-
Notifications
You must be signed in to change notification settings - Fork 5.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial docker image creation workflows.
- Loading branch information
Showing
18 changed files
with
201 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
name: buildpack-deps | ||
|
||
on: | ||
pull_request: | ||
branches: [ develop ] | ||
paths: | ||
- 'scripts/docker/buildpack-deps/Dockerfile.emscripten' | ||
- 'scripts/docker/buildpack-deps/Dockerfile.ubuntu1604.clang.ossfuzz' | ||
- 'scripts/docker/buildpack-deps/Dockerfile.ubuntu1804' | ||
- 'scripts/docker/buildpack-deps/Dockerfile.ubuntu2004.clang' | ||
- 'scripts/docker/buildpack-deps/Dockerfile.ubuntu2004' | ||
|
||
jobs: | ||
buildpack-deps: | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
DOCKER_REPOSITORY: docker.pkg.github.com/${{ github.repository }} | ||
IMAGE_NAME: buildpack-deps | ||
|
||
runs-on: ubuntu-latest | ||
|
||
strategy: | ||
fail-fast: false | ||
matrix: | ||
image_variant: [emscripten, ubuntu1604.clang.ossfuzz, ubuntu1804, ubuntu2004.clang, ubuntu2004] | ||
|
||
steps: | ||
- uses: actions/checkout@v2 | ||
with: | ||
fetch-depth: 0 | ||
|
||
- name: Upgrade ${{ env.IMAGE_NAME }}-${{ matrix.image_variant }} | ||
run: | | ||
echo "${GITHUB_TOKEN}" | docker login docker.pkg.github.com -u "${GITHUB_ACTOR}" --password-stdin | ||
scripts/ci/docker_upgrade.sh ${{ env.IMAGE_NAME }} ${{ matrix.image_variant }} ${{ env.DOCKER_REPOSITORY }} | ||
docker logout docker.pkg.github.com | ||
- name: comment PR | ||
if: "env.DOCKER_IMAGE" | ||
uses: aarlt/[email protected] | ||
with: | ||
msg: "`${{ env.DOCKER_IMAGE }} ${{ env.DOCKER_REPO_DIGEST }}`." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -32,7 +32,7 @@ prerelease.txt | |
|
||
# Build directory | ||
build/ | ||
build*/ | ||
/build*/ | ||
emscripten_build/ | ||
docs/_build | ||
__pycache__ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
#!/usr/bin/env bash | ||
set -ex | ||
|
||
ROOTDIR="$(dirname "$0")/../.." | ||
cd "${ROOTDIR}" | ||
|
||
# shellcheck disable=SC2166 | ||
if [ "$CIRCLE_BRANCH" = release -o -n "$CIRCLE_TAG" -o -n "$FORCE_RELEASE" ]; then echo -n >prerelease.txt; else date -u +"nightly.%Y.%-m.%-d" >prerelease.txt; fi | ||
if [ -n "$CIRCLE_SHA1" ] | ||
then | ||
echo -n "$CIRCLE_SHA1" >commit_hash.txt | ||
fi | ||
|
||
mkdir -p build | ||
cd build | ||
|
||
# shellcheck disable=SC2166 | ||
[ -n "$COVERAGE" -a "$CIRCLE_BRANCH" != release -a -z "$CIRCLE_TAG" ] && CMAKE_OPTIONS="$CMAKE_OPTIONS -DCOVERAGE=ON" | ||
|
||
# shellcheck disable=SC2086 | ||
cmake .. -DCMAKE_BUILD_TYPE="${CMAKE_BUILD_TYPE:-Release}" $CMAKE_OPTIONS -G "Unix Makefiles" | ||
|
||
make -j 4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
#!/usr/bin/env bash | ||
set -e | ||
|
||
ROOTDIR="$(dirname "$0")/../.." | ||
BUILDDIR="${ROOTDIR}/build" | ||
|
||
mkdir -p "${BUILDDIR}" | ||
cd "${BUILDDIR}" | ||
|
||
protoc --proto_path=../test/tools/ossfuzz yulProto.proto --cpp_out=../test/tools/ossfuzz | ||
protoc --proto_path=../test/tools/ossfuzz abiV2Proto.proto --cpp_out=../test/tools/ossfuzz | ||
protoc --proto_path=../test/tools/ossfuzz solProto.proto --cpp_out=../test/tools/ossfuzz | ||
cmake .. -DCMAKE_BUILD_TYPE="${CMAKE_BUILD_TYPE:-Release}" -DCMAKE_TOOLCHAIN_FILE=../cmake/toolchains/libfuzzer.cmake | ||
|
||
make ossfuzz ossfuzz_proto ossfuzz_abiv2 -j 4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../scripts/travis-emscripten/build_emscripten.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
build_ossfuzz.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
build.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
build.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
build.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
#!/usr/bin/env bash | ||
set -e | ||
|
||
function error() { | ||
echo >&2 "ERROR: ${1} Aborting." && false | ||
} | ||
|
||
function warning() { | ||
echo >&2 "WARNING: ${1}" | ||
} | ||
|
||
[[ $# == 3 ]] || error "Expected exactly 3 parameters: '${0} <IMAGE_NAME> <IMAGE_VARIANT> <DOCKER_REPOSITORY>'." | ||
|
||
IMAGE_NAME="${1}" | ||
IMAGE_VARIANT="${2}" | ||
DOCKER_REPOSITORY="${3}" | ||
DOCKERFILE="scripts/docker/${IMAGE_NAME}/Dockerfile.${IMAGE_VARIANT}" | ||
|
||
echo "-- check_dockerfile_was_changed" | ||
|
||
# exit, if the dockerfile was not changed. | ||
if git diff --quiet origin/develop HEAD -- "${DOCKERFILE}"; then | ||
