Skip to content

Commit

Permalink
Merge pull request #431 from rabbitmq/fixup-oci-workflow
Browse files Browse the repository at this point in the history 
Update the OCI workflow
  • Loading branch information
@HoloRin
HoloRin authored Apr 22, 2024
2 parents 001c723 + cf1782d commit 7c40c43
Showing 1 changed file with 150 additions and 128 deletions.
278 changes: 150 additions & 128 deletions .github/workflows/rabbitmq-oci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,155 +7,177 @@ on:
rabbitmq_ref:
description: The branch, tag or commit of rabbitmq-server to use
default: main
env:
REGISTRY_IMAGE: pivotalrabbitmq/rabbitmq
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
build-publish-dev:
build-package-generic-unix:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- image_tag_suffix: otp-max-bazel
otp_version_id: 26_1
outputs:
TAG_1: ${{ steps.tags.outputs.TAG_1 }}
TAG_2: ${{ steps.tags.outputs.TAG_2 }}
TAG_3: ${{ steps.tags.outputs.TAG_3 }}
TAG_4: ${{ steps.tags.outputs.TAG_4 }}
steps:
- name: Checkout Ra
uses: actions/checkout@v3
with:
path: ra

- name: Inject the git sha as the ra version
working-directory: ra
run: |
sed -i"_orig" "/vsn,/ s/2\\.[0-9]\\.[0-9]/${{ github.event.pull_request.head.sha || github.sha }}/" src/ra.app.src
- name: Checkout RabbitMQ
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: rabbitmq/rabbitmq-server
ref: ${{ github.event.inputs.rabbitmq_ref }}
path: rabbitmq-server

- name: Load RabbitMQ Version Info
id: load-rabbitmq-info
working-directory: rabbitmq-server
- name: Checkout Ra
uses: actions/checkout@v4
with:
path: deps/ra
- name: Patch Ra version
working-directory: deps/ra
run: |
echo "RABBITMQ_SHA=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
echo "RABBITMQ_REF=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_OUTPUT
- name: Mount Bazel Cache
uses: actions/cache@v1
sed -i"_orig" "/vsn,/ s/2\\.[0-9]\\.[0-9]/${{ github.event.pull_request.head.sha || github.sha }}/" src/ra.app.src
- name: Configure Erlang
uses: erlef/setup-beam@v1
with:
path: "/home/runner/repo-cache/"
key: repo-cache

- name: Configure Bazel
working-directory: rabbitmq-server
otp-version: 26.2
elixir-version: 1.15
- name: make package-generic-unix
run: |
if [ -n "${{ secrets.BUILDBUDDY_API_KEY }}" ]; then
cat << EOF >> user.bazelrc
build:buildbuddy --remote_header=x-buildbuddy-api-key=${{ secrets.BUILDBUDDY_API_KEY }}
EOF
fi
cat << EOF >> user.bazelrc
build:buildbuddy --build_metadata=ROLE=CI
build:buildbuddy --build_metadata=VISIBILITY=PRIVATE
build:buildbuddy --repository_cache=/home/runner/repo-cache/
build:buildbuddy --color=yes
build:buildbuddy --disk_cache=
build:buildbuddy --remote_download_toplevel
build --@io_bazel_rules_docker//transitions:enable=false
EOF
- name: Check OTP/Elixir versions used in RBE
id: load-info
working-directory: rabbitmq-server
make package-generic-unix
- name: Upload package-generic-unix
uses: actions/[email protected]
with:
name: package-generic-unix
path: PACKAGES/rabbitmq-server-*.tar.xz
- name: Compute Tags
id: tags
run: |
bazelisk build :otp_version :elixir_version \
--config=rbe \
--platforms=//bazel/platforms:erlang_linux_${{ matrix.otp_version_id }}_platform
echo "otp=$(cat bazel-bin/otp_version.txt)" >> $GITHUB_OUTPUT
echo "elixir=$(cat bazel-bin/elixir_version.txt)" >> $GITHUB_OUTPUT
OTP="$(erl -eval '{ok, Version} = file:read_file(filename:join([code:root_dir(), "releases", erlang:system_info(otp_release), "OTP_VERSION"])), io:fwrite(Version), halt().' -noshell)"
- name: Configure OTP & Elixir
uses: erlef/[email protected]
with:
otp-version: ${{ steps.load-info.outputs.otp }}
elixir-version: ${{ steps.load-info.outputs.elixir }}
RABBIT_SHA=$(git rev-parse HEAD)
RABBIT_REF=$(git rev-parse --abbrev-ref HEAD)
- name: Configure the ra override for this ra
working-directory: rabbitmq-server
run: |
cat << EOF >> user.bazelrc
build --override_module rabbitmq_ra=${{ github.workspace }}/ra
EOF
RA_SHA=${{ github.event.pull_request.head.sha || github.sha }}
RA_ABBREV=ra-${RA_SHA:0:7}
- name: Configure otp for the OCI image
working-directory: rabbitmq-server
run: |
sudo npm install --global --silent @bazel/buildozer
TAG_1=rabbitmq-${RABBIT_REF}-${RA_ABBREV}-${OTP}
TAG_2=rabbitmq-${RABBIT_REF}-${RA_ABBREV}-otp-max-bazel
TAG_3=rabbitmq-${RABBIT_SHA:0:7}-${RA_ABBREV}-${OTP}
TAG_4=rabbitmq-${RABBIT_SHA:0:7}-${RA_ABBREV}-otp-max-bazel
buildozer 'set tars ["@otp_src_${{ matrix.otp_version_id }}//file"]' \
//packaging/docker-image:otp_source
echo "TAG_1=$TAG_1" | tee -a $GITHUB_OUTPUT
echo "TAG_2=$TAG_2" | tee -a $GITHUB_OUTPUT
echo "TAG_3=$TAG_3" | tee -a $GITHUB_OUTPUT
echo "TAG_4=$TAG_4" | tee -a $GITHUB_OUTPUT
- name: Build
working-directory: rabbitmq-server
build:
needs: build-package-generic-unix
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
platform:
- linux/amd64
- linux/arm64
steps:
- name: Prepare
run: |
bazelisk build //packaging/docker-image:rabbitmq \
--config=buildbuddy
- name: Load
working-directory: rabbitmq-server
platform=${{ matrix.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v4
with:
repository: rabbitmq/rabbitmq-server
ref: ${{ github.event.inputs.rabbitmq_ref }}
- name: Download package-generic-unix
uses: actions/download-artifact@v4
with:
name: package-generic-unix
path: PACKAGES
- name: Rename package-generic-unix
run: |
bazelisk run //packaging/docker-image:rabbitmq \
--config=buildbuddy
- name: Check for Push Credentials
id: authorized
cp \
PACKAGES/rabbitmq-server-generic-unix-*.tar.xz \
packaging/docker-image/package-generic-unix.tar.xz
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY_IMAGE }}
tags: |
type=raw,value=${{ needs.build-package-generic-unix.outputs.TAG_1 }}
type=raw,value=${{ needs.build-package-generic-unix.outputs.TAG_2 }}
type=raw,value=${{ needs.build-package-generic-unix.outputs.TAG_3 }}
type=raw,value=${{ needs.build-package-generic-unix.outputs.TAG_4 }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Build and push by digest
id: build
uses: docker/build-push-action@v5
with:
context: packaging/docker-image
platforms: ${{ matrix.platform }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=registry,ref=ghcr.io/rabbitmq/rabbitmq:buildcache-${{ env.PLATFORM_PAIR }}
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
- name: Export digest
run: |
if [ -n "${{ secrets.DOCKERHUB_USERNAME }}" ]; then
echo "PUSH=true" >> $GITHUB_OUTPUT
else
echo "PUSH=false" >> $GITHUB_OUTPUT
fi
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1

