-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add multi-stage builds to our containers
This change updates the builds for the containers to use a multistage build where applicable. All containers will now also cleanup the pycache files when detected, ensuring that we're building efficient images. With this change we'll now publish container images with an epoc so that we can use point in time releases when needed. This change adds pre-commit hooks to our setup so that we can begin running some static analysis against our code base. > To ensure that our tests run we've made a change to the `addons.yml` file to correct a syntax error. Ansible-lint config has been added to ignore most of the infractions at this point, we'll need to address those rule violations as we develop the tool-chain. Signed-off-by: Kevin Carter <[email protected]>
- Loading branch information
Showing
16 changed files
with
282 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
skip_list: | ||
- yaml | ||
- jinja | ||
- no-free-form | ||
- name | ||
- var-naming | ||
- risky-file-permissions | ||
- no-changed-when | ||
- fqcn |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
name: Run pull-request syntax workflows | ||
on: | ||
- pull_request | ||
jobs: | ||
pre_commit: | ||
runs-on: ubuntu-latest | ||
strategy: | ||
matrix: | ||
python-version: | ||
- "3.10" | ||
steps: | ||
- name: Check out the repo | ||
uses: actions/checkout@v2 | ||
- name: Set up Python ${{ matrix.python-version }} | ||
uses: actions/setup-python@v2 | ||
with: | ||
python-version: ${{ matrix.python-version }} | ||
- name: Get changed files | ||
id: changed-files | ||
uses: tj-actions/[email protected] | ||
- name: Run Check | ||
uses: pre-commit/[email protected] | ||
with: | ||
extra_args: --files ${{ steps.changed-files.outputs.all_changed_files }} | ||
- name: Checks failed, notification | ||
if: failure() | ||
run: | | ||
echo "Tests Failed" | ||
echo "Run the following command to identify issues" | ||
echo "pre-commit run --files ${{ steps.changed-files.outputs.all_changed_files }}" | ||
- name: Upload log artifacts on failure | ||
if: failure() | ||
uses: actions/upload-artifact@v2 | ||
with: | ||
name: pre-commit-py${{ matrix.python-version }} | ||
path: /home/runner/.cache/pre-commit/pre-commit.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
# | ||
name: Run build check for the Horizon RXT compatible image | ||
|
||
on: | ||
pull_request: | ||
paths: | ||
- Containerfiles/HorizonRXT-Containerfile | ||
|
||
# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. | ||
env: | ||
REGISTRY: ghcr.io | ||
IMAGE_NAME: ${{ github.repository }} | ||
|
||
# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. | ||
jobs: | ||
build-and-push-image: | ||
runs-on: ubuntu-latest | ||
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. | ||
permissions: | ||
contents: read | ||
packages: read | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. | ||
- name: Log in to the Container registry | ||
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | ||
with: | ||
registry: ${{ env.REGISTRY }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Build Docker image | ||
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 | ||
with: | ||
context: . | ||
file: Containerfiles/HorizonRXT-Containerfile | ||
push: false | ||
tags: | | ||
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/horizon-rxt:master-ubuntu_jammy | ||
build-args: | | ||
VERSION=master-ubuntu_jammy | ||
PLUGIN_VERSION=master |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
# | ||
name: Run build check for the Keystone RXT compatible image | ||
|
||
on: | ||
pull_request: | ||
paths: | ||
- Containerfiles/KeystoneRXT-Containerfile | ||
|
||
# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. | ||
env: | ||
REGISTRY: ghcr.io | ||
IMAGE_NAME: ${{ github.repository }} | ||
|
||
# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. | ||
jobs: | ||
build-and-push-image: | ||
runs-on: ubuntu-latest | ||
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. | ||
permissions: | ||
contents: read | ||
packages: read | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. | ||
- name: Log in to the Container registry | ||
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | ||
with: | ||
registry: ${{ env.REGISTRY }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Build Docker image | ||
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 | ||
with: | ||
context: . | ||
file: Containerfiles/KeystoneRXT-Containerfile | ||
push: false | ||
tags: | | ||
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/keystone-rxt:master-ubuntu_jammy | ||
