From 1907856a896e7a91bee5680914bb34566e8640e0 Mon Sep 17 00:00:00 2001 From: Antonin Bas Date: Mon, 29 Jul 2024 10:25:41 -0700 Subject: [PATCH] Use appropriate docker driver in Github worfklows (#6559) For most workflows, we want to use the "docker" driver, while the "docker-container" driver should be used when images need to be pushed to the registry (so we can use registry-based caching). When using the "docker-container" driver, images are built in a build container, and there is no access to the docker image store (see https://github.com/moby/buildkit/issues/2343). This means that when building a new image, we cannot use "local" images as base images. This is an issue because the base image may not exist yet in the directory, and because we may want to use a modified base image which is not the same as the one in the registry. Signed-off-by: Antonin Bas --- .github/workflows/build.yml | 30 ++++++++++++++++--- .github/workflows/build_tag.yml | 4 +++ .github/workflows/conformance.yml | 2 ++ .github/workflows/kind.yml | 2 ++ .github/workflows/kind_ubi.yml | 2 ++ .../workflows/trivy_scan_before_release.yml | 2 ++ 6 files changed, 38 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 69e98a72310..e5e26d2fcbf 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -36,14 +36,25 @@ jobs: - uses: actions/checkout@v4 with: show-progress: false + - name: Checking if image needs to be pushed + run: | + if [ ${{ github.repository }} == 'antrea-io/antrea' && ${{ github.event_name }} == 'push' && ${{ github.ref }} == 'refs/heads/main' ]; then + echo "push_needed=true" >> $GITHUB_ENV + echo "docker_driver=docker-container" >> $GITHUB_ENV + else + echo "push_needed=false" >> $GITHUB_ENV + echo "docker_driver=docker" >> $GITHUB_ENV + fi - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + driver: ${{ env.docker_driver }} - name: Build Antrea amd64 Docker image without pushing to registry - if: ${{ github.repository != 'antrea-io/antrea' || github.event_name != 'push' || github.ref != 'refs/heads/main' }} + if: ${{ env.push_needed == 'false' }} run: | ./hack/build-antrea-linux-all.sh --pull - name: Build and push Antrea amd64 Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} + if: ${{ env.push_needed == 'true' }} env: DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} @@ -77,17 +88,28 @@ jobs: - uses: actions/checkout@v4 with: show-progress: false + - name: Checking if image needs to be pushed + run: | + if [ ${{ github.repository }} == 'antrea-io/antrea' && ${{ github.event_name }} == 'push' && ${{ github.ref }} == 'refs/heads/main' ]; then + echo "push_needed=true" >> $GITHUB_ENV + echo "docker_driver=docker-container" >> $GITHUB_ENV + else + echo "push_needed=false" >> $GITHUB_ENV + echo "docker_driver=docker" >> $GITHUB_ENV + fi - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + driver: ${{ env.docker_driver }} - uses: actions/setup-go@v5 with: go-version-file: 'go.mod' - name: Build Antrea UBI9 Docker image without pushing to registry - if: ${{ github.repository != 'antrea-io/antrea' || github.event_name != 'push' || github.ref != 'refs/heads/main' }} + if: ${{ env.push_needed == 'false' }} run: | ./hack/build-antrea-linux-all.sh --pull --distro ubi - name: Build and push Antrea UBI9 Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} + if: ${{ env.push_needed == 'true' }} env: DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} diff --git a/.github/workflows/build_tag.yml b/.github/workflows/build_tag.yml index 97cc1d2e618..5ca7b8108c0 100644 --- a/.github/workflows/build_tag.yml +++ b/.github/workflows/build_tag.yml @@ -26,6 +26,10 @@ jobs: - uses: actions/checkout@v4 with: show-progress: false + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + driver: docker - name: Build and push Antrea Ubuntu amd64 Docker image to registry env: DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} diff --git a/.github/workflows/conformance.yml b/.github/workflows/conformance.yml index b231f08d0a6..b2fe09a8fb2 100644 --- a/.github/workflows/conformance.yml +++ b/.github/workflows/conformance.yml @@ -65,6 +65,8 @@ jobs: - name: Set up Docker Buildx if required if: ${{ steps.check-release.outputs.released == 'false' }} uses: docker/setup-buildx-action@v3 + with: + driver: docker - name: Build Antrea image if required if: ${{ steps.check-release.outputs.released == 'false' }} run: | diff --git a/.github/workflows/kind.yml b/.github/workflows/kind.yml index 628179e7c76..ba26f228bcb 100644 --- a/.github/workflows/kind.yml +++ b/.github/workflows/kind.yml @@ -39,6 +39,8 @@ jobs: show-progress: false - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + driver: docker - name: Build Antrea Docker image with code coverage support run: | ./hack/build-antrea-linux-all.sh --pull --coverage diff --git a/.github/workflows/kind_ubi.yml b/.github/workflows/kind_ubi.yml index 42d236ef840..3e4ee753a3d 100644 --- a/.github/workflows/kind_ubi.yml +++ b/.github/workflows/kind_ubi.yml @@ -42,6 +42,8 @@ jobs: show-progress: false - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + driver: docker - uses: actions/setup-go@v5 with: go-version-file: 'go.mod' diff --git a/.github/workflows/trivy_scan_before_release.yml b/.github/workflows/trivy_scan_before_release.yml index 3debd1e94a3..b047eef9771 100644 --- a/.github/workflows/trivy_scan_before_release.yml +++ b/.github/workflows/trivy_scan_before_release.yml @@ -13,6 +13,8 @@ jobs: - uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + driver: docker - name: Build Antrea Docker image run: | ./hack/build-antrea-linux-all.sh --pull