Skip to content

Commit

Permalink
[CI-3516] Change build-push-image action (#315)
Browse files Browse the repository at this point in the history 
* Change build-push-image action

* Add changeset

* Update README.md

* Fix typo

* Change PR review recommendations
  • Loading branch information
@jcobarreto
jcobarreto authored Jun 3, 2024
1 parent 16d7dfb commit fc0a39d
Show file tree
Hide file tree
Showing 3 changed files with 112 additions and 42 deletions.
11 changes: 11 additions & 0 deletions .changeset/curvy-shrimps-doubt.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
'davinci-github-actions': major
---

- change build-push-image action to encapsulate steps needed to use CI buildx instance when using custom runners.

- by using the CI buildx we can cache the intermediate docker image layers, saving time for the next runs, and also
saving with Cloud NAT, since we don't need to download packages for each run.

Breaking changes:
We added some new inputs and also removed the node-version input.
40 changes: 25 additions & 15 deletions build-push-image/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,22 @@ This GH Action builds a Docker image and pushes to google cloud.

The list of arguments, that are used in GH Action:

| name | type | required | default | description |
| ---------------- | ----------------------------------------------------------- | -------- | -------------------------------------------------------------- | ------------------------------------------------------------------------------------------- |
| `sha` | string || | Commit hash that will be used as a tag for the Docker image |
| `image-name` | string || | Name of the Docker image. Might be used in the next steps (for ex.: deploy a Docker image) |
| `environment` | enum<<br/>`temploy`,<br/>`staging`,<br/>`production`,<br/>> | | staging | Determines additional procedures while creating a Docker image. |
| `build-args` | string || | Multiline string to describe build arguments that will be used during dockerization |
| `docker-file` | string | | ./davinci/packages/ci/src/configs/docker/Dockerfile.gha-deploy | pathname to Docker file |
| `davinci-branch` | string | | master | Custom davinci branch |
| `node-versionв` | string | | 20 | Node.js version used. The action is guaranteed to work only with Node.js@20 (default value) |
| name | type | required | default | description |
| ------------------ | ----------------------------------------------------------- | -------- | ----------------- | ------------------------------------------------------------------------------------------ |
| `sha` | string | | ${{ github.sha }} | Commit hash that will be used as a tag for the Docker image |
| `image-name` | string || | Name of the Docker image. Might be used in the next steps (for ex.: deploy a Docker image) |
| `build-args` | string | | | Multiline string to describe build arguments that will be used during dockerization |
| `environment` | enum<<br/>`temploy`,<br/>`staging`,<br/>`production`,<br/>> | | staging | Determines additional procedures while creating a Docker image. |
| `docker-file` | string | | Dockerfile | pathname to Dockerfile |
| `davinci-branch` | string | | master | Custom davinci branch |
| `labels` | string | | | List of metadata for the Docker image |
| `context` | string | | . | Build context |
| `push` | string | | true | Push the image to the registry |
| `platforms` | string | | linux/amd64 | List of target platforms for build |
| `tags` | string | | | Additional tags for the Docker image |
| `target` | string | | | Sets the target stage to build |
| `checkout-davinci` | string | | false | Checkout davinci repository |
| `registry-name` | string || | Registry to push the builded image |

### Outputs

Expand All @@ -31,20 +38,23 @@ Not specified
All ENV Variables, defined in a GH Workflow are also passed to a GH Action. It means, the might be reused as is.
This is a list of ENV Variables that are used in GH Action:

| name | description |
| ----------------- | -------------------------------------------------- |
| `GITHUB_TOKEN` | GitHub token. Is used to checkout `davinci` branch |
| `GCR_ACCOUNT_KEY` | Necessary token to push image to Google cloud |
| name | description |
| -------------------------- | --------------------------------------------------------- |
| `DOCKER_BUILDX_ENDPOINT` | Docker buildx endpoint (Optional if using for GH runners) |
| `GCR_ACCOUNT_KEY` | Necessary token to push image to Google cloud |
| `GITHUB_TOKEN` | GitHub token. Is used to checkout `davinci` branch |
| `TOPTAL_BUILD_BOT_SSH_KEY` | SSH key to access Google cloud |