build-args: | | ||
VERSION=master-ubuntu_jammy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
# | ||
name: Run build check for the Nova EFI compatible image | ||
|
||
on: | ||
pull_request: | ||
paths: | ||
- Containerfiles/NovaEFI-Containerfile | ||
|
||
# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. | ||
env: | ||
REGISTRY: ghcr.io | ||
IMAGE_NAME: ${{ github.repository }} | ||
|
||
# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. | ||
jobs: | ||
build-and-push-image: | ||
runs-on: ubuntu-latest | ||
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. | ||
permissions: | ||
contents: read | ||
packages: read | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. | ||
- name: Log in to the Container registry | ||
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | ||
with: | ||
registry: ${{ env.REGISTRY }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Build Docker image | ||
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 | ||
with: | ||
context: . | ||
file: Containerfiles/NovaEFI-Containerfile | ||
push: false | ||
tags: | | ||
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/nova-efi:master-ubuntu_jammy | ||
build-args: | | ||
VERSION=master-ubuntu_jammy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
# | ||
name: Run build check for the Octavia OVN compatible image | ||
|
||
on: | ||
pull_request: | ||
paths: | ||
- Containerfiles/OctaviaOVN-Containerfile | ||
|
||
# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. | ||
env: | ||
REGISTRY: ghcr.io | ||
IMAGE_NAME: ${{ github.repository }} | ||
|
||
# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. | ||
jobs: | ||
build-and-push-image: | ||
runs-on: ubuntu-latest | ||
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. | ||
permissions: | ||
contents: read | ||
packages: read | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. | ||
- name: Log in to the Container registry | ||
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | ||
with: | ||
registry: ${{ env.REGISTRY }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- name: Build Docker image | ||
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 | ||
with: | ||
context: . | ||
file: Containerfiles/OctaviaOVN-Containerfile | ||
push: false | ||
tags: | | ||
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/octavia-ovn:master-ubuntu_jammy | ||
build-args: | | ||
VERSION=master-ubuntu_jammy | ||
PLUGIN_VERSION=5.0.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
--- | ||
repos: | ||
- repo: https://github.com/pre-commit/pre-commit-hooks | ||
rev: v4.5.0 | ||
hooks: | ||
- id: end-of-file-fixer | ||
- id: trailing-whitespace | ||
- id: mixed-line-ending | ||
- id: check-byte-order-marker | ||
- id: check-executables-have-shebangs | ||
- id: check-merge-conflict | ||
- id: check-symlinks | ||
- id: check-yaml | ||
files: .*\.(yaml|yml)$ | ||
args: | ||
- "--allow-multiple-documents" | ||
- "--unsafe" | ||
- id: debug-statements | ||
- repo: https://github.com/psf/black | ||
rev: 24.1.1 | ||
hooks: | ||
- id: black | ||
- repo: https://github.com/ansible-community/ansible-lint | ||
rev: v6.22.2 | ||
hooks: | ||
- id: ansible-lint | ||
additional_dependencies: | ||
- ansible | ||
- yamllint | ||
- repo: https://github.com/jumanjihouse/pre-commit-hooks | ||
rev: 3.0.0 | ||
hooks: | ||
- id: shellcheck |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,8 @@ | ||
ARG VERSION=master-ubuntu_jammy | ||
FROM openstackhelm/keystone:$VERSION | ||
FROM openstackhelm/keystone:${VERSION} as build | ||
RUN /var/lib/openstack/bin/pip install --upgrade --force-reinstall pip | ||
RUN /var/lib/openstack/bin/pip install keystone-rxt | ||
RUN find /var/lib/openstack -regex '^.*\(__pycache__\|\.py[co]\)$' -delete | ||
|
||
FROM openstackhelm/keystone:${VERSION} | ||
COPY --from=build /var/lib/openstack/. /var/lib/openstack/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,9 @@ | ||
ARG VERSION=master-ubuntu_jammy | ||
FROM docker.io/loci/octavia:${VERSION} | ||
FROM docker.io/loci/octavia:${VERSION} as build | ||
ARG PLUGIN_VERSION=5.0.0 | ||
RUN /var/lib/openstack/bin/pip install ovn-octavia-provider===${PLUGIN_VERSION} | ||
RUN /var/lib/openstack/bin/pip install --index-url https://pypi.python.org/simple --upgrade pip | ||
RUN /var/lib/openstack/bin/pip install --index-url https://pypi.python.org/simple ovn-octavia-provider==${PLUGIN_VERSION} | ||
RUN find /var/lib/openstack -regex '^.*\(__pycache__\|\.py[co]\)$' -delete | ||
|
||
FROM docker.io/loci/octavia:${VERSION} | ||
COPY --from=build /var/lib/openstack/. /var/lib/openstack/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.