From f4973641fcf6f575f7b943ec7030b72b3d4a58f1 Mon Sep 17 00:00:00 2001 From: jaensen Date: Wed, 18 Jan 2023 02:24:56 +0100 Subject: [PATCH 1/3] add a dockerfile and github workflow to build it --- .github/workflows/build-and-push.yml | 88 ++++++++++++++++++++++++++++ .github/workflows/dev.yml | 17 ++++++ Dockerfile | 15 +++++ 3 files changed, 120 insertions(+) create mode 100644 .github/workflows/build-and-push.yml create mode 100644 .github/workflows/dev.yml create mode 100644 Dockerfile diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml new file mode 100644 index 0000000..b5390bb --- /dev/null +++ b/.github/workflows/build-and-push.yml @@ -0,0 +1,88 @@ +name: Build and push image from ref + +on: + workflow_call: + inputs: + ref: + description: "A ref from this repository, CirclesUBI/pathfinder2" + required: true + type: string + image: + description: "The desired name of the image to build" + default: 'pathfinder2' + required: false + type: string + workflow_dispatch: + inputs: + ref: + description: "A ref from this repository, CirclesUBI/pathfinder2" + required: true + type: string + image: + description: "The desired name of the image to build" + default: 'pathfinder2' + required: false + type: string + +jobs: + + build-and-push-image: + + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + + steps: + + - + name: Checkout repository + uses: actions/checkout@v3 + with: + ref: ${{ inputs.ref }} + + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - + name: Docker meta + id: meta + uses: docker/metadata-action@v4 + with: + images: | + ${{ vars.GC_REGISTRY }}/${{ vars.GC_PROJECT_ID }}/${{ inputs.image }} + labels: | + org.opencontainers.image.title=${{ inputs.image }} + org.opencontainers.image.vendor=CirclesUBI + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=semver,pattern={{version}} + {{ tag }} + {{ base_ref }} + {{ branch }} + type=sha,prefix={{branch}}- + {{ sha }} + + - + name: Authenticate to Google Cloud + id: auth + uses: google-github-actions/auth@v1 + with: + workload_identity_provider: "${{ vars.GC_WLI_PROVIDER }}" + service_account: "${{ vars.GC_WLI_SA }}" + token_format: 'access_token' + + - + name: Login to Container Registry + uses: docker/login-action@v2 + with: + registry: ${{ vars.GC_REGISTRY }} + username: 'oauth2accesstoken' + password: '${{ steps.auth.outputs.access_token }}' + + - name: Build and push Docker image + uses: docker/build-push-action@v3 + with: + push: true + tags: ${{ steps.meta.outputs.tags }} diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml new file mode 100644 index 0000000..9d62173 --- /dev/null +++ b/.github/workflows/dev.yml @@ -0,0 +1,17 @@ +name: Build and push the dev image + +on: + push: + branches: [ feature/dockerfile ] + +jobs: + call-build-and-push: + name: Trigger container build and push + permissions: + contents: read + id-token: write + uses: ./.github/workflows/build-and-push.yml + with: + ref: "${{ github.ref }}" + image: "pathfinder2" + secrets: inherit diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..0ab8283 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,15 @@ +FROM rust:latest AS build + +WORKDIR /build +COPY . . + +RUN cargo install --path . +RUN cargo build --release + +FROM rust AS app + +WORKDIR /app +COPY --from=build /build/target/release . +RUN chmod +x ./server + +ENTRYPOINT ["./server"] From 822974137040c7e71ba2c6a1339405737d510127 Mon Sep 17 00:00:00 2001 From: Jon Richter Date: Thu, 19 Jan 2023 00:41:16 +0100 Subject: [PATCH 2/3] ci : add Docker Hub and GitHub Packages registries --- .github/workflows/build-and-push.yml | 37 ++++++++++++++++++---------- .github/workflows/dev.yml | 4 +-- 2 files changed, 25 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml index b5390bb..1143006 100644 --- a/.github/workflows/build-and-push.yml +++ b/.github/workflows/build-and-push.yml @@ -1,12 +1,8 @@ -name: Build and push image from ref +name: Build and push image on: workflow_call: inputs: - ref: - description: "A ref from this repository, CirclesUBI/pathfinder2" - required: true - type: string image: description: "The desired name of the image to build" default: 'pathfinder2' @@ -14,10 +10,6 @@ on: type: string workflow_dispatch: inputs: - ref: - description: "A ref from this repository, CirclesUBI/pathfinder2" - required: true - type: string image: description: "The desired name of the image to build" default: 'pathfinder2' @@ -32,14 +24,13 @@ jobs: permissions: contents: read id-token: write + packages: write steps: - name: Checkout repository uses: actions/checkout@v3 - with: - ref: ${{ inputs.ref }} - name: Set up Docker Buildx @@ -52,6 +43,8 @@ jobs: with: images: | ${{ vars.GC_REGISTRY }}/${{ vars.GC_PROJECT_ID }}/${{ inputs.image }} + docker.io/${{ vars.DH_ORGANIZATION }}/${{ inputs.image }} + ghcr.io/${{ github.repository_owner }}/${{ inputs.image }} labels: | org.opencontainers.image.title=${{ inputs.image }} org.opencontainers.image.vendor=CirclesUBI @@ -74,15 +67,33 @@ jobs: token_format: 'access_token' - - name: Login to Container Registry + name: Login to Google Cloud Container Registry uses: docker/login-action@v2 with: registry: ${{ vars.GC_REGISTRY }} username: 'oauth2accesstoken' password: '${{ steps.auth.outputs.access_token }}' - - name: Build and push Docker image + - + name: Login to Docker Hub Registry + uses: docker/login-action@v2 + with: + registry: docker.io + username: ${{ vars.DH_USERNAME }} + password: ${{ secrets.DH_TOKEN }} + + - + name: Login to GitHub Packages Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - + name: Build and push Container image uses: docker/build-push-action@v3 with: push: true tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index 9d62173..d961675 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -10,8 +10,6 @@ jobs: permissions: contents: read id-token: write + packages: write uses: ./.github/workflows/build-and-push.yml - with: - ref: "${{ github.ref }}" - image: "pathfinder2" secrets: inherit From eeee335c8f1b55dc4d6f5be40360352bc3e35e78 Mon Sep 17 00:00:00 2001 From: Jon Richter Date: Thu, 19 Jan 2023 00:49:06 +0100 Subject: [PATCH 3/3] upd(ci): downgrade buildkit Resolves errors upstream, see: - https://github.com/docker/build-push-action/issues/761#issuecomment-1383822381 - https://github.com/moby/buildkit/issues/3347#issuecomment-1381855209 --- .github/workflows/build-and-push.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml index 1143006..fff9d39 100644 --- a/.github/workflows/build-and-push.yml +++ b/.github/workflows/build-and-push.yml @@ -35,6 +35,9 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 + with: + driver-opts: | + image=moby/buildkit:v0.10.6 - name: Docker meta