Skip to content
Fuhon (cpp-Filecoin)

chore: update ubuntu 20.04 to ubuntu-latest and actions/cache to v4 #187

Sign in to view logs

chore: update ubuntu 20.04 to ubuntu-latest and actions/cache to v4

chore: update ubuntu 20.04 to ubuntu-latest and actions/cache to v4 #187

Workflow file for this run

.github/workflows/build-cpp-filecoin.yml at a54a6ca
## DO NOT EDIT
## Generated from build-cpp-filecoin.src.yml with make-workflows.sh
name: Fuhon (cpp-Filecoin)
on:
push:
branches: [master]
tags: '**'
pull_request:
branches: [master] ## target branches
jobs:
## GitHub Actions Workflow does not support yaml anchors
## and that is why there is a workaround with make-workflows.sh
## You should `pre-commit install` or use `pre-commit-hook.sh`,
## anyway please read .github/README.md
check_workflow_yaml_coressponds_to_src_yaml:
runs-on: ubuntu-latest
#container: ubuntu:latest ## This is required as barrier between AWS-hosted runners and GitHub-hosted runners - they have different set of software, so run in container
name: Check if github workflows were properly made from sources
steps:
- name: REF and SHA of commented PR to ENV
if: github.event.comment
run: >
curl -fsSL ${{github.event.issue.pull_request.url}} -H "Authorization: token ${{github.token}}" | jq -r '
"PR_REF="+.head.ref,
"PR_SHA="+.head.sha,
"PR_NUM="+(.number|tostring),
"PR_REPO="+.head.repo.full_name' >>$GITHUB_ENV
- name: Checkout
uses: actions/checkout@v2
with:
ref: ${{env.PR_REF}} ## not empty on issue_comment, else default value GITHUB_REF
repository: ${{env.PR_REPO}} ## not empty on issue_comment, else default value github.repository, required by forks
- run: sudo snap install yq
- name: Check if .github/workflows/*.yml correspond to *.src.yml
run: |
set -x
[[ $(./.github/make-workflows.sh -x --worktree) = *"everything is up to date" ]]
## Build docker image named 'filecoin/fuhon-builder' with all stuff to compile fuhon and its dependancies
## The result docker image is pushed with tags :pr-NUMBER, :commit-HASH, :branch-name, :tag-name,
## and conditional tags :edge for development branch, and :latest for git-tags.
## Note: image is push only when DockerHub login-token pair available - not to PRs from forks.
Docker-fuhon-builder:
needs: check_workflow_yaml_coressponds_to_src_yaml
runs-on: ubuntu-latest #[ self-hosted, Linux ]
env:
DOCKERHUB_ORG: soramitsu ## Cannot use ${{ secrets.DOCKERHUB_ORG }}
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
steps:
- name: System info
run: |
set -x
whoami
id $(whoami)
free || vm_stat | perl -ne '/page size of (\d+)/ and $size=$1;
/Pages\s+([^:]+)[^\d]+(\d+)/ and printf("%-16s % 16.2f Mi\n", "$1:", $2 * $size / 1048576);'
df -h
- name: Build info
run: |
cat << 'END'
ref:${{github.ref}}
sha:${{github.sha}}
run_number:${{github.run_number}}
event_name:${{github.event_name}}
event.action:${{github.event.action}}
event.issue.number:${{ github.event.issue.number }}
END
- name: REF and SHA of commented PR to ENV
if: github.event.comment
run: >
curl -fsSL ${{github.event.issue.pull_request.url}} -H "Authorization: token ${{github.token}}" | jq -r '
"PR_REF="+.head.ref,
"PR_SHA="+.head.sha,
"PR_NUM="+(.number|tostring),
"PR_REPO="+.head.repo.full_name' >>$GITHUB_ENV
- name: Checkout
uses: actions/checkout@v2
with:
ref: ${{env.PR_REF}} ## not empty on issue_comment, else default value GITHUB_REF
repository: ${{env.PR_REPO}} ## not empty on issue_comment, else default value github.repository, required by forks
- name: Determine dockertag
id: dockertag
