Use remote setup-docker action with arm64/v8 support (#1122)

* Use remote setup-docker action with arm64/v8 support * Pass secrets to imported action * Revert "Pass secrets to imported action" This reverts commit 4e0b773. * Inherit secrets * Inherit secrets * Make all services use common action * Fix docker context path
blockscout · Nov 15, 2024 · cd4916e · cd4916e
1 parent 119090c
commit cd4916e
Show file tree

Hide file tree

Showing 14 changed files with 77 additions and 110 deletions.
diff --git a/.github/workflows/_docker-build-push.yml b/.github/workflows/_docker-build-push.yml
@@ -16,6 +16,17 @@ on:
       service-name:
         required: true
         type: string
+      docker-context-path:
+        required: false
+        type: string
+      dockerfile-path:
+        required: false
+        type: string
+    secrets:
+      ARM_RUNNER_HOSTNAME:
+        required: true
+      ARM_RUNNER_KEY:
+        required: true
     outputs:
       tag-value:
         description: 'A semver compatible version retrieved from the tag'
@@ -46,33 +57,35 @@ jobs:
           m=${{ steps.regex.outputs.group4 }}
           (if ! [[ "$t" == "" ]]; then echo tags=${{ env.IMAGE_NAME }}:$t, ${{ env.IMAGE_NAME }}:latest; elif ! [[ "$m" == "" ]]; then echo tags=${{ env.IMAGE_NAME }}:$m; else echo tags=; fi) >> $GITHUB_OUTPUT
 
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ inputs.registry }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
       - name: Extract metadata for Docker
         id: meta
         uses: docker/metadata-action@v5
         with:
           images: ${{ env.IMAGE_NAME }}
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+      - name: Setup repo
+        uses: blockscout/blockscout-ci-cd/.github/actions/setup-multiarch-buildx@master
+        id: setup
+        with:
+          docker-image: ${{ env.IMAGE_NAME }}
+          docker-username: ${{ github.actor }}
+          docker-password: ${{ secrets.GITHUB_TOKEN }}
+          docker-remote-multi-platform: true
+          docker-arm-host: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+          docker-arm-host-key: ${{ secrets.ARM_RUNNER_KEY }}
+
       - name: Build and push
         uses: docker/build-push-action@v6
         with:
-          context: ${{ inputs.service-name }}
-          file: '${{ inputs.service-name }}/Dockerfile'
+          context: ${{ inputs.docker-context-path || format('{0}/', inputs.service-name) }}
+          file: ${{ inputs.dockerfile-path || format('{0}/Dockerfile', inputs.service-name) }}
           build-contexts: |
             proto=proto
           push: ${{ steps.tags_extractor.outputs.tags != '' }}
           tags: ${{ steps.tags_extractor.outputs.tags }}
-          # platforms: |
-          #   linux/amd64
-          #   linux/arm64/v8
-          labels: ${{ steps.meta.outputs.labels }}
+          platforms: |
+            linux/amd64
+            linux/arm64/v8
+          labels: ${{ steps.setup.outputs.docker-labels }}
           cache-from: type=registry,ref=${{ env.IMAGE_NAME }}:build-cache
           cache-to: ${{ github.ref == 'refs/heads/main' && format('type=registry,ref={0}:build-cache,mode=max', env.IMAGE_NAME) || '' }}
diff --git a/.github/workflows/bens.yml b/.github/workflows/bens.yml
@@ -122,64 +122,21 @@ jobs:
       always() &&
       (needs.test.result == 'success' || needs.test.result == 'cancelled') &&
       (needs.lint.result == 'success' || needs.lint.result == 'cancelled')
-    timeout-minutes: 60
-    runs-on: ubuntu-latest
-    outputs:
-      semver: ${{ steps.regex.outputs.group2 }}
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - uses: actions-ecosystem/action-regex-match@v2
-        id: regex
-        with:
-          text: ${{ github.ref }}
-          regex: '^(refs\/tags\/bens\/(v\d+\.\d+\.\d+))|(refs\/heads\/(main))$'
-
-      - name: Extract tag name
-        id: tags_extractor
-        run: |
-          t=${{ steps.regex.outputs.group2 }}
-          m=${{ steps.regex.outputs.group4 }}
-          (if ! [[ "$t" == "" ]]; then echo tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:$t, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest; elif ! [[ "$m" == "" ]]; then echo tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:$m; else echo tags=; fi) >> $GITHUB_OUTPUT
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata for Docker
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Build and push
-        uses: docker/build-push-action@v5
-        with:
-          context: "blockscout-ens"
-          file: "blockscout-ens/Dockerfile"
-          build-contexts: |
-            proto=proto
-          push: ${{ steps.tags_extractor.outputs.tags != '' }}
-          tags: ${{ steps.tags_extractor.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build-cache
-          cache-to: ${{ github.ref == 'refs/heads/main' && format('type=registry,ref={0}/{1}:build-cache,mode=max', env.REGISTRY, env.IMAGE_NAME) || '' }}
+    uses: ./.github/workflows/_docker-build-push.yml
+    with:
+      service-name: blockscout-ens
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
   publish_types_package:
     name: Publish types package
     uses: './.github/workflows/npm-publisher.yml'
     needs: push
-    if: needs.push.outputs.semver != ''
+    if: needs.push.outputs.tag-value != ''
     secrets: inherit
     with:
-      version: ${{ needs.push.outputs.semver }}
+      version: ${{ needs.push.outputs.tag-value }}
       project_name: blockscout-ens
 