### Usage

```yaml
- uses: toptal/davinci-github-actions/build-push-image@v4.4.2
- uses: toptal/davinci-github-actions/build-push-image@v15.0.0
with:
sha: 7042976bc3db21012fe38602bb643618a95aa2d0
image-name: my-image-name
environment: staging
checkout-davinci: true
docker-file: ./davinci/packages/ci/src/configs/docker/Dockerfile.gha-deploy
registry-name: ${{ steps.parse_secrets.outputs.TOPTAL_DEFAULT_REGISTRY }}
build-args: |
ENV_RUNTIME_ENTRYPOINT=./davinci/packages/ci/src/configs/docker/env-runtime.entrypoint.sh
DIST_FOLDER=./dist
Expand Down
103 changes: 76 additions & 27 deletions build-push-image/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,88 +3,137 @@ description: |
Builds release image of a project and pushes to cloud
****
envInputs:
GITHUB_TOKEN: GitHub token. Is used to checkout `davinci` branch
DOCKER_BUILDX_ENDPOINT: Docker buildx endpoint (Optional if using for GH runners)
GCR_ACCOUNT_KEY: Necessary token to push image to Google cloud
GITHUB_TOKEN: GitHub token. Is used to checkout `davinci` branch
TOPTAL_BUILD_BOT_SSH_KEY: SSH key to access Google cloud
inputs:
sha:
required: true
required: false
description: 'Commit hash that will be used as a tag for the Docker image'
default: ${{ github.sha }}
image-name:
required: true
description: 'Name of the Docker image. Might be used in the next steps (for ex.: deploy a Docker image)'
build-args:
required: false
description: 'Multiline string to describe build arguments that will be used during dockerization'
environment:
required: false
default: staging
description: 'Determines additional procedures while creating a Docker image. || enum<<br/>`temploy`,<br/>`staging`,<br/>`production`,<br/>>'
build-args:
required: true
description: 'Multiline string to describe build arguments that will be used during dockerization'
docker-file:
description: 'pathname to Docker file'
required: false
default: ./davinci/packages/ci/src/configs/docker/Dockerfile.gha-deploy
description: 'pathname to Dockerfile'
default: Dockerfile
davinci-branch:
description: 'Custom davinci branch'
required: false
description: 'Custom davinci branch'
default: 'master'
node-versionв:
labels:
required: false
description: 'List of metadata for the Docker image'
default: ''
context:
required: false
default: 20
description: 'Node.js version used. The action is guaranteed to work only with Node.js@20 (default value)'
description: 'Build context'
default: '.'
push:
required: false
description: 'Push the image to the registry'
default: 'true'
platforms:
required: false
description: 'List of target platforms for build'
default: 'linux/amd64'
tags:
required: false
description: 'Additional tags for the Docker image'
target:
required: false
description: 'Sets the target stage to build'
# Set checkout davinci to true if you want to checkout davinci repository files
checkout-davinci:
required: false
description: 'Checkout davinci repository'
default: 'false'
registry-name:
required: true
description: 'Registry to push the builded image'

runs:
using: composite
steps:
- name: Check out davinci
uses: actions/checkout@v3
if: ${{ inputs.checkout-davinci == 'true' }}
uses: actions/checkout@v4
with:
repository: toptal/davinci
token: ${{ env.GITHUB_TOKEN }}
path: davinci
sparse-checkout: |
/packages/ci/src/configs/docker/Dockerfile.gha-deploy
/packages/ci/src/configs/docker/env-runtime.entrypoint.sh
/packages/davinci/docker/nginx-vhost.conf
sparse-checkout-cone-mode: false
ref: ${{ inputs.davinci-branch }}

- name: Set up node
uses: actions/[email protected]
with:
node-version: ${{ inputs.node-version }}

- id: meta-latest
- id: meta-build
shell: bash
env:
ENVIRONMENT: ${{ inputs.environment }}
REGISTRY: ${{ inputs.registry-name }}
run: |
latest=$(if [[ $ENVIRONMENT == 'temploy' ]]; then echo false; else echo true; fi)
echo latest=$latest >> $GITHUB_OUTPUT
echo REGISTRY_REGION=$(echo $REGISTRY | awk -F'/' '{print $1}') >> $GITHUB_OUTPUT
- name: Docker meta
uses: docker/metadata-action@v5
id: meta
uses: docker/[email protected]
with:
images: |
us-central1-docker.pkg.dev/toptal-hub/containers/${{ inputs.image-name }}
${{ inputs.registry-name }}/${{ inputs.image-name }}
tags: |
type=raw,enable=true,priority=200,prefix=,suffix=,value=${{ inputs.sha }}
${{ inputs.tags }}
flavor: |
latest=${{ steps.meta-latest.outputs.latest }}
latest=${{ steps.meta-build.outputs.latest }}
- name: Use SSH key
uses: toptal/[email protected]
with:
ssh-private-key: ${{ env.TOPTAL_BUILD_BOT_SSH_KEY }}

- name: Login to Google Artifact Registry - GAR
uses: docker/login-action@v3
with:
registry: us-central1-docker.pkg.dev
registry: ${{ steps.meta-build.outputs.REGISTRY_REGION }}
username: _json_key
password: ${{ env.GCR_ACCOUNT_KEY }}

- name: Set up Docker Buildx
id: buildx
- name: Set up Docker Buildx - CI custom runners
if: contains(runner.name, 'inf-gha-runners-runners')
uses: docker/setup-buildx-action@v3
with:
driver: remote
endpoint: ${{ env.DOCKER_BUILDX_ENDPOINT }}

- name: Set up Docker Buildx - GH runners
if: "!contains(runner.name, 'inf-gha-runners-runners')"
uses: docker/setup-buildx-action@v3

- name: Build and push release image
uses: docker/build-push-action@v5.1.0
uses: docker/build-push-action@v5
with:
provenance: false
platforms: ${{ inputs.platforms }}
tags: ${{ steps.meta.outputs.tags }}
push: true
context: .
target: ${{ inputs.target }}
push: ${{ inputs.push }}
context: ${{ inputs.context }}
labels: ${{ inputs.labels }}
file: ${{ inputs.docker-file }}
build-args: ${{ inputs.build-args }}
ssh: default

0 comments on commit fc0a39d

Please sign in to comment.