From 1bd19ec576c4a164589871382564725fdce7e4f0 Mon Sep 17 00:00:00 2001 From: Caleb Woodbine Date: Thu, 12 Oct 2023 14:56:17 +1300 Subject: [PATCH] feat: add reusable-go-docker-apps-ecr-legacy a workflow to hide complexity of existing manual implementations for multiple parallel builds, that auto-discover endpoints. --- .../reusable-go-docker-apps-ecr-legacy.yml | 110 ++++++++++++++++++ .../workflows/test-reusable-docker-build.yml | 3 +- README.md | 50 ++++++++ 3 files changed, 162 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/reusable-go-docker-apps-ecr-legacy.yml diff --git a/.github/workflows/reusable-go-docker-apps-ecr-legacy.yml b/.github/workflows/reusable-go-docker-apps-ecr-legacy.yml new file mode 100644 index 0000000..b98f586 --- /dev/null +++ b/.github/workflows/reusable-go-docker-apps-ecr-legacy.yml @@ -0,0 +1,110 @@ +name: Go Docker apps ECR legacy +on: + workflow_call: + inputs: + folder: + type: string + default: ./cmd + description: | + the folder to discover entrypoints to build + exclude: + type: string + default: '\?\?\?' + description: | + a regex string to match what package names to not include in building + dockerfile-template-path: + type: string + default: ./Dockerfile.tmplate + description: | + the path to the dockerfile to append CMD to + setup: + type: string + description: | + shell commands to setup the environment, such as installing dependencies + extra-build-args: + type: string + description: | + multi-lined input for build-args + test: + type: boolean + default: true + description: | + whether to enable built-in test +jobs: + prepare: + runs-on: ubuntu-latest + outputs: + git-rev: ${{ steps.git-rev.outputs.git-rev }} + matrix: ${{ steps.set.outputs.matrix }} + steps: + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: GeoNet/yq@bbe305500687a5fe8498d74883c17f0f06431ac4 # master + - id: git-rev + env: + GIT_SHA: ${{ github.sha }} + run: | + echo "git-rev=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT + - id: set + env: + FOLDER: ${{ inputs.folder }} + EXCLUDE: ${{ inputs.exclude }} + run: | + echo "matrix=$(find $FOLDER -mindepth 1 -maxdepth 1 -type d | grep -Ewv "$EXCLUDE" - | xargs -n 1 basename | xargs | yq 'split(" ")|.[]|{"target":.,"folder":env(FOLDER)+"/"+.}' -ojson | jq -rcM -s '{"include":.}')" >> $GITHUB_OUTPUT + - name: check output + run: | + jq . <<< '${{ steps.set.outputs.matrix }}' + build: + needs: prepare + strategy: + matrix: ${{ fromJSON(needs.prepare.outputs.matrix) }} + uses: GeoNet/Actions/.github/workflows/reusable-docker-build.yml@main + with: + setup: | + # this is an anti-pattern + mkdir -p "${{ fromJSON(toJSON(matrix)).folder }}/assets" + DOCKERFILE="${{ fromJSON(toJSON(matrix)).folder }}/${{ fromJSON(toJSON(matrix)).target }}.Dockerfile" + if [ -f "${{ fromJSON(toJSON(matrix)).folder }}/Dockerfile" ]; then + echo "using existing" + cp "${{ fromJSON(toJSON(matrix)).folder }}/Dockerfile" "$DOCKERFILE" + else + echo "copy-editing template" + cp ${{ inputs.dockerfile-template-path }} "$DOCKERFILE" + cat << EOF >> "$DOCKERFILE" + CMD ["${{ fromJSON(toJSON(matrix)).target }}"] + EOF + fi + context: . + buildArgs: | + BUILD=${{ fromJSON(toJSON(matrix)).target }} + VERSION=git-${{ needs.prepare.outputs.git-rev }} + ASSET_DIR=${{ fromJSON(toJSON(matrix)).folder }}/assets + GIT_COMMIT_SHA=${{ needs.prepare.outputs.git-rev }} + ${{ inputs.extra-build-args }} + dockerfile: ${{ fromJSON(toJSON(matrix)).folder }}/${{ fromJSON(toJSON(matrix)).target }}.Dockerfile + imageName: ${{ fromJSON(toJSON(matrix)).target }} + platforms: linux/amd64 + push: ${{ github.ref == 'refs/heads/main' }} + tags: latest,git-${{ needs.prepare.outputs.git-rev }} + registryOverride: 862640294325.dkr.ecr.ap-southeast-2.amazonaws.com + aws-region: ap-southeast-2 + aws-role-arn-to-assume: arn:aws:iam::862640294325:role/github-actions-geonet-ecr-push + aws-role-duration-seconds: "3600" + go-build: + if: ${{ contains(fromJSON('["workflow_call", "push", "pull_request"]'), github.event_name) && startsWith(github.repository, 