- name: Login to DockerHub
if: steps.authorized.outputs.PUSH == 'true'
uses: docker/login-action@v1
merge:
runs-on: ubuntu-latest
needs:
- build-package-generic-unix
- build
steps:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY_IMAGE }}
tags: |
type=raw,value=${{ needs.build-package-generic-unix.outputs.TAG_1 }}
type=raw,value=${{ needs.build-package-generic-unix.outputs.TAG_2 }}
type=raw,value=${{ needs.build-package-generic-unix.outputs.TAG_3 }}
type=raw,value=${{ needs.build-package-generic-unix.outputs.TAG_4 }}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}

- name: Tag and Push
if: steps.authorized.outputs.PUSH == 'true'
working-directory: rabbitmq-server
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
RABBIT_REF=${{ steps.load-rabbitmq-info.outputs.RABBITMQ_REF }}
RABBIT_SHA=${{ steps.load-rabbitmq-info.outputs.RABBITMQ_SHA }}
RA_SHA=${{ github.event.pull_request.head.sha || github.sha }}
RA_ABBREV=ra-${RA_SHA:0:7}
TAG_1=rabbitmq-${RABBIT_REF}-${RA_ABBREV}-${{ steps.load-info.outputs.otp }}
TAG_2=rabbitmq-${RABBIT_REF}-${RA_ABBREV}-${{ matrix.image_tag_suffix }}
TAG_3=rabbitmq-${RABBIT_SHA:0:7}-${RA_ABBREV}-${{ steps.load-info.outputs.otp }}
TAG_4=rabbitmq-${RABBIT_SHA:0:7}-${RA_ABBREV}-${{ matrix.image_tag_suffix }}
echo "Will tag with ${TAG_1}"
echo "Will tag with ${TAG_2}"
echo "Will tag with ${TAG_3}"
echo "Will tag with ${TAG_4}"
docker tag bazel/packaging/docker-image:rabbitmq \
pivotalrabbitmq/rabbitmq:${TAG_1}
docker tag bazel/packaging/docker-image:rabbitmq \
pivotalrabbitmq/rabbitmq:${TAG_2}
docker tag bazel/packaging/docker-image:rabbitmq \
pivotalrabbitmq/rabbitmq:${TAG_3}
docker tag bazel/packaging/docker-image:rabbitmq \
pivotalrabbitmq/rabbitmq:${TAG_4}
docker push pivotalrabbitmq/rabbitmq:${TAG_1}
docker push pivotalrabbitmq/rabbitmq:${TAG_2}
docker push pivotalrabbitmq/rabbitmq:${TAG_3}
docker push pivotalrabbitmq/rabbitmq:${TAG_4}
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
- name: Inspect image
run: |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}

0 comments on commit 7c40c43

Please sign in to comment.