != 'pull_request'
Expand Down Expand Up @@ -146,11 +157,13 @@ jobs:
run: >
mvn -B -f modules/dataverse-parent
-P ct -pl edu.harvard.iq:dataverse -am
$( [[ -n "${{ inputs.base-image-ref }}" ]] && echo "-Dbase.image=${{ inputs.base-image-ref }}" )
install
- name: Deploy multi-arch application and configbaker container image
run: >
mvn
-Dapp.image.tag=${{ env.IMAGE_TAG }} -Dbase.image.tag=${{ env.BASE_IMAGE_TAG }}
-Dapp.image.tag=${{ env.IMAGE_TAG }}
$( [[ -n "${{ inputs.base-image-ref }}" ]] && echo "-Dbase.image=${{ inputs.base-image-ref }}" )
${{ env.REGISTRY }} -Ddocker.platforms=${{ env.PLATFORMS }}
-P ct deploy

Expand Down
153 changes: 92 additions & 61 deletions .github/workflows/container_base_push.yml
Original file line number Diff line number Diff line change
@@ -1,99 +1,130 @@
---
name: Base Container Image
name: Container Images Releasing

on:
push:
tags:
- 'v[6-9].**'
branches:
- 'develop'
- 'master'
# "Path filters are not evaluated for pushes of tags" https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#onpushpull_requestpull_request_targetpathspaths-ignore
paths:
- 'modules/container-base/**'
- '!modules/container-base/src/backports/**'
- '!modules/container-base/README.md'
- 'modules/dataverse-parent/pom.xml'
- '.github/workflows/container_base_push.yml'
pull_request:
branches:
- 'develop'
- 'master'
paths:
- 'modules/container-base/**'
- 'modules/dataverse-parent/pom.xml'
- '.github/workflows/container_base_push.yml'
schedule:
- cron: '23 3 * * 0' # Run for 'develop' every Sunday at 03:23 UTC

# These TODOs are left for #10618
# TODO: we are missing a workflow_call option here, so we can trigger this flow from pr comments and maven tests (keep the secrets availability in mind!)
# TODO: we are missing a pull_request option here (filter for stuff that would trigger the maven runs!) so we can trigger preview builds for them when coming from the main repo (keep the secrets availability in mind!)

env:
IMAGE_TAG: unstable
PLATFORMS: linux/amd64,linux/arm64
DEVELOPMENT_BRANCH: develop

jobs:
build:
name: Build image
name: Base Image
runs-on: ubuntu-latest
permissions:
contents: read
packages: read
strategy:
matrix:
jdk: [ '17' ]
# Only run in upstream repo - avoid unnecessary runs in forks
if: ${{ github.repository_owner == 'IQSS' }}
outputs:
base-image-ref: ${{ steps.finalize.outputs.base-image-ref }}

steps:
- name: Checkout repository
uses: actions/checkout@v3

- name: Set up JDK ${{ matrix.jdk }}
uses: actions/setup-java@v3
- name: Checkout and Setup Maven
uses: IQSS/dataverse/.github/actions/setup-maven@develop
with:
java-version: ${{ matrix.jdk }}
distribution: 'adopt'
- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2

- name: Build base container image with local architecture
run: mvn -f modules/container-base -Pct package
pom-paths: modules/container-base/pom.xml

# Run anything below only if this is not a pull request.
# Accessing, pushing tags etc. to DockerHub will only succeed in upstream because secrets.

- if: ${{ github.event_name == 'push' && github.ref_name == 'develop' }}
name: Push description to DockerHub
uses: peter-evans/dockerhub-description@v3
# Note: Accessing, pushing tags etc. to DockerHub will only succeed in upstream and
# on events in context of upstream because secrets. PRs run in context of forks by default!
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
repository: gdcc/base
short-description: "Dataverse Base Container image providing Payara application server and optimized configuration"
readme-filepath: ./modules/container-base/README.md

