publish 'use' images #221
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Proposal tests | |
| # run on all PRs | |
| on: | |
| pull_request: | |
| workflow_dispatch: | |
| merge_group: | |
| push: | |
| branches: [main] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| # Name these so they look less similar than AMD/ARM; omit 64 as uninformative. | |
| X86_PLATFORM: linux/amd64 | |
| ARM_PLATFORM: linux/arm64/v8 | |
| jobs: | |
| platforms: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| platforms: '${{ steps.platforms.outputs.platforms }}' | |
| steps: | |
| - name: Compute Docker platforms | |
| id: platforms | |
| run: | | |
| if ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}; then | |
| # JSON-encoded list consisting only of the default platform. | |
| platforms='["'"$X86_PLATFORM"'"]' | |
| else | |
| platforms='["$X86_PLATFORM","$ARM_PLATFORM"]' | |
| fi | |
| echo "platforms=$platforms" >> $GITHUB_OUTPUT | |
| # see https://docs.docker.com/build/ci/github-actions/test-before-push/ | |
| test-proposals: | |
| needs: [platforms] | |
| # UNTIL https://github.com/Agoric/agoric-3-proposals/issues/2 | |
| timeout-minutes: 120 | |
| strategy: | |
| matrix: | |
| platform: ${{ fromJSON(needs.platforms.outputs.platforms) }} | |
| # Run on our own self-hosted ARM64 machine if the platform is ARMish. | |
| runs-on: ${{ contains(matrix.platform, '/arm') && fromJSON('["self-hosted","Linux","ARM64"]') || 'ubuntu-latest' }} | |
| steps: | |
| - name: free up disk space | |
| if: ${{ !contains(matrix.platform, '/arm') }} | |
| run: | | |
| # Workaround to provide additional free space for testing. | |
| # https://github.com/actions/runner-images/issues/2840#issuecomment-790492173 | |
| # If this turns out not to be enough, maybe look instead at | |
| # https://github.com/actions/runner-images/issues/2840#issuecomment-1540506686 | |
| df -h | |
| sudo rm -rf /usr/share/dotnet | |
| sudo rm -rf /opt/ghc | |
| sudo rm -rf "/usr/local/share/boost" | |
| sudo rm -rf "$AGENT_TOOLSDIRECTORY" | |
| echo "=== After cleanup:" | |
| df -h | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Set up QEMU for cross-platform builds | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| # see https://docs.github.com/en/actions/publishing-packages/publishing-docker-images | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Compute Docker tags | |
| id: docker-tags | |
| run: | | |
| sep= | |
| # A list of comma-separated tags to merge in the final image. | |
| SUFFIXED= | |
| # Our platform, replacing slashes with underscores. | |
| uarch=$(echo "${{ matrix.platform }}" | tr / _) | |
| for TAG in ${{ steps.meta.outputs.tags }}; do | |
| SUFFIXED="$SUFFIXED$sep$TAG-$uarch" | |
| if test -z "$sep"; then | |
| # The first tag (suffixed with our architecture) is the one we build. | |
| sep=, | |
| echo "tag=$TAG-$uarch" | tee -a $GITHUB_OUTPUT | |
| fi | |
| done | |
| echo "tags=$SUFFIXED" | tee -a $GITHUB_OUTPUT | |
| # The .ts scripts depend upon this | |
| - run: tsx --version || npm install --global tsx | |
| # Enable corepack for packageManager config | |
| - run: corepack enable || sudo corepack enable | |
| - run: yarn install | |
| - name: build proposal images | |
| run: | | |
| docker info | |
| node_modules/.bin/synthetic-chain build | |
| # TODO run tests in another (non-matrixed) job once "use" images are available in another worker | |
| - name: run proposal tests | |
| if: ${{ matrix.platform == env.X86_PLATFORM }} | |
| run: node_modules/.bin/synthetic-chain test | |
| # TODO: DRY with the "synthetic-chain build" above | |
| - name: Push proposal "use" images | |
| uses: docker/bake-action@v4 | |
| with: | |
| files: | | |
| ./docker-bake.hcl | |
| ${{ steps.meta.outputs.bake-file }} | |
| targets: use | |
| # ??? what will the tags be on a PR? | |
| # push: ${{ github.event_name != 'pull_request' }} | |
| # XXX this should be instant for the local platform because all the stages | |
| # were already built in the steps above but it's re-building the last | |
| # stage. This is deemed good enough for now. see | |
| # https://github.com/moby/moby/issues/34715 | |
| - name: Build and push default image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: ${{ matrix.platform }} | |
| # push to registry on every repo push. A PR #2 will push with tag `pr-2` and `main` will have tag `main`. | |
| # See https://github.com/docker/metadata-action?tab=readme-ov-file#basic. | |
| push: true | |
| tags: ${{ steps.docker-tags.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| # Merge the default image from each platform into one multi-arch image, | |
| # then publish that multiarch image. | |
| docker-publish-multiarch: | |
| needs: [test-proposals, platforms] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| buildkitd-flags: --debug | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| - name: Compute tags | |
| id: docker-tags | |
| run: | | |
| echo "tags=${{ steps.meta.outputs.tags }}" >> $GITHUB_OUTPUT | |
| - name: Push multiarch image | |
| run: | | |
| set -ex | |
| # Push all tags, comprised of all architectures, to the registry. | |
| for TAG in ${{ steps.docker-tags.outputs.tags }}; do | |
| sources= | |
| for ARCH in ${{ join(fromJson(needs.platforms.outputs.platforms), ' ') }}; do | |
| uarch=$(echo "$ARCH" | tr / _) | |
| BUILD_TAG="$TAG-$uarch" | |
| sources="$sources $BUILD_TAG" | |
| done | |
| docker buildx imagetools create --tag "$TAG"$sources | |
| done | |
| - name: notify on failure | |
| if: failure() && github.event_name != 'pull_request' | |
| uses: ./.github/actions/notify-status | |
| with: | |
| webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
| to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
| password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} |