WIP: reusable container workflow

Author: tamcore

.github/workflows/docker-release.yml

@@ -24,10 +24,37 @@ env:
   IS_PRERELEASE: ${{ github.event.release.prerelease || github.event.inputs.PRERELEASE }}
 
 jobs:
-# ===============================================================
-#   Building Dev Images
-# ===============================================================
+  # This workaround is needed, as it's not possible to reference env.FOOBAR directly at this stage
+  # - for ex. https://github.com/actions/runner/issues/1189
+  release-container-prereq:
+    runs-on: ubuntu-latest
+    outputs:
+      tag: ${{ steps.set-output-defaults.outputs.tag }}
+      tag_latest: ${{ steps.set-output-defaults.outputs.tag_latest }}
+    steps:
+    - id: set-output-defaults
+      run: |
+        echo "::set-output name=tag::${{ env.IS_PRERELEASE == 'true' && 'alpha' || 'ubuntu' }}"
+        echo "::set-output name=tag_latest::${{ env.IS_PRERELEASE == 'true' && 'false' || 'true' }}"
+
+  release-container:
+    needs: release-container-prereq
+    uses: ./.github/workflows/reusable-container-workflow.yaml
+    with:
+      dockerfile: tools/docker/Dockerfile.ubuntu-prod
+      tag: ${{ needs.release-container-prereq.outputs.tag }}
+      tag_latest: ${{ needs.release-container-prereq.outputs.tag_latest == 'true' }}
+      image: ghcr.io/${{ github.repository }}
+      registry: ghcr.io
+      registry_username: ${{ github.repository_owner }}
+      fetch_release: true
+      release_version: ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }}
+    secrets:
+      registry_password: ${{ secrets.GITHUB_TOKEN }}
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   release:
+    needs: [release-container-prereq, release-container]
     runs-on: ubuntu-latest
     steps:
     - name: print_env
@@ -41,76 +68,6 @@ jobs:
     - name: Install helm
       uses: azure/setup-helm@v3
 
-    - uses: dsaltares/fetch-gh-release-asset@master
-      with:
-        version: 'tags/${{ env.TAG_NAME }}'
-        regex: true
-        file: "dragonfly-.*\\.tar\\.gz"
-        target: 'releases/'
-        token: ${{ secrets.GITHUB_TOKEN }}
-
-    - name: Set up QEMU
-      id: qemu
-      uses: docker/setup-qemu-action@v1
-      with:
-          platforms: arm64,amd64
-
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v1
-
-    - name: Login to GitHub Container Registry
-      uses: docker/login-action@v2
-      with:
-        registry: ghcr.io
-        username: ${{ github.actor }}
-        password: ${{ secrets.GITHUB_TOKEN }}
-
-    - name: Extract artifacts
-      run: |
-        echo "Event prerelease ${{ github.event.release.prerelease }}"
-        echo "Input prerelease ${{ github.event.inputs.PRERELEASE }}"
-        ls -l
-        ls -l releases
-        for f in releases/*.tar.gz; do tar xvfz $f -C releases; done
-        rm releases/*.tar.gz
-
-    - name: Build release image
-      if: env.IS_PRERELEASE != 'true'
-      uses: docker/build-push-action@v3
-      with:
-        context: .
-        platforms: linux/amd64,linux/arm64
-
-        # Define QEMU settings inside the builder
-        build-args: |
-          QEMU_CPU=max,pauth-impdef=on
-
-        push: ${{ github.event_name != 'pull_request' }}
-        tags: |
-          ghcr.io/${{ github.repository }}:ubuntu
-          ghcr.io/${{ github.repository }}:latest
-          ghcr.io/${{ github.repository }}:${{ env.TAG_NAME }}
-          ghcr.io/${{ github.repository }}:${{ env.TAG_NAME }}-ubuntu
-
-        file: tools/docker/Dockerfile.ubuntu-prod
-        cache-from: type=registry,ref=${{ github.repository }}:latest
-        cache-to: type=inline
-
-    - name: Build pre-release image
-      if: env.IS_PRERELEASE == 'true'
-      uses: docker/build-push-action@v3
-      with:
-        context: .
-        platforms: linux/amd64,linux/arm64
-
-        push: ${{ github.event_name != 'pull_request' }}
-        tags: |
-          ghcr.io/${{ github.repository }}:alpha
-          ghcr.io/${{ github.repository }}:${{ env.TAG_NAME }}
-        file: tools/docker/Dockerfile.ubuntu-prod
-        cache-from: type=registry,ref=${{ github.repository }}:latest
-        cache-to: type=inline
-
     - name: Configure Git
       if: env.IS_PRERELEASE != 'true'
       run: |

