publish 'use' images #233
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Proposal tests | |
| # run on all PRs | |
| on: | |
| pull_request: | |
| workflow_dispatch: | |
| merge_group: | |
| push: | |
| branches: [main] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| # Name these so they look less similar than AMD/ARM; omit 64 as uninformative. | |
| X86_PLATFORM: linux/amd64 | |
| ARM_PLATFORM: linux/arm64/v8 | |
| jobs: | |
| platforms: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| platforms: '${{ steps.platforms.outputs.platforms }}' | |
| steps: | |
| - name: Compute Docker platforms | |
| id: platforms | |
| run: | | |
| if ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}; then | |
| # JSON-encoded list consisting only of the default platform. | |
| platforms='["'"$X86_PLATFORM"'"]' | |
| else | |
| platforms='["$X86_PLATFORM","$ARM_PLATFORM"]' | |
| fi | |
| echo "platforms=$platforms" >> $GITHUB_OUTPUT | |
| use-proposals: | |
| needs: [platforms] | |
| # UNTIL https://github.com/Agoric/agoric-3-proposals/issues/2 | |
| timeout-minutes: 120 | |
| strategy: | |
| matrix: | |
| platform: ${{ fromJSON(needs.platforms.outputs.platforms) }} | |
| # Run on our own self-hosted ARM64 machine if the platform is ARMish. | |
| runs-on: ${{ contains(matrix.platform, '/arm') && fromJSON('["self-hosted","Linux","ARM64"]') || 'ubuntu-latest' }} | |
| steps: | |
| - name: free up disk space | |
| if: ${{ !contains(matrix.platform, '/arm') }} | |
| run: | | |
| # Workaround to provide additional free space for testing. | |
| # https://github.com/actions/runner-images/issues/2840#issuecomment-790492173 | |
| # If this turns out not to be enough, maybe look instead at | |
| # https://github.com/actions/runner-images/issues/2840#issuecomment-1540506686 | |
| df -h | |
| sudo rm -rf /usr/share/dotnet | |
| sudo rm -rf /opt/ghc | |
| sudo rm -rf "/usr/local/share/boost" | |
| sudo rm -rf "$AGENT_TOOLSDIRECTORY" | |
| echo "=== After cleanup:" | |
| df -h | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Set up QEMU for cross-platform builds | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| # see https://docs.github.com/en/actions/publishing-packages/publishing-docker-images | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Compute Docker tags | |
| id: docker-tags | |
| run: | | |
| sep= | |
| # A list of comma-separated tags to merge in the final image. | |
| SUFFIXED= | |
| # Our platform, replacing slashes with underscores. | |
| uarch=$(echo "${{ matrix.platform }}" | tr / _) | |
| for TAG in ${{ steps.meta.outputs.tags }}; do | |
| SUFFIXED="$SUFFIXED$sep$TAG-$uarch" | |
| if test -z "$sep"; then | |
| # The first tag (suffixed with our architecture) is the one we build. | |
| sep=, | |
| echo "tag=$TAG-$uarch" | tee -a $GITHUB_OUTPUT | |
| fi | |
| done | |
| echo "tags=$SUFFIXED" | tee -a $GITHUB_OUTPUT | |
| # The .ts scripts depend upon this | |
| - run: tsx --version || npm install --global tsx | |
| # Enable corepack for packageManager config | |
| - run: corepack enable || sudo corepack enable | |
| - run: yarn install | |
| # Set up docker-bake files used by docker/bake-action | |
| - run: node_modules/.bin/synthetic-chain prepare-ci | |
| # Matrix within "bake" instead of GitHub Actions because the actions | |
| # won't resolv the DAG of what to build first. | |
| - name: Push proposal "use" images | |
| uses: docker/bake-action@v4 | |
| with: | |
| files: | | |
| ./docker-bake.json | |
| ./docker-bake.hcl | |
| ${{ steps.meta.outputs.bake-file }} | |
| targets: use | |
| # FIXME DONOTMERGE change to skip PRs once the PR is approved | |
| push: true | |
| # Only build on "main" merges because the tags aren't qualified by PR. | |
| # If we pushed from PRs, each one would overwrite (e.g. use-upgrade-8) | |
| # push: ${{ github.event_name != 'pull_request' }} | |
| - name: Build and push default image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: ${{ matrix.platform }} | |
| # push to registry on every repo push. A PR #2 will push with tag `pr-2` and `main` will have tag `main`. | |
| # See https://github.com/docker/metadata-action?tab=readme-ov-file#basic. | |
| push: true | |
| tags: ${{ steps.docker-tags.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| # see https://docs.docker.com/build/ci/github-actions/test-before-push/ | |
| test-proposals: | |
| needs: use-proposals | |
| # only test in default platform | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| # The .ts scripts depend upon this | |
| - run: tsx --version || npm install --global tsx | |
| # Enable corepack for packageManager config | |
| - run: corepack enable || sudo corepack enable | |
| - run: yarn install | |
| - name: run proposal tests | |
| run: node_modules/.bin/synthetic-chain test | |
| # Merge the default image from each platform into one multi-arch image, | |
| # then publish that multiarch image. | |
| docker-publish-multiarch: | |
| needs: [use-proposals, platforms] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| buildkitd-flags: --debug | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| - name: Compute tags | |
| id: docker-tags | |
| run: | | |
| echo "tags=${{ steps.meta.outputs.tags }}" >> $GITHUB_OUTPUT | |
| - name: Push multiarch image | |
| run: | | |
| set -ex | |
| # Push all tags, comprised of all architectures, to the registry. | |
| for TAG in ${{ steps.docker-tags.outputs.tags }}; do | |
| sources= | |
| for ARCH in ${{ join(fromJson(needs.platforms.outputs.platforms), ' ') }}; do | |
| uarch=$(echo "$ARCH" | tr / _) | |
| BUILD_TAG="$TAG-$uarch" | |
| sources="$sources $BUILD_TAG" | |
| done | |
| docker buildx imagetools create --tag "$TAG"$sources | |
| done | |
| - name: notify on failure | |
| if: failure() && github.event_name != 'pull_request' | |
| uses: ./.github/actions/notify-status | |
| with: | |
| webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
| to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
| password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} |