- if: ${{ github.event_name != 'pull_request' }}
name: Log in to the Container registry
uses: docker/login-action@v2
# In case this is a push to develop, we care about buildtime.
# Configure a remote ARM64 build host in addition to the local AMD64 in two steps.
- name: Setup SSH agent
if: ${{ github.event_name != 'schedule' }}
uses: webfactory/[email protected]
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- if: ${{ github.event_name != 'pull_request' }}
name: Set up QEMU for multi-arch builds
uses: docker/setup-qemu-action@v2
- name: Re-set image tag based on branch
if: ${{ github.ref_name == 'master' }}
run: echo "IMAGE_TAG=alpha" >> $GITHUB_ENV
- if: ${{ github.event_name != 'pull_request' }}
name: Deploy multi-arch base container image to Docker Hub
run: mvn -f modules/container-base -Pct deploy -Dbase.image.tag=${{ env.IMAGE_TAG }} -Ddocker.platforms=${{ env.PLATFORMS }}
ssh-private-key: ${{ secrets.BUILDER_ARM64_SSH_PRIVATE_KEY }}
- name: Provide the known hosts key and the builder config
if: ${{ github.event_name != 'schedule' }}
run: |
echo "${{ secrets.BUILDER_ARM64_SSH_HOST_KEY }}" > ~/.ssh/known_hosts
mkdir -p modules/container-base/target/buildx-state/buildx/instances
cat > modules/container-base/target/buildx-state/buildx/instances/maven << EOF
{ "Name": "maven",
"Driver": "docker-container",
"Dynamic": false,
"Nodes": [{"Name": "maven0",
"Endpoint": "unix:///var/run/docker.sock",
"Platforms": [{"os": "linux", "architecture": "amd64"}],
"DriverOpts": null,
"Flags": ["--allow-insecure-entitlement=network.host"],
"Files": null},
{"Name": "maven1",
"Endpoint": "ssh://${{ secrets.BUILDER_ARM64_SSH_CONNECTION }}",
"Platforms": [{"os": "linux", "architecture": "arm64"}],
"DriverOpts": null,
"Flags": ["--allow-insecure-entitlement=network.host"],
"Files": null}]}
EOF

# Determine the base image name we are going to use from here on
- name: Determine base image name
run: |
if [[ "${{ github.ref_name }}" = "${{ env.DEVELOPMENT_BRANCH }}" ]]; then
echo "BASE_IMAGE=$( mvn initialize help:evaluate -Pct -f modules/container-base -Dexpression=base.image -q -DforceStdout )" | tee -a "${GITHUB_ENV}"
echo "BASE_IMAGE_UPCOMING=$( mvn initialize help:evaluate -Pct -f modules/container-base -Dexpression=base.image -Dbase.image.tag.suffix="" -q -DforceStdout )" | tee -a "${GITHUB_ENV}"
else
echo "BASE_IMAGE=$( mvn initialize help:evaluate -Pct -f modules/container-base -Dexpression=base.image -Dbase.image.tag.suffix="" -q -DforceStdout )" | tee -a "${GITHUB_ENV}"
fi
- name: Calculate revision number for immutable tag (on release branches only)
if: ${{ github.ref_name != env.DEVELOPMENT_BRANCH }}
id: revision-tag
uses: ./.github/actions/get-image-revision
with:
image-ref: ${{ env.BASE_IMAGE }}
tag-options-prefix: "-Dbase.image.tag.suffix='' -Ddocker.tags.revision="
- name: Configure update of "latest" tag for development branch
id: develop-tag
if: ${{ github.ref_name == env.DEVELOPMENT_BRANCH }}
run: |
echo "tag-options=-Ddocker.tags.develop=unstable -Ddocker.tags.upcoming=${BASE_IMAGE_UPCOMING#*:}" | tee -a "${GITHUB_OUTPUT}"

- name: Deploy multi-arch base container image to Docker Hub
id: build
run: |
mvn -f modules/container-base -Pct deploy -Ddocker.noCache -Ddocker.platforms=${{ env.PLATFORMS }} \
-Ddocker.imagePropertyConfiguration=override ${{ steps.develop-tag.outputs.tag-options }} ${{ steps.revision-tag.outputs.tag-options }}

- name: Determine appropriate base image ref for app image
id: finalize
run: |
if [[ "${{ github.ref_name }}" = "${{ env.DEVELOPMENT_BRANCH }}" ]]; then
echo "base-image-ref=${BASE_IMAGE_UPCOMING}" | tee -a "$GITHUB_OUTPUT"
else
echo "base-image-ref=gdcc/base:${{ steps.revision-tag.outputs.revision-tag }}" | tee -a "$GITHUB_OUTPUT"
fi

push-app-img:
name: "Rebase & Publish App Image"
permissions:
contents: read
packages: write
pull-requests: write
needs: build
# We do not release a new base image for pull requests, so do not trigger.
if: ${{ github.event_name != 'pull_request' }}
uses: ./.github/workflows/container_app_push.yml
secrets: inherit
needs:
- build
uses: ./.github/workflows/container_app_push.yml
with:
base-image-ref: ${{ needs.build.outputs.base-image-ref }}
Loading
Loading