.github/workflows/docker-weekly.yml

@@ -1,7 +1,9 @@
 name: weekly docker build
+
 on:
   schedule:
-    - cron: '0 0 * * 1' # Monday midnight
+    # Monday midnight
+    - cron: '0 0 * * 1'
   workflow_dispatch:
 
 permissions:
@@ -11,51 +13,12 @@ permissions:
 
 jobs:
   weekly-container-build:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: checkout
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-          submodules: true
-
-      - name: Set up QEMU
-        id: qemu
-        uses: docker/setup-qemu-action@v1
-        with:
-          platforms: arm64,amd64
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Docker meta
-        id: metadata
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            ghcr.io/${{ github.repository }}
-          tags: |
-            type=raw,value=alpha
-            type=raw,value=alpha-{{date 'YYYYMMDD'}}
-            type=raw,value=alpha-{{sha}}
-
-      - name: Build release image
-        uses: docker/build-push-action@v3
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64
-          build-args: |
-            QEMU_CPU=max,pauth-impdef=on
-          push: true
-          tags: ${{ steps.metadata.outputs.tags }}
-          labels: ${{ steps.metadata.outputs.labels }}
-          file: tools/docker/Dockerfile.ubuntu-build
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+    uses: ./.github/workflows/reusable-container-workflow.yaml
+    with:
+      dockerfile: tools/docker/Dockerfile.ubuntu-build
+      tag: alpha
+      image: ghcr.io/${{ github.repository }}
+      registry: ghcr.io
+      registry_username: ${{ github.repository_owner }}
+    secrets:
+      registry_password: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/reusable-container-workflow.yaml

@@ -0,0 +1,105 @@
+name: Reusable Container Build Workflow
+
+on:
+  workflow_call:
+    inputs:
+      dockerfile:
+        required: true
+        type: string
+      tag:
+        required: true
+        type: string
+      tag_latest:
+        required: false
+        type: boolean
+      image:
+        required: true
+        type: string
+      registry:
+        required: true
+        type: string
+      registry_username:
+        required: true
+        type: string
+      fetch_release:
+        required: false
+        type: boolean
+      release_version:
+        required: false
+        type: string
+
+    secrets:
+      registry_password:
+        required: true
+      GH_TOKEN:
+        required: false
+
+jobs:
+  container-build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 1
+          submodules: true
+
+      - if: inputs.fetch_release
+        name: Fetch release asset
+        uses: dsaltares/[email protected]
+        with:
+          version: "tags/${{ inputs.release_version }}"
+          regex: true
+          file: "dragonfly-.*\\.tar\\.gz"
+          target: 'releases/'
+          token: ${{ secrets.GH_TOKEN }}
+
+      - if: inputs.fetch_release
+        name: Extract artifacts
+        run: |
+          echo "Event prerelease ${{ github.event.release.prerelease }}"
+          echo "Input prerelease ${{ github.event.inputs.PRERELEASE }}"
+          ls -l
+          ls -l releases
+          for f in releases/*.tar.gz; do tar xvfz $f -C releases; done
+          rm releases/*.tar.gz
+
+      - name: Set up QEMU
+        id: qemu
+        uses: docker/setup-qemu-action@v1
+        with:
+          platforms: arm64,amd64
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ inputs.registry }}
+          username: ${{ inputs.registry_username }}
+          password: ${{ secrets.registry_password }}
+
+      - name: Docker meta
+        id: metadata
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            ${{ inputs.image }}
+          tags: |
+            type=raw,value=latest,enable=${{ inputs.tag_latest }}
+            type=raw,value=${{ inputs.tag }}
+            type=raw,value=${{ inputs.release_version }}
+
+      - name: Build release image
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          build-args: |
+            QEMU_CPU=max,pauth-impdef=on
+          push: true
+          tags: ${{ steps.metadata.outputs.tags }}
+          labels: ${{ steps.metadata.outputs.labels }}
+          file: ${{ inputs.dockerfile }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

tools/docker/Dockerfile.alpine-prod

@@ -12,9 +12,6 @@ WORKDIR build-opt
 RUN ninja dragonfly
 
 FROM alpine:latest
-ARG ORG_NAME=dragonflydb
-LABEL org.opencontainers.image.title Dragonfly
-LABEL org.opencontainers.image.source https://github.com/${ORG_NAME}/dragonfly
 
 RUN addgroup -S -g 1000 dfly && adduser -S -G dfly -u 999 dfly
 RUN apk --no-cache add libgcc libstdc++ libunwind boost1.77-fiber \

tools/docker/Dockerfile.ubuntu-build

@@ -5,8 +5,6 @@ WORKDIR /build
 
 COPY . ./
 
-# install build dependencies
-# taken from https://github.com/dragonflydb/dragonfly/blob/main/.github/workflows/release.yml#L60-L65
 RUN \
   rm -f /etc/apt/apt.conf.d/docker-clean; \
   echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
@@ -23,16 +21,13 @@ RUN \
 RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-9 40  \
                         --slave   /usr/bin/g++ g++ /usr/bin/g++-9
 
-# build
-# taken from https://github.com/dragonflydb/dragonfly/blob/main/tools/release.sh
 RUN make release
 
 RUN build-opt/dragonfly --version
 
 RUN curl -O https://raw.githubusercontent.com/ncopa/su-exec/212b75144bbc06722fbd7661f651390dc47a43d1/su-exec.c && \
      gcc -Wall -O2 su-exec.c -o su-exec
 
-# Now prod image
 FROM ubuntu:20.04
 
 RUN \

tools/docker/Dockerfile.ubuntu-prod

@@ -19,12 +19,8 @@ FROM ubuntu:20.04
 # ARG in fact change the env vars during the build process
 # ENV persist the env vars for the built image as well.
 ARG QEMU_CPU
-ARG ORG_NAME=dragonflydb
 ARG DEBIAN_FRONTEND=noninteractive
 
-LABEL org.opencontainers.image.title Dragonfly
-LABEL org.opencontainers.image.source https://github.com/${ORG_NAME}/dragonfly
-
 RUN apt clean && apt update && apt -y install netcat-openbsd