   push-swagger:

diff --git a/.github/workflows/da-indexer.yml b/.github/workflows/da-indexer.yml
@@ -83,6 +83,9 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: da-indexer
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
   push-swagger:
     if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags'))

diff --git a/.github/workflows/eth-bytecode-db.yml b/.github/workflows/eth-bytecode-db.yml
@@ -95,6 +95,9 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: eth-bytecode-db
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
   push-swagger:
     if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags'))

diff --git a/.github/workflows/multichain-aggregator.yml b/.github/workflows/multichain-aggregator.yml
@@ -78,6 +78,9 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: multichain-aggregator
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
   push-swagger:
     if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags'))

diff --git a/.github/workflows/multichain-search.yml b/.github/workflows/multichain-search.yml
@@ -96,47 +96,11 @@ jobs:
       always() &&
       (needs.test.result == 'success' || needs.test.result == 'cancelled') &&
       (needs.lint.result == 'success' || needs.lint.result == 'cancelled')
-    timeout-minutes: 30
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - uses: actions-ecosystem/action-regex-match@v2
-        id: regex
-        with:
-          text: ${{ github.ref }}
-          regex: '^(refs\/tags\/multichain-search\/(v\d+\.\d+\.\d+))|(refs\/heads\/(main))$'
-
-      - name: Extract tag name
-        id: tags_extractor
-        run: |
-          t=${{ steps.regex.outputs.group2 }}
-          m=${{ steps.regex.outputs.group4 }}
-          (if ! [[ "$t" == "" ]]; then echo tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:$t, ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest; elif ! [[ "$m" == "" ]]; then echo tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:$m; else echo tags=; fi) >> $GITHUB_OUTPUT
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata for Docker
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-      - name: Build and push
-        uses: docker/build-push-action@v5
-        with:
-          context: "multichain-search/backend"
-          file: "multichain-search/backend/Dockerfile"
-          push: ${{ steps.tags_extractor.outputs.tags != '' }}
-          tags: ${{ steps.tags_extractor.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:build-cache
-          cache-to: ${{ github.ref == 'refs/heads/main' && format('type=registry,ref={0}/{1}:build-cache,mode=max', env.REGISTRY, env.IMAGE_NAME) || '' }}
+    uses: ./.github/workflows/_docker-build-push.yml
+    with:
+      service-name: multichain-search
+      docker-context-path: "multichain-search/backend"
+      dockerfile-path: "multichain-search/backend/Dockerfile"
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
diff --git a/.github/workflows/proxy-verifier.yml b/.github/workflows/proxy-verifier.yml
@@ -65,6 +65,9 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: proxy-verifier
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
   push-swagger:
     if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags'))

diff --git a/.github/workflows/sig-provider.yml b/.github/workflows/sig-provider.yml
@@ -65,6 +65,9 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: sig-provider
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
 
   push-swagger:

diff --git a/.github/workflows/smart-contract-verifier.yml b/.github/workflows/smart-contract-verifier.yml
@@ -65,6 +65,9 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: smart-contract-verifier
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
   push-swagger:
     if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags'))

diff --git a/.github/workflows/smart-guessr.yml b/.github/workflows/smart-guessr.yml
@@ -48,3 +48,6 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: smart-guessr
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
diff --git a/.github/workflows/stats.yml b/.github/workflows/stats.yml
@@ -89,6 +89,9 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: stats
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
   publish_types_package:
     name: Publish types package

diff --git a/.github/workflows/stylus-verifier.yml b/.github/workflows/stylus-verifier.yml
@@ -65,3 +65,6 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: stylus-verifier
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
diff --git a/.github/workflows/user-ops-indexer.yml b/.github/workflows/user-ops-indexer.yml
@@ -81,6 +81,9 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: user-ops-indexer
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
   push-swagger:
     if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags'))

diff --git a/.github/workflows/visualizer.yml b/.github/workflows/visualizer.yml
@@ -74,6 +74,9 @@ jobs:
     uses: ./.github/workflows/_docker-build-push.yml
     with:
       service-name: visualizer
+    secrets:
+      ARM_RUNNER_HOSTNAME: ${{ secrets.ARM_RUNNER_HOSTNAME }}
+      ARM_RUNNER_KEY: ${{ secrets.ARM_RUNNER_KEY }}
 
   publish_types_package:
     name: Publish types package