From cb33897f26227f10523211f040a888888d9ed1c1 Mon Sep 17 00:00:00 2001 From: Aakash Singh Date: Mon, 16 Oct 2023 22:58:42 +0530 Subject: [PATCH] feat: docker multiplatform builds (#1646) * docker multiplatform builds * fix concurrency issue --------- Co-authored-by: Vignesh Hari --- .github/workflows/deployment-branch.yaml | 46 +++++++++++------ .github/workflows/deployment.yaml | 66 ++++++++++++++++++------ .github/workflows/test-base.yml | 23 ++++++--- .github/workflows/tests.yml | 2 +- 4 files changed, 99 insertions(+), 38 deletions(-) diff --git a/.github/workflows/deployment-branch.yaml b/.github/workflows/deployment-branch.yaml index de274d679f..776646c1ed 100644 --- a/.github/workflows/deployment-branch.yaml +++ b/.github/workflows/deployment-branch.yaml @@ -5,10 +5,8 @@ on: push: branches: - - abdm - - abdm-m2 - - hcx-communications - - fix-hcx + - abdm-m3 + - hcx_refactors paths-ignore: - "docs/**" @@ -29,33 +27,49 @@ jobs: type=raw,value=${{ github.ref_name}}-${{ github.run_number }} type=raw,value=${{ github.ref_name}} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Cache Docker layers uses: actions/cache@v3 with: path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ hashFiles('r*/base.txt', 'r*/production.txt', 'Dockerfile') }} + key: ${{ runner.os }}-buildx-${{ hashFiles('Pipfile.lock', 'docker/prod.Dockerfile') }} restore-keys: | ${{ runner.os }}-buildx- - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . - file: Dockerfile + file: docker/prod.Dockerfile push: true + provenance: false + platforms: linux/amd64,linux/arm64 tags: ${{ steps.meta.outputs.tags }} + build-args: | + APP_VERSION=${{ github.sha }} cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - name: Create Sentry release + uses: getsentry/action-release@v1 + env: + SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} + SENTRY_ORG: ${{ secrets.SENTRY_ORG }} + SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }} + with: + version: ${{ github.sha }} - name: Move cache run: | diff --git a/.github/workflows/deployment.yaml b/.github/workflows/deployment.yaml index ca12a7dd38..f50eafbbee 100644 --- a/.github/workflows/deployment.yaml +++ b/.github/workflows/deployment.yaml @@ -10,7 +10,7 @@ on: - "docs/**" concurrency: - group: ${{ github.ref }} + group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true env: @@ -55,33 +55,46 @@ jobs: flavor: | latest=true + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to DockerHub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Cache Docker layers + uses: actions/cache@v3 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ hashFiles('Pipfile.lock', 'docker/prod.Dockerfile') }} + restore-keys: | + ${{ runner.os }}-buildx- + - name: Build image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . file: docker/prod.Dockerfile push: true + provenance: false + platforms: linux/amd64,linux/arm64 tags: ${{ steps.meta.outputs.tags }} build-args: | APP_VERSION=${{ github.sha }} - cache-from: type=gha,scope=cached-stage - cache-to: type=gha,scope=cached-stage,mode=max + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - name: Create Sentry release uses: getsentry/action-release@v1 @@ -92,6 +105,11 @@ jobs: with: version: ${{ github.sha }} + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache + build-production: needs: test name: Build & Push Production to container registries @@ -100,9 +118,6 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Docker meta id: meta uses: docker/metadata-action@v4 @@ -118,30 +133,46 @@ jobs: flavor: | latest=false + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to DockerHub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Cache Docker layers + uses: actions/cache@v3 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ hashFiles('Pipfile.lock', 'docker/prod.Dockerfile') }} + restore-keys: | + ${{ runner.os }}-buildx- + - name: Build image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . file: docker/prod.Dockerfile push: true + provenance: false + platforms: linux/amd64,linux/arm64 tags: ${{ steps.meta.outputs.tags }} build-args: | APP_VERSION=${{ github.sha }} - cache-from: type=gha,scope=cached-stage - cache-to: type=gha,scope=cached-stage,mode=max + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - name: Create Sentry release uses: getsentry/action-release@v1 @@ -152,6 +183,11 @@ jobs: with: version: ${{ github.sha }} + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache + deploy-staging-egov: needs: build-staging name: Deploy to ECS API Egov diff --git a/.github/workflows/test-base.yml b/.github/workflows/test-base.yml index b5ef741be5..87a611f4a0 100644 --- a/.github/workflows/test-base.yml +++ b/.github/workflows/test-base.yml @@ -10,17 +10,23 @@ jobs: - uses: actions/checkout@v4 - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 + + - name: Cache Docker layers + uses: actions/cache@v3 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ hashFiles('Pipfile.lock', 'docker/prod.Dockerfile') }} + restore-keys: | + ${{ runner.os }}-buildx- - name: Bake docker images - uses: docker/bake-action@v3.1.0 + uses: docker/bake-action@v4 with: load: true - builder: ${{ steps.buildx.outputs.name }} set: | - *.cache-from=type=gha,scope=cached-stage - *.cache-to=type=gha,scope=cached-stage,mode=max + *.cache-from=type=local,src=/tmp/.buildx-cache + *.cache-to=type=local,dest=/tmp/.buildx-cache-new files: docker-compose.yaml,docker-compose.local.yaml - name: Start services @@ -34,3 +40,8 @@ jobs: - name: Upload coverage report uses: codecov/codecov-action@v3 + + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index d2cfbb4aac..e50648ab5a 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -4,7 +4,7 @@ on: pull_request: concurrency: - group: ${{ github.ref }} + group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: