Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[CI-3516] Change build-push-image action #315

Merged
merged 6 commits into from
Jun 3, 2024
Merged

[CI-3516] Change build-push-image action #315

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
065c7f7
Change build-push-image action
jcobarreto May 13, 2024
4cb6561
Add changeset
jcobarreto May 29, 2024
0c247e4
Update README.md
jcobarreto May 29, 2024
61fe1f2
Merge branch 'master' into ci-3516-change-build-push-image-action
jcobarreto May 29, 2024
4f544d4
Fix typo
jcobarreto May 30, 2024
9af99cc
Change PR review recommendations
jcobarreto Jun 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions .changeset/curvy-shrimps-doubt.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
'davinci-github-actions': major
---

- change build-push-image action to encapsulate steps needed to use CI buildx instance when using custom runners.

- by using the CI buildx we can cache the intermediate docker image layers, saving time for the next runs, and also
saving with Cloud NAT, since we don't need to download packages for each run.

Breaking changes:
We added some new inputs and also removed the node-version input.
40 changes: 25 additions & 15 deletions build-push-image/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,15 +12,22 @@ This GH Action builds a Docker image and pushes to google cloud.

The list of arguments, that are used in GH Action:

| name | type | required | default | description |
| ---------------- | ----------------------------------------------------------- | -------- | -------------------------------------------------------------- | ------------------------------------------------------------------------------------------- |
| `sha` | string | ✅ | | Commit hash that will be used as a tag for the Docker image |
| `image-name` | string | ✅ | | Name of the Docker image. Might be used in the next steps (for ex.: deploy a Docker image) |
| `environment` | enum<<br/>`temploy`,<br/>`staging`,<br/>`production`,<br/>> | | staging | Determines additional procedures while creating a Docker image. |
| `build-args` | string | ✅ | | Multiline string to describe build arguments that will be used during dockerization |
| `docker-file` | string | | ./davinci/packages/ci/src/configs/docker/Dockerfile.gha-deploy | pathname to Docker file |
| `davinci-branch` | string | | master | Custom davinci branch |
| `node-versionв` | string | | 20 | Node.js version used. The action is guaranteed to work only with Node.js@20 (default value) |
| name | type | required | default | description |
| ------------------ | ----------------------------------------------------------- | -------- | ----------------- | ------------------------------------------------------------------------------------------ |
| `sha` | string | | ${{ github.sha }} | Commit hash that will be used as a tag for the Docker image |
| `image-name` | string | ✅ | | Name of the Docker image. Might be used in the next steps (for ex.: deploy a Docker image) |
| `build-args` | string | | | Multiline string to describe build arguments that will be used during dockerization |
| `environment` | enum<<br/>`temploy`,<br/>`staging`,<br/>`production`,<br/>> | | staging | Determines additional procedures while creating a Docker image. |
| `docker-file` | string | | Dockerfile | pathname to Dockerfile |
| `davinci-branch` | string | | master | Custom davinci branch |
| `labels` | string | | | List of metadata for the Docker image |
| `context` | string | | . | Build context |
| `push` | string | | true | Push the image to the registry |
| `platforms` | string | | linux/amd64 | List of target platforms for build |
| `tags` | string | | | Additional tags for the Docker image |
| `target` | string | | | Sets the target stage to build |
| `checkout-davinci` | string | | false | Checkout davinci repository |
| `registry-name` | string | ✅ | | Registry to push the builded image |

### Outputs

Expand All @@ -31,20 +38,23 @@ Not specified
All ENV Variables, defined in a GH Workflow are also passed to a GH Action. It means, the might be reused as is.
This is a list of ENV Variables that are used in GH Action:

| name | description |
| ----------------- | -------------------------------------------------- |
| `GITHUB_TOKEN` | GitHub token. Is used to checkout `davinci` branch |
| `GCR_ACCOUNT_KEY` | Necessary token to push image to Google cloud |
| name | description |
| -------------------------- | --------------------------------------------------------- |
| `DOCKER_BUILDX_ENDPOINT` | Docker buildx endpoint (Optional if using for GH runners) |
| `GCR_ACCOUNT_KEY` | Necessary token to push image to Google cloud |
| `GITHUB_TOKEN` | GitHub token. Is used to checkout `davinci` branch |
| `TOPTAL_BUILD_BOT_SSH_KEY` | SSH key to access Google cloud |

### Usage

```yaml
- uses: toptal/davinci-github-actions/build-push-image@v4.4.2
- uses: toptal/davinci-github-actions/build-push-image@v15.0.0
with:
sha: 7042976bc3db21012fe38602bb643618a95aa2d0
image-name: my-image-name
environment: staging
checkout-davinci: true
docker-file: ./davinci/packages/ci/src/configs/docker/Dockerfile.gha-deploy
registry-name: ${{ steps.parse_secrets.outputs.TOPTAL_DEFAULT_REGISTRY }}
build-args: |
ENV_RUNTIME_ENTRYPOINT=./davinci/packages/ci/src/configs/docker/env-runtime.entrypoint.sh
DIST_FOLDER=./dist
Expand Down
103 changes: 76 additions & 27 deletions build-push-image/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,88 +3,137 @@ description: |
Builds release image of a project and pushes to cloud
****
envInputs:
GITHUB_TOKEN: GitHub token. Is used to checkout `davinci` branch
DOCKER_BUILDX_ENDPOINT: Docker buildx endpoint (Optional if using for GH runners)
GCR_ACCOUNT_KEY: Necessary token to push image to Google cloud
GITHUB_TOKEN: GitHub token. Is used to checkout `davinci` branch
TOPTAL_BUILD_BOT_SSH_KEY: SSH key to access Google cloud

inputs:
sha:
required: true
required: false
description: 'Commit hash that will be used as a tag for the Docker image'
default: ${{ github.sha }}
image-name:
required: true
description: 'Name of the Docker image. Might be used in the next steps (for ex.: deploy a Docker image)'
build-args:
required: false
description: 'Multiline string to describe build arguments that will be used during dockerization'
environment:
required: false
default: staging
description: 'Determines additional procedures while creating a Docker image. || enum<<br/>`temploy`,<br/>`staging`,<br/>`production`,<br/>>'
build-args:
required: true
description: 'Multiline string to describe build arguments that will be used during dockerization'
docker-file:
description: 'pathname to Docker file'
required: false
default: ./davinci/packages/ci/src/configs/docker/Dockerfile.gha-deploy
description: 'pathname to Dockerfile'
default: Dockerfile
davinci-branch:
description: 'Custom davinci branch'
required: false
description: 'Custom davinci branch'
default: 'master'
node-versionв:
labels:
required: false
description: 'List of metadata for the Docker image'
default: ''
context:
required: false
default: 20
description: 'Node.js version used. The action is guaranteed to work only with Node.js@20 (default value)'
description: 'Build context'
default: '.'
push:
required: false
description: 'Push the image to the registry'
default: 'true'
platforms:
required: false
description: 'List of target platforms for build'
default: 'linux/amd64'
tags:
required: false
description: 'Additional tags for the Docker image'
target:
required: false
description: 'Sets the target stage to build'
# Set checkout davinci to true if you want to checkout davinci repository files
checkout-davinci:
required: false
description: 'Checkout davinci repository'
default: 'false'
registry-name:
required: true
description: 'Registry to push the builded image'

runs:
using: composite
steps:
- name: Check out davinci
uses: actions/checkout@v3
if: ${{ inputs.checkout-davinci == 'true' }}
uses: actions/checkout@v4
with:
repository: toptal/davinci
token: ${{ env.GITHUB_TOKEN }}
path: davinci
sparse-checkout: |
/packages/ci/src/configs/docker/Dockerfile.gha-deploy
/packages/ci/src/configs/docker/env-runtime.entrypoint.sh
/packages/davinci/docker/nginx-vhost.conf
sparse-checkout-cone-mode: false
ref: ${{ inputs.davinci-branch }}

- name: Set up node
uses: actions/[email protected]
with:
node-version: ${{ inputs.node-version }}

- id: meta-latest
- id: meta-build
shell: bash
env:
ENVIRONMENT: ${{ inputs.environment }}
REGISTRY: ${{ inputs.registry-name }}
run: |
latest=$(if [[ $ENVIRONMENT == 'temploy' ]]; then echo false; else echo true; fi)
echo latest=$latest >> $GITHUB_OUTPUT
echo REGISTRY_REGION=$(echo $REGISTRY | awk -F'/' '{print $1}') >> $GITHUB_OUTPUT

- name: Docker meta
uses: docker/metadata-action@v5
id: meta
uses: docker/[email protected]
with:
images: |
us-central1-docker.pkg.dev/toptal-hub/containers/${{ inputs.image-name }}
${{ inputs.registry-name }}/${{ inputs.image-name }}
tags: |
type=raw,enable=true,priority=200,prefix=,suffix=,value=${{ inputs.sha }}
${{ inputs.tags }}
flavor: |
latest=${{ steps.meta-latest.outputs.latest }}
latest=${{ steps.meta-build.outputs.latest }}

- name: Use SSH key
uses: toptal/[email protected]
with:
ssh-private-key: ${{ env.TOPTAL_BUILD_BOT_SSH_KEY }}

- name: Login to Google Artifact Registry - GAR
uses: docker/login-action@v3
with:
registry: us-central1-docker.pkg.dev
registry: ${{ steps.meta-build.outputs.REGISTRY_REGION }}
username: _json_key
password: ${{ env.GCR_ACCOUNT_KEY }}

- name: Set up Docker Buildx
id: buildx
- name: Set up Docker Buildx - CI custom runners
if: contains(runner.name, 'inf-gha-runners-runners')
uses: docker/setup-buildx-action@v3
with:
driver: remote
endpoint: ${{ env.DOCKER_BUILDX_ENDPOINT }}

- name: Set up Docker Buildx - GH runners
if: "!contains(runner.name, 'inf-gha-runners-runners')"
uses: docker/setup-buildx-action@v3

- name: Build and push release image
uses: docker/build-push-action@v5.1.0
uses: docker/build-push-action@v5
with:
provenance: false
platforms: ${{ inputs.platforms }}
tags: ${{ steps.meta.outputs.tags }}
push: true
context: .
target: ${{ inputs.target }}
push: ${{ inputs.push }}
context: ${{ inputs.context }}
labels: ${{ inputs.labels }}
file: ${{ inputs.docker-file }}
build-args: ${{ inputs.build-args }}
ssh: default
Loading