chore(cicd): make base image build step (#62)

* chore(cicd): make base image build step * feat: snort base image * chore: test image loading * feat: use base image * chore: debug updated * refactor: restore always * Update conditional statement in check.yml * fix: typo * fix: lang and proj parsing * fix: snort link * fix: update docker cached image name * feat: load base before build * feat: share cache with registry service * fix: correct output variable * style: remove temporal comments * fix: fix copy directory * chore: two step build and publish with base image * fix: updated base image usage * refactor: make flex to use base image * perf: stream download and unzip * fix: copy metadata only in snort * style: mark step name for visibility * fix: actions/checkout version
kupl · Nov 29, 2023 · 2fc1030 · 2fc1030
1 parent 76762af
commit 2fc1030
Show file tree

Hide file tree

Showing 12 changed files with 217 additions and 226 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -9,7 +9,64 @@ env:
   REGISTRY: ghcr.io
 
 jobs:
+  find-updated-bases:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+      - id: find-targets
+        run: |
+          git diff --name-only --diff-filter=ACMR HEAD^ HEAD | grep -e "^OCaml-base/" -e "^Java-base/" -e "^C-base/" -e "^Solidity-base/" | cut -d '/' -f 1-2 | sort | uniq > /tmp/updated-bases.txt
+          bases=$(cat /tmp/updated-bases.txt | xargs -I{base} echo \"{base}\" | tr '\n' ',' | sed 's/,*$//')
+          echo "targets=[$bases]" >> ${GITHUB_OUTPUT}
+
+    outputs:
+      targets: ${{ steps.find-targets.outputs.targets }}
+
+  build-base-images:
+    needs:
+      - find-updated-bases
+
+    runs-on: ubuntu-latest
+
+    if: needs.find-updated-bases.outputs.targets != '[]'
+
+    permissions:
+      contents: read
+      packages: write
+
+    strategy:
+      matrix:
+        target: ${{ fromJSON(needs.find-updated-bases.outputs.targets) }}
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Make build info
+        id: make-build-info
+        run: |
+          echo "language=$(echo ${{ matrix.target }} | cut -d '/' -f 1 | tr '[:upper:]' '[:lower:]')" >> ${GITHUB_OUTPUT}
+          echo "project=$(echo ${{ matrix.target }} | cut -d '/' -f 2 )"
+
+      - uses: docker/setup-buildx-action@v3
+      - uses: docker/build-push-action@v5
+        with:
+          context: ${{ matrix.target }}
+          file: ${{ matrix.target }}/Dockerfile
+          platforms: linux/amd64
+          push: true
+          tags: ${{ env.REGISTRY }}/kupl/starlab-benchmarks/${{ steps.make-build-info.outputs.language }}:${{ steps.make-build-info.outputs.project }}
+          labels: |
+            org.opencontainers.image.source="https://github.com/kupl/starlab-benchmarks"
+
   find-targets:
+    needs:
+      - find-updated-bases
+
     runs-on: ubuntu-latest
 
     permissions:
@@ -21,7 +78,14 @@ jobs:
           fetch-depth: 2
       - id: find-targets
         run: |
-          projects=$(git diff --name-only --diff-filter=ACMR HEAD^ HEAD | grep -e "^OCaml/" -e "^Java/" -e "^C/" -e "^Solidity/" | cut -d '/' -f 1-2 | sort | uniq | xargs -I{prj} echo \"{prj}\" | tr '\n' ',' | sed 's/,*$//')
+          {
+            for base in $(echo ${{ needs.find-updated-bases.outputs.targets }} | jq -r '.[]'); do
+              base=$(echo $base | sed 's/-base//')
+              ls $base-*
+            done
+          } > /tmp/updated-benchmarks.txt
+          git diff --name-only --diff-filter=ACMR HEAD^ HEAD | grep -e "^OCaml/" -e "^Java/" -e "^C/" -e "^Solidity/" | cut -d '/' -f 1-2 | sort | uniq >> /tmp/updated-benchmarks.txt
+          projects=$(cat /tmp/updated-benchmarks.txt | xargs -I{prj} echo \"{prj}\" | tr '\n' ',' | sed 's/,*$//')
           echo "targets=[$projects]" >> ${GITHUB_OUTPUT}
 
     outputs:
@@ -36,6 +100,7 @@ jobs:
       packages: write
 
     needs:
+      - build-base-images
       - find-targets
 
     if: always() && needs.find-targets.outputs.targets != '[]'

diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
@@ -6,61 +6,117 @@ on:
       - main
 