'GeoNet/') != false }} + uses: GeoNet/Actions/.github/workflows/reusable-go-build-smoke-test.yml@main + with: + paths: ${{ inputs.paths }} + setup: ${{ inputs.setup }} + gofmt: + if: ${{ contains(fromJSON('["workflow_call", "push", "pull_request"]'), github.event_name) && startsWith(github.repository, 'GeoNet/') != false }} + uses: GeoNet/Actions/.github/workflows/reusable-gofmt.yml@main + golangci-lint: + if: ${{ contains(fromJSON('["workflow_call", "push", "pull_request"]'), github.event_name) && startsWith(github.repository, 'GeoNet/') != false }} + uses: GeoNet/Actions/.github/workflows/reusable-golangci-lint.yml@main + with: + setup: ${{ inputs.setup }} + go-test: + if: ${{ contains(fromJSON('["workflow_call", "push", "pull_request"]'), github.event_name) && startsWith(github.repository, 'GeoNet/') != false && inputs.test == true }} + uses: GeoNet/Actions/.github/workflows/reusable-go-test.yml@main + with: + setup: ${{ inputs.setup }} diff --git a/.github/workflows/test-reusable-docker-build.yml b/.github/workflows/test-reusable-docker-build.yml index 3bfeaca..e05e1fe 100644 --- a/.github/workflows/test-reusable-docker-build.yml +++ b/.github/workflows/test-reusable-docker-build.yml @@ -59,7 +59,7 @@ jobs: push: ${{ github.ref != 'refs/heads/main' }} test: | date - crane append ghcr.io/geonet/actions/t1-use-test-${{ github.sha }}-success --new_tag --new_layer <(tar cvf $(mktemp)) + crane append --new_tag ghcr.io/geonet/actions/t1-use-test-${{ github.sha }}-success:latest --new_layer <(tar cvf - $(mktemp -d)) t1-use-test-check: needs: t1-use-test runs-on: ubuntu-latest @@ -74,6 +74,7 @@ jobs: run: | crane manifest $IMAGE crane manifest $IMAGE | jq -r '.manifests[] | select(.annotations."vnd.docker.reference.type" != "attestation-manifest") | .platform.architecture' | xargs | grep -E '^amd64' + crane manifest ghcr.io/geonet/actions/t1-use-test-${{ github.sha }}-success gh api -X DELETE /orgs/GeoNet/packages/container/actions%2Ftestimage-t1-use-test || true gh api -X DELETE /orgs/GeoNet/packages/container/actions%2Ftestimage-t1-use-test-${{ github.sha }}-success || true t2-artifact-pull-prepare: diff --git a/README.md b/README.md index 3a94a44..64f4637 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,7 @@ - [Presubmit commit policy conformance](#presubmit-commit-policy-conformance) - [Go container apps](#go-container-apps) - [Go apps](#go-apps) + - [Go Docker apps ECR legacy](#go-docker-apps-ecr-legacy) - [Bash shellcheck](#bash-shellcheck) - [Presubmit README table of contents](#presubmit-readme-table-of-contents) - [Presubmit GitHub Actions workflow validator](#presubmit-github-actions-workflow-validator) @@ -852,6 +853,55 @@ jobs: for configuration see [`on.workflow_call.inputs` in .github/workflows/reusable-go-container-apps.yml](.github/workflows/reusable-go-container-apps.yml). +## Go Docker apps ECR legacy + +A workflow to hide the complexity of current multi-image build workflows. + +This workflow + +- discovers entrypoints from a directory +- templates a Dockerfile by appending a CMD statement +- pushes to ECR +- includes + - go-build + - gofmt + - golangci-lint + - go-test + +and is intended as an intermediary step between manual +implementations of this workflow and Go container apps, +it also continues the pattern of replicating the previous Travis behaviours. + +```yaml +name: go docker apps ecr legacy + +on: + push: + branches: + - main + pull_request: {} + workflow_dispatch: {} + +permissions: + actions: read + packages: write + contents: write + id-token: write + +jobs: + go-docker-apps-ecr-legacy: + uses: GeoNet/Actions/.github/workflows/reusable-go-docker-apps-ecr-legacy.yml@main + # with: + # folder: ./cmd + # exclude: ^my-app|this-one$ + # dockerfile-template-path: ./template.Dockerfile + # setup: | + # sudo apt install -y something-needed-for-build + # extra-build-args: | + # SOMETHING=cool + # test: true +``` + ### Bash shellcheck STATUS: stable