env:
dockertag: ${{ hashFiles('docker/**') }}
run: |
echo "::set-output name=dockertag::$dockertag"
echo >>$GITHUB_ENV dockertag=$dockertag
test -n "$DOCKERHUB_ORG" || {
echo ::error::"DOCKERHUB_ORG must contain value"
false
}
- name: Login to DockerHub
if: ${{ env.DOCKERHUB_TOKEN != '' && env.DOCKERHUB_USERNAME != '' }}
id: docker_login
uses: docker/login-action@v1
with:
registry: docker.soramitsu.co.jp
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Possible WARNING
if: ${{ steps.docker_login.outcome == 'skipped' }}
run: echo "::warning::DOCKERHUB_TOKEN and DOCKERHUB_USERNAME are empty. Will build but NOT push."
- name: Docker meta
id: meta
uses: docker/metadata-action@v3
with:
# registry.rocket.chat/rocketchat/rocket.chat:latest
images: docker.soramitsu.co.jp/fuhon/node
tags: |
type=raw,value=${{env.dockertag}}
type=ref,event=branch
type=ref,event=pr
type=ref,event=tag
type=schedule
type=edge,branch=develop
## Docker image will be pushed with tags:
## - hash of file Dockerfile.builder
## - branchname, when branch is pushed
## - pr-NUMBER, when pushed to PR
## - git tag when tag is pushed
## - semver like 1.2.3 and 1.2 when tag vX.X.X is pushed
## - tag 'edge' when branch support/1.2.x is pushed
## - schedule, see the docs
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Cache Docker layers
uses: actions/cache@v4
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{env.dockertag}}
restore-keys: ${{ runner.os }}-buildx-
- id: build_and_push
name: Build and push
uses: docker/build-push-action@v2
with:
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
push: ${{ steps.docker_login.outcome == 'success' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
context: .
- # Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Check if dockertaghash exists in remote registry
id: dockertag_already
run: |
echo "::set-output name=container::$DOCKERHUB_ORG/fuhon:$dockertag"
- name: Possible ERROR, Dockerfile edited but image cannot be pushed
if: ${{ steps.docker_login.outcome != 'success' || steps.build_and_push.outcome != 'success' }}
env:
container: ${{steps.dockertag_already.outputs.container}}
dockertag: ${{env.dockertag}}
run: |
cat <<END
::error::CHANGES TO Dockerfile.builder WERE NOT APPLYED.
It seems container with tag '$dockertag' was not pushed to registry and does not exist remotely.
The most possible reason is GitHub secrets are inaccessable to PRs from public forks.
$(test ${{github.event.pull_request.head.repo.full_name}} != ${{github.event.pull_request.base.repo.full_name}} \
&& echo -n "SECRETS ARE NOT EXPOSED TO FORKS" || echo -n "SECRETS AVAILABLE")
**Consider to open PR from the same organization.**
What we know about this build:
- PR URL is ${{github.event.pull_request.html_url}}
- head repo is '${{github.event.pull_request.head.repo.full_name}}'
- base repo is '${{github.event.pull_request.base.repo.full_name}}'
- See more information in previous step 'Show context'
Please ask @ahmedelkashev on GitHub or in Telegram if you need help.
END
false
outputs:
## WARN secret dropped from output!, output may not contain secret,
## and secret cannot be used in job:container directly, and there is no github non-secret variables...
## if dockertag is already pushed then use it. But let it be empty when tag does not exist remotely.
dockertag: ${{steps.dockertag.outputs.dockertag}}
container: ${{steps.dockertag_already.outputs.container}}
pushed: ${{ steps.docker_login.outcome == 'success' && steps.build_and_push.outcome == 'success' }}