 jobs:
-  find-targets:
+  find-updated-benchmarks:
     runs-on: ubuntu-latest
 
     permissions:
       contents: read
 
     steps:
       - uses: actions/checkout@v4
+      - run: |
+          git fetch origin
+      - id: find-base-updates
+        run: |
+          bases=$(git diff --name-only --diff-filter=ACMR origin/${{ github.base_ref }} origin/${{ github.head_ref }} | grep -e "^OCaml-base/" -e "^Java-base/" -e "^C-base/" -e "^Solidity-base/" | cut -d '/' -f 1-2 | sort | uniq)
+          {
+            for base in $base; do
+              base=$(echo $base | sed 's/-base//')
+              ls $base-*
+            done
+          } > updated.txt
+      - id: find-benchmark-updates
+        run: |
+          git diff --name-only --diff-filter=ACMR origin/${{ github.base_ref }} origin/${{ github.head_ref }} | grep -e "^OCaml/" -e "^Java/" -e "^C/" -e "^Solidity/" | cut -d '/' -f 1-2 | sort | uniq >> updated.txt
       - id: find-targets
         run: |
-          git fetch origin
-          projects=$(git diff --name-only --diff-filter=ACMR origin/${{ github.base_ref }} origin/${{ github.head_ref }} | grep -e "^OCaml/" -e "^Java/" -e "^C/" -e "^Solidity/" | cut -d '/' -f 1-2 | sort | uniq | xargs -I{prj} echo \"{prj}\" | tr '\n' ',' | sed 's/,*$//')
-          echo "targets=[$projects]" >> ${GITHUB_OUTPUT}
+          targets=$(cat updated.txt | xargs -I{prj} echo \"{prj}\" | tr '\n' ',' | sed 's/,*$//')
+          echo $targets
+          echo "targets=[$targets]" >> ${GITHUB_OUTPUT}
 
     outputs:
       targets: ${{ steps.find-targets.outputs.targets }}
 
 
-  build-test:
+  benchmarks-build-test:
     runs-on: ubuntu-latest
 
     permissions:
       contents: read
 
     needs:
-      - find-targets
+      - find-updated-benchmarks
 
-    if: always() && needs.find-targets.outputs.targets != '[]'
+    if: always() && needs.find-updated-benchmarks.outputs.targets != '[]'
 
     strategy:
       matrix:
-        target: ${{ fromJSON(needs.find-targets.outputs.targets) }}
+        target: ${{ fromJSON(needs.find-updated-benchmarks.outputs.targets) }}
+
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5000:5000
 
     steps:
       - uses: actions/checkout@v3
+      - uses: docker/setup-buildx-action@v3
+        with:
+          driver-opts: network=host
+
+      - name: Check if base image exists
+        id: check-if-base-image-exists
+        run: |
+          lang=$(echo ${{ matrix.target }} | cut -d '/' -f 1)
+          proj=$(echo ${{ matrix.target }} | cut -d '/' -f 2 | cut -d '-' -f 1)
+          ls ${lang}-base/${proj}
+          if [ -d ${lang}-base/${proj} ]; then
+            echo "base=${lang}-base/${proj}" >> ${GITHUB_OUTPUT}
+            echo "image=${lang}-base:${proj}" | tr '[:upper:]' '[:lower:]' >> ${GITHUB_OUTPUT}
+          fi
+      - name: Build base image
+        id: build-base-image
+        if: steps.check-if-base-image-exists.outputs.base != ''
+        uses: docker/build-push-action@v5
+        with:
+          context: ${{ steps.check-if-base-image-exists.outputs.base }}
+          file: ${{ steps.check-if-base-image-exists.outputs.base }}/Dockerfile
+          platforms: linux/amd64
+          push: true
+          tags: localhost:5000/base:latest
+
+      - name: Build benchmark image without base image
+        uses: docker/build-push-action@v5
+        if: steps.check-if-base-image-exists.outputs.base == ''
+        with:
+          context: ${{ matrix.target }}
+          file: ${{ matrix.target }}/Dockerfile
+          platforms: linux/amd64
+          push: true
+          tags: localhost:5000/benchmark:latest
+      - name: Build benchmark image with base image
+        uses: docker/build-push-action@v5
+        if: steps.check-if-base-image-exists.outputs.base != ''
+        with:
+          context: ${{ matrix.target }}
+          file: ${{ matrix.target }}/Dockerfile
+          platforms: linux/amd64
+          push: true
+          tags: localhost:5000/benchmark:latest
+          build-contexts: |
+            ghcr.io/kupl/starlab-benchmarks/${{ steps.check-if-base-image-exists.outputs.image }}=docker-image://localhost:5000/base:latest
+      
       - name: Read metadata
         id: read-metadata
         run: |
           content=$(cat ${{ matrix.target }}/metadata.json)
           content="${content//$'\n'/''}"
           echo "location=$(echo $content | jq -r .buggyPath)" >> ${GITHUB_OUTPUT}
           echo "buildCommand=$(echo $content | jq -r .buildCommand)" >> ${GITHUB_OUTPUT}
-      - uses: docker/setup-buildx-action@v3
-      - uses: docker/build-push-action@v5
-        with:
-          context: ${{ matrix.target }}
-          file: ${{ matrix.target }}/Dockerfile
-          platforms: linux/amd64
-          push: false
-          tags: benchmark:latest
-          outputs: type=docker,dest=./image.tar
       - name: Smoke test
         run: |
-          docker load --input ./image.tar
-          docker run --rm benchmark:latest /bin/bash -c "cd ${{ steps.read-metadata.outputs.location }}; ${{ steps.read-metadata.outputs.buildCommand }}"
+          docker run --rm localhost:5000/benchmark:latest /bin/bash -c "cd ${{ steps.read-metadata.outputs.location }}; ${{ steps.read-metadata.outputs.buildCommand }}"
   