echo "${DOCKERFILE} was not changed. Nothing to do." | ||
exit 0 | ||
fi | ||
|
||
echo "-- check_version" | ||
|
||
PREV_VERSION=$(git diff origin/develop HEAD -- "${DOCKERFILE}" | grep -e '^\s*-LABEL\s\+version=".*"\s*$' | awk -F'"' '{ print $2 }') | ||
NEXT_VERSION=$(git diff origin/develop HEAD -- "${DOCKERFILE}" | grep -e '^\s*+LABEL\s\+version=".*"\s*$' | awk -F'"' '{ print $2 }') | ||
|
||
[[ $NEXT_VERSION != "" ]] || error "No version label defined in Dockerfile. You may need to add 'LABEL version' in '${DOCKERFILE}'." | ||
|
||
[[ $PREV_VERSION != "" ]] || { | ||
warning "no previous version found. Will set \$PREV_VERSION = 0." | ||
PREV_VERSION=0 | ||
} | ||
|
||
if [[ $((PREV_VERSION + 1)) != $((NEXT_VERSION)) ]]; then | ||
error "Version label in Dockerfile was not incremented. You may need to change 'LABEL version' in '${DOCKERFILE}'." | ||
fi | ||
|
||
echo "-- build_docker" | ||
|
||
# This is a workaround: we run `docker build` twice to prevent the `layer does not exist` problem. | ||
# See https://github.com/moby/moby/issues/37965. | ||
docker build "scripts/docker/${IMAGE_NAME}" --file "scripts/docker/${IMAGE_NAME}/Dockerfile.${IMAGE_VARIANT}" --tag "${IMAGE_NAME}" || | ||
docker build "scripts/docker/${IMAGE_NAME}" --file "scripts/docker/${IMAGE_NAME}/Dockerfile.${IMAGE_VARIANT}" --tag "${IMAGE_NAME}" | ||
|
||
echo "-- test_docker @ '${PWD}'" | ||
|
||
docker run --rm --volume "${PWD}:/root/project" "${IMAGE_NAME}" "/root/project/scripts/ci/${IMAGE_NAME}_test_${IMAGE_VARIANT}.sh" | ||
|
||
echo "-- push_docker" | ||
|
||
VERSION=$(docker inspect --format='{{.Config.Labels.version}}' "${IMAGE_NAME}") | ||
DOCKER_IMAGE_ID="${DOCKER_REPOSITORY}/${IMAGE_NAME}-${IMAGE_VARIANT}" | ||
|
||
docker tag "${IMAGE_NAME}" "${DOCKER_IMAGE_ID}:${VERSION}" | ||
docker push "${DOCKER_IMAGE_ID}:${VERSION}" | ||
|
||
REPO_DIGEST=$(docker inspect --format='{{.RepoDigests}}' "${DOCKER_IMAGE_ID}:${VERSION}") | ||
|
||
docker tag "${IMAGE_NAME}" "${DOCKER_IMAGE_ID}:latest" | ||
docker push "${DOCKER_IMAGE_ID}:latest" | ||
|
||
echo "::set-env name=DOCKER_IMAGE::${DOCKER_IMAGE_ID}:${VERSION}" | ||
echo "::set-env name=DOCKER_REPO_DIGEST::${REPO_DIGEST}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
# buildpack-deps docker images | ||
|
||
The `buildpack-deps` docker images are used to compile and test solidity within our CI. | ||
|
||
## GitHub Workflow | ||
|
||
The creation of the images are triggered by a single workflow, defined in `.github/workflows/buildpack-deps.yml`. | ||
For each resulting `buildpack-deps` docker image a strategy is defined in the workflow file - the image variant. | ||
The workflow gets triggered, if any Dockerfile defined in `scripts/docker/buildpack-deps/Dockerfile.*` were changed | ||
within the PR. | ||
|
||
### Versioning | ||
|
||
The version of the docker images can be defined within the Dockerfile with `LABEL version`. A new docker image | ||
will only be created and pushed, if the new version is incremented by `1` compared with the version of the Dockerfile | ||
located in `develop`. | ||
|
||
### Build, Test & Push | ||
|
||
Note that the whole workflow - including all defined strategies (image variants) - will be triggered, | ||
even if only a single Dockerfile was change. The full workflow will only gets executed, if the corresponding | ||
Dockerfile was changed. The execution of workflows of unchanged Dockerfiles will not continue and just return success. | ||
See `scripts/ci/docker_upgrade.sh`. | ||
|
||
If the version check was successful, the docker image will be built using the Dockerfile located in | ||
`scripts/docker/buildpack-deps/Dockerfile.*`. | ||
|
||
The resulting docker image will be tested by executing | ||
the corresponding `scripts/ci/buildpack-deps_test_*` scripts. These scripts are normally symlinked to `scripts/ci/build.sh`, | ||
except for the `buildpack-deps-ubuntu1604.clang.ossfuzz` docker image, that is symlinked to `scripts/ci/build_ossfuzz.sh`. | ||
These scripts `scripts/ci/build.sh` and `scripts/ci/build_ossfuzz.sh` are also used by CircleCI, see `.circleci/config.yml`. | ||
|
||
If the tests passed successfully, the docker image will get tagged by the version defined within the corresponding `Dockerfile`. | ||
Finally, a comment will be added to the PR that contains the full repository, version and repository digest | ||
of the freshly created docker image. |
File renamed without changes.