diff --git a/.github/workflows/build-and-push-images.yaml b/.github/workflows/build-and-push-images.yaml index d32f94b..d42c4f5 100644 --- a/.github/workflows/build-and-push-images.yaml +++ b/.github/workflows/build-and-push-images.yaml @@ -1,8 +1,12 @@ name: Build and Publish Images on: - - push - - pull_request + push: + branches: + - main + tags: + - 'v*' + pull_request: jobs: build-and-publish: @@ -15,42 +19,31 @@ jobs: include: - component-name: databend-operator dockerfile: ./Dockerfile - platforms: linux/amd64,linux/arm64,linux/ppc64le + platforms: linux/amd64,linux/arm64 + + permissions: + contents: read + packages: write + steps: - name: Checkout uses: actions/checkout@v4 - # TODO(Electronic-Waste): Uncomment the following steps when - # - name: Docker Login - # # Trigger workflow only for databendcloud/databend-operator repository with specific branch (master, release-*) or tag (v.*). - # if: >- - # github.repository == 'databendcloud/databend-operator' && - # (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-') || startsWith(github.ref, 'refs/tags/v')) - # uses: docker/login-action@v3 - # with: - # username: ${{ secrets.DOCKERHUB_USERNAME }} - # password: ${{ secrets.DOCKERHUB_TOKEN }} - - # - name: Publish Component ${{ matrix.component-name }} - # # Trigger workflow only for databendcloud/databend-operator repository with specific branch (master, release-*) or tag (v.*). - # if: >- - # github.repository == 'databendcloud/databend-operator' && - # (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-') || startsWith(github.ref, 'refs/tags/v')) - # id: publish - # uses: ./.github/workflows/template-publish-image - # with: - # image: docker.io/datafuselabs/${{ matrix.component-name }} - # dockerfile: ${{ matrix.dockerfile }} - # platforms: ${{ matrix.platforms }} - # context: ${{ matrix.context }} - # push: true + - name: Set Push Flag + id: set-push + run: | + if [[ "${{ github.event_name }}" == "push" && (${{ github.ref == 'refs/heads/main' }} || ${{ startsWith(github.ref, 'refs/tags/') }})]]; then + echo "push=true" >> $GITHUB_OUTPUT + else + echo "push=false" >> $GITHUB_OUTPUT + fi - - name: Test Build For Component ${{ matrix.component-name }} - # if: steps.publish.outcome == 'skipped' + - name: Build And Publish Component ${{ matrix.component-name }} uses: ./.github/workflows/template-publish-image with: - image: docker.io/datafuselabs/${{ matrix.component-name }} + image: ${{ matrix.component-name }} dockerfile: ${{ matrix.dockerfile }} platforms: ${{ matrix.platforms }} - context: ${{ matrix.context }} - push: false + context: ${{ matrix.context || '.' }} + push: ${{ steps.set-push.outputs.push }} + github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/template-publish-image/action.yaml b/.github/workflows/template-publish-image/action.yaml index 0d33215..53f331b 100644 --- a/.github/workflows/template-publish-image/action.yaml +++ b/.github/workflows/template-publish-image/action.yaml @@ -19,6 +19,13 @@ inputs: push: required: true description: whether to push container images or not + github_token: + required: true + description: GitHub token used for authentication with GHCR + build_args: + required: false + default: '' + description: Additional build arguments for Docker build runs: using: composite @@ -67,21 +74,65 @@ runs: echo "Docker service status:" sudo systemctl --no-pager -l -o short status docker + - name: Configure Go Build Cache + shell: bash + run: | + export GOPATH=/tmp/go + export GOCACHE=/tmp/go-cache + export GOMODCACHE=/tmp/go-mod-cache + mkdir -p $GOPATH $GOCACHE $GOMODCACHE + echo "GOPATH=$GOPATH" >> $GITHUB_ENV + echo "GOCACHE=$GOCACHE" >> $GITHUB_ENV + echo "GOMODCACHE=$GOMODCACHE" >> $GITHUB_ENV + CORES=$(nproc) + GOMAXPROCS=$((CORES-1)) + echo "GOMAXPROCS=$GOMAXPROCS" >> $GITHUB_ENV + - name: Setup QEMU uses: docker/setup-qemu-action@v3 with: - platforms: amd64,ppc64le,arm64 + platforms: amd64,arm64 - name: Set Up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + buildkitd-flags: --debug + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ inputs.github_token }} + + - name: Extract GitHub Repository Information + id: repo-info + shell: bash + run: | + REPO_NAME=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') + echo "repo_name=${REPO_NAME}" >> $GITHUB_OUTPUT + + - name: Prepare Build Args + id: build-args + shell: bash + run: | + BUILD_ARGS="GOPROXY=https://proxy.golang.org,direct" + BUILD_ARGS="${BUILD_ARGS} GOMAXPROCS=${GOMAXPROCS}" + + if [[ -n "${{ inputs.build_args }}" ]]; then + BUILD_ARGS="${BUILD_ARGS} ${{ inputs.build_args }}" + fi + + echo "args=${BUILD_ARGS}" >> $GITHUB_OUTPUT + echo "Prepared build args: ${BUILD_ARGS}" - name: Add Docker Tags id: meta uses: docker/metadata-action@v5 with: - images: ${{ inputs.image }} + images: ghcr.io/${{ steps.repo-info.outputs.repo_name }}/${{ inputs.image }} tags: | - type=raw,latest + type=raw,value=latest type=sha - name: Build and Push @@ -92,5 +143,8 @@ runs: file: ${{ inputs.dockerfile }} push: ${{ inputs.push }} tags: ${{ steps.meta.outputs.tags }} - cache-from: type=gha - cache-to: type=gha,ignore-error=true + cache-from: type=gha,scope=${{ inputs.image }}-${{ github.workflow }} + cache-to: type=gha,mode=max,scope=${{ inputs.image }}-${{ github.workflow }},ignore-error=true + build-args: ${{ steps.build-args.outputs.args }} + pull: true + outputs: type=registry,compression=zstd,compression-level=3,force-compression=true \ No newline at end of file