   check-all-test-pass-on-pr:
     runs-on: ubuntu-latest
@@ -69,7 +125,7 @@ jobs:
       pull-requests: write
 
     needs:
-      - build-test
+      - benchmarks-build-test
 
     if: always()
 

diff --git a/C-base/flex/Dockerfile b/C-base/flex/Dockerfile
@@ -0,0 +1,25 @@
+FROM ubuntu:20.04
+
+RUN export DEBIAN_FRONTEND=noninteractive \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends \
+        autoconf \
+        automake \
+        autopoint \
+        bison \
+        build-essential \
+        ca-certificates \
+        flex \
+        git \
+        jq \
+        libtool \
+        texinfo \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /workspace
+RUN git clone https://github.com/westes/flex.git buggy \
+    && cd buggy \
+    && git checkout d3de49f84224b18c5287653f20525291b24cc26e \
+    && ./autogen.sh \
+    && ./configure
diff --git a/C-base/snort/Dockerfile b/C-base/snort/Dockerfile
@@ -0,0 +1,35 @@
+FROM ubuntu:20.04
+
+RUN export DEBIAN_FRONTEND=noninteractive \
+    && apt-get update \
+    && apt-get install -y --no-install-recommends \
+        autopoint \
+        autoconf \
+        automake \
+        bison \
+        build-essential \
+        ca-certificates \
+        flex \
+        jq \
+        libdaq-dev \
+        libdumbnet-dev \
+        libluajit-5.1-dev \
+        libnghttp2-dev \
+        libpcap-dev \
+        libpcre3-dev \
+        libssl-dev \
+        libtasn1-dev  \
+        libtool \
+        pkg-config \
+        wget \
+        zlib1g-dev \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY ./src /tmp/src
+WORKDIR /workspace
+RUN mkdir -p buggy \
+    && wget -q "https://www.snort.org/downloads/archive/snort/snort-2.9.13.tar.gz" -O - | tar -zxvf - -C ./buggy --strip-components=1 \
+    && mv /tmp/src/util.h /workspace/buggy/src/util.h \
+    && cd buggy \
+    && ./configure
diff --git a/C/snort-38/util.h → C-base/snort/src/util.h b/C/snort-38/util.h → C-base/snort/src/util.h
@@ -385,4 +385,4 @@ static inline pid_t gettid(void)
 }
 #endif
 
-#endif /*__UTIL_H__*/
+#endif /*__UTIL_H__*/
diff --git a/C/flex-1/Dockerfile b/C/flex-1/Dockerfile
@@ -1,30 +1,4 @@
-FROM ubuntu:20.04
+FROM ghcr.io/kupl/starlab-benchmarks/c-base:flex
 
-RUN export DEBIAN_FRONTEND=noninteractive \
-    && apt-get update \
-    && apt-get install -y --no-install-recommends \
-        autoconf \
-        automake \
-        autopoint \
-        bison \
-        build-essential \
-        ca-certificates \
-        flex \
-        git \
-        jq \
-        libtool \
-        texinfo \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-RUN mkdir -p /workspace
-COPY . /workspace
 WORKDIR /workspace
-
-RUN export BUGGY_PATH=$(cat metadata.json | jq -r ".buggyPath") \
-    && git clone https://github.com/westes/flex.git $BUGGY_PATH \
-    && cd $BUGGY_PATH \
-    && git checkout d3de49f84224b18c5287653f20525291b24cc26e \
-    && ./autogen.sh \
-    && ./configure
-
+COPY . /workspace
diff --git a/C/flex-2/Dockerfile b/C/flex-2/Dockerfile
@@ -1,30 +1,4 @@
-FROM ubuntu:20.04
+FROM ghcr.io/kupl/starlab-benchmarks/c-base:flex
 
-RUN export DEBIAN_FRONTEND=noninteractive \
-    && apt-get update \
-    && apt-get install -y --no-install-recommends \
-        autoconf \
-        automake \
-        autopoint \
-        bison \
-        build-essential \
-        ca-certificates \
-        flex \
-        git \
-        jq \
-        libtool \
-        texinfo \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-RUN mkdir -p /workspace
-COPY . /workspace
 WORKDIR /workspace
-
-RUN export BUGGY_PATH=$(cat metadata.json | jq -r ".buggyPath") \
-    && git clone https://github.com/westes/flex.git $BUGGY_PATH \
-    && cd $BUGGY_PATH \
-    && git checkout d3de49f84224b18c5287653f20525291b24cc26e \
-    && ./autogen.sh \
-    && ./configure
-
+COPY . /workspace
-Original file line number
+Diff line change
@@ Expand Up / @@ -385,4 +385,4 @@ static inline pid_t gettid(void) @@
     }
     #endif
-    #endif /*__UTIL_H__*/
+    #endif /*__UTIL_H__*/