diff --git a/.changeset/curvy-shrimps-doubt.md b/.changeset/curvy-shrimps-doubt.md
new file mode 100644
index 00000000..52bbcca9
--- /dev/null
+++ b/.changeset/curvy-shrimps-doubt.md
@@ -0,0 +1,11 @@
+---
+'davinci-github-actions': major
+---
+
+- change build-push-image action to encapsulate steps needed to use CI buildx instance when using custom runners.
+
+- by using the CI buildx we can cache the intermediate docker image layers, saving time for the next runs, and also
+ saving with Cloud NAT, since we don't need to download packages for each run.
+
+Breaking changes:
+We added some new inputs and also removed the node-version input.
diff --git a/build-push-image/README.md b/build-push-image/README.md
index c3cecffa..df41f5ca 100644
--- a/build-push-image/README.md
+++ b/build-push-image/README.md
@@ -12,15 +12,22 @@ This GH Action builds a Docker image and pushes to google cloud.
The list of arguments, that are used in GH Action:
-| name | type | required | default | description |
-| ---------------- | ----------------------------------------------------------- | -------- | -------------------------------------------------------------- | ------------------------------------------------------------------------------------------- |
-| `sha` | string | ✅ | | Commit hash that will be used as a tag for the Docker image |
-| `image-name` | string | ✅ | | Name of the Docker image. Might be used in the next steps (for ex.: deploy a Docker image) |
-| `environment` | enum<
`temploy`,
`staging`,
`production`,
> | | staging | Determines additional procedures while creating a Docker image. |
-| `build-args` | string | ✅ | | Multiline string to describe build arguments that will be used during dockerization |
-| `docker-file` | string | | ./davinci/packages/ci/src/configs/docker/Dockerfile.gha-deploy | pathname to Docker file |
-| `davinci-branch` | string | | master | Custom davinci branch |
-| `node-versionв` | string | | 20 | Node.js version used. The action is guaranteed to work only with Node.js@20 (default value) |
+| name | type | required | default | description |
+| ------------------ | ----------------------------------------------------------- | -------- | ----------------- | ------------------------------------------------------------------------------------------ |
+| `sha` | string | | ${{ github.sha }} | Commit hash that will be used as a tag for the Docker image |
+| `image-name` | string | ✅ | | Name of the Docker image. Might be used in the next steps (for ex.: deploy a Docker image) |
+| `build-args` | string | | | Multiline string to describe build arguments that will be used during dockerization |
+| `environment` | enum<
`temploy`,
`staging`,
`production`,
> | | staging | Determines additional procedures while creating a Docker image. |
+| `docker-file` | string | | Dockerfile | pathname to Dockerfile |
+| `davinci-branch` | string | | master | Custom davinci branch |
+| `labels` | string | | | List of metadata for the Docker image |
+| `context` | string | | . | Build context |
+| `push` | string | | true | Push the image to the registry |
+| `platforms` | string | | linux/amd64 | List of target platforms for build |
+| `tags` | string | | | Additional tags for the Docker image |
+| `target` | string | | | Sets the target stage to build |
+| `checkout-davinci` | string | | false | Checkout davinci repository |
+| `registry-name` | string | ✅ | | Registry to push the builded image |
### Outputs
@@ -31,20 +38,23 @@ Not specified
All ENV Variables, defined in a GH Workflow are also passed to a GH Action. It means, the might be reused as is.
This is a list of ENV Variables that are used in GH Action:
-| name | description |
-| ----------------- | -------------------------------------------------- |
-| `GITHUB_TOKEN` | GitHub token. Is used to checkout `davinci` branch |
-| `GCR_ACCOUNT_KEY` | Necessary token to push image to Google cloud |
+| name | description |
+| -------------------------- | --------------------------------------------------------- |
+| `DOCKER_BUILDX_ENDPOINT` | Docker buildx endpoint (Optional if using for GH runners) |
+| `GCR_ACCOUNT_KEY` | Necessary token to push image to Google cloud |
+| `GITHUB_TOKEN` | GitHub token. Is used to checkout `davinci` branch |
+| `TOPTAL_BUILD_BOT_SSH_KEY` | SSH key to access Google cloud |
### Usage
```yaml
- - uses: toptal/davinci-github-actions/build-push-image@v4.4.2
+ - uses: toptal/davinci-github-actions/build-push-image@v15.0.0
with:
- sha: 7042976bc3db21012fe38602bb643618a95aa2d0
image-name: my-image-name
environment: staging
+ checkout-davinci: true
docker-file: ./davinci/packages/ci/src/configs/docker/Dockerfile.gha-deploy
+ registry-name: ${{ steps.parse_secrets.outputs.TOPTAL_DEFAULT_REGISTRY }}
build-args: |
ENV_RUNTIME_ENTRYPOINT=./davinci/packages/ci/src/configs/docker/env-runtime.entrypoint.sh
DIST_FOLDER=./dist
diff --git a/build-push-image/action.yml b/build-push-image/action.yml
index 2ee56b0e..0b0113a2 100644
--- a/build-push-image/action.yml
+++ b/build-push-image/action.yml
@@ -3,88 +3,137 @@ description: |
Builds release image of a project and pushes to cloud
****
envInputs:
- GITHUB_TOKEN: GitHub token. Is used to checkout `davinci` branch
+ DOCKER_BUILDX_ENDPOINT: Docker buildx endpoint (Optional if using for GH runners)
GCR_ACCOUNT_KEY: Necessary token to push image to Google cloud
+ GITHUB_TOKEN: GitHub token. Is used to checkout `davinci` branch
+ TOPTAL_BUILD_BOT_SSH_KEY: SSH key to access Google cloud
inputs:
sha:
- required: true
+ required: false
description: 'Commit hash that will be used as a tag for the Docker image'
+ default: ${{ github.sha }}
image-name:
required: true
description: 'Name of the Docker image. Might be used in the next steps (for ex.: deploy a Docker image)'
+ build-args:
+ required: false
+ description: 'Multiline string to describe build arguments that will be used during dockerization'
environment:
required: false
default: staging
description: 'Determines additional procedures while creating a Docker image. || enum<
`temploy`,
`staging`,
`production`,
>'
- build-args:
- required: true
- description: 'Multiline string to describe build arguments that will be used during dockerization'
docker-file:
- description: 'pathname to Docker file'
required: false
- default: ./davinci/packages/ci/src/configs/docker/Dockerfile.gha-deploy
+ description: 'pathname to Dockerfile'
+ default: Dockerfile
davinci-branch:
- description: 'Custom davinci branch'
required: false
+ description: 'Custom davinci branch'
default: 'master'
- node-versionв:
+ labels:
+ required: false
+ description: 'List of metadata for the Docker image'
+ default: ''
+ context:
required: false
- default: 20
- description: 'Node.js version used. The action is guaranteed to work only with Node.js@20 (default value)'
+ description: 'Build context'
+ default: '.'
+ push:
+ required: false
+ description: 'Push the image to the registry'
+ default: 'true'
+ platforms:
+ required: false
+ description: 'List of target platforms for build'
+ default: 'linux/amd64'
+ tags:
+ required: false
+ description: 'Additional tags for the Docker image'
+ target:
+ required: false
+ description: 'Sets the target stage to build'
+ # Set checkout davinci to true if you want to checkout davinci repository files
+ checkout-davinci:
+ required: false
+ description: 'Checkout davinci repository'
+ default: 'false'
+ registry-name:
+ required: true
+ description: 'Registry to push the builded image'
runs:
using: composite
steps:
- name: Check out davinci
- uses: actions/checkout@v3
+ if: ${{ inputs.checkout-davinci == 'true' }}
+ uses: actions/checkout@v4
with:
repository: toptal/davinci
token: ${{ env.GITHUB_TOKEN }}
path: davinci
+ sparse-checkout: |
+ /packages/ci/src/configs/docker/Dockerfile.gha-deploy
+ /packages/ci/src/configs/docker/env-runtime.entrypoint.sh
+ /packages/davinci/docker/nginx-vhost.conf
+ sparse-checkout-cone-mode: false
ref: ${{ inputs.davinci-branch }}
- - name: Set up node
- uses: actions/setup-node@v4.0.0
- with:
- node-version: ${{ inputs.node-version }}
-
- - id: meta-latest
+ - id: meta-build
shell: bash
env:
ENVIRONMENT: ${{ inputs.environment }}
+ REGISTRY: ${{ inputs.registry-name }}
run: |
latest=$(if [[ $ENVIRONMENT == 'temploy' ]]; then echo false; else echo true; fi)
echo latest=$latest >> $GITHUB_OUTPUT
+ echo REGISTRY_REGION=$(echo $REGISTRY | awk -F'/' '{print $1}') >> $GITHUB_OUTPUT
- name: Docker meta
+ uses: docker/metadata-action@v5
id: meta
- uses: docker/metadata-action@v5.2.0
with:
images: |
- us-central1-docker.pkg.dev/toptal-hub/containers/${{ inputs.image-name }}
+ ${{ inputs.registry-name }}/${{ inputs.image-name }}
tags: |
type=raw,enable=true,priority=200,prefix=,suffix=,value=${{ inputs.sha }}
+ ${{ inputs.tags }}
flavor: |
- latest=${{ steps.meta-latest.outputs.latest }}
+ latest=${{ steps.meta-build.outputs.latest }}
+
+ - name: Use SSH key
+ uses: toptal/ssh-agent@v0.4.1
+ with:
+ ssh-private-key: ${{ env.TOPTAL_BUILD_BOT_SSH_KEY }}
- name: Login to Google Artifact Registry - GAR
uses: docker/login-action@v3
with:
- registry: us-central1-docker.pkg.dev
+ registry: ${{ steps.meta-build.outputs.REGISTRY_REGION }}
username: _json_key
password: ${{ env.GCR_ACCOUNT_KEY }}
- - name: Set up Docker Buildx
- id: buildx
+ - name: Set up Docker Buildx - CI custom runners
+ if: contains(runner.name, 'inf-gha-runners-runners')
+ uses: docker/setup-buildx-action@v3
+ with:
+ driver: remote
+ endpoint: ${{ env.DOCKER_BUILDX_ENDPOINT }}
+
+ - name: Set up Docker Buildx - GH runners
+ if: "!contains(runner.name, 'inf-gha-runners-runners')"
uses: docker/setup-buildx-action@v3
- name: Build and push release image
- uses: docker/build-push-action@v5.1.0
+ uses: docker/build-push-action@v5
with:
provenance: false
+ platforms: ${{ inputs.platforms }}
tags: ${{ steps.meta.outputs.tags }}
- push: true
- context: .
+ target: ${{ inputs.target }}
+ push: ${{ inputs.push }}
+ context: ${{ inputs.context }}
+ labels: ${{ inputs.labels }}
file: ${{ inputs.docker-file }}
build-args: ${{ inputs.build-args }}
+ ssh: default