Skip to content

Commit e424f3c

Browse files
olljanatolljanat
committed
ci: use GitHub workflow and container registry
1 parent 031ef81 commit e424f3c

File tree

2 files changed

+396
-806
lines changed

2 files changed

+396
-806
lines changed

.github/workflows/ci.yml

Lines changed: 396 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,396 @@
1+
name: CI
2+
3+
on:
4+
push:
5+
branches:
6+
- master
7+
# pull_request:
8+
workflow_dispatch:
9+
10+
env:
11+
# IMAGE_BASE is used to build full image names (ghcr.io/<owner>).
12+
IMAGE_BASE: ghcr.io/${{ github.repository_owner }}
13+
# Base for submodule images if not set otherwise.
14+
SUBMODULES_IMAGE: mistcommunity
15+
16+
jobs:
17+
discover-submodules:
18+
name: Discover Submodules
19+
runs-on: ubuntu-latest
20+
steps:
21+
- name: Checkout code (with submodules)
22+
uses: actions/checkout@v4
23+
with:
24+
submodules: recursive
25+
26+
- name: Generate submodules CSV
27+
run: |
28+
# List all submodules with their commit hash and name.
29+
git submodule status --recursive | \
30+
sed 's/^[ +-]\([0-9a-f]*\) \([^ ]*\).*$/\1,\2/' > submodules.csv
31+
32+
- name: Upload submodules artifact
33+
uses: actions/upload-artifact@v4
34+
with:
35+
name: submodules
36+
path: submodules.csv
37+
38+
build-api:
39+
name: Build API Image
40+
needs: discover-submodules
41+
runs-on: ubuntu-latest
42+
env:
43+
GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
44+
steps:
45+
- name: Checkout code (with submodules)
46+
uses: actions/checkout@v4
47+
with:
48+
fetch-depth: '0'
49+
submodules: recursive
50+
51+
- name: Download submodules artifact
52+
uses: actions/download-artifact@v4
53+
with:
54+
name: submodules
55+
56+
- name: Log in to GitHub Container Registry
57+
run: echo "${GHCR_TOKEN}" | docker login ghcr.io -u "mistcommunity-bot" --password-stdin
58+
59+
- name: Build API image
60+
run: |
61+
set -e
62+
# Define helper functions.
63+
docker_pull() {
64+
img=$1
65+
tries=60
66+
sleep_time=10
67+
echo "Pulling image $img (up to $tries attempts)..."
68+
for i in $(seq 1 $tries); do
69+
if docker pull "$img"; then
70+
echo "Image $img pulled successfully!"
71+
return 0
72+
fi
73+
sleep $sleep_time
74+
done
75+
echo "Failed to pull image $img."
76+
return 1
77+
}
78+
docker_push() {
79+
local src_img=$1
80+
local dest_repo=$2
81+
# Define tags: commit SHA, branch slug and add "latest" for master.
82+
tags=("${GITHUB_SHA}" "${GITHUB_REF##*/}")
83+
if [ "${GITHUB_REF##*/}" = "master" ]; then
84+
tags+=("latest")
85+
fi
86+
export GIT_TAG=$(git describe --exact-match --tags $(git log -n1 --pretty='%h'))
87+
if [ "$GIT_TAG" ]; then
88+
tags+=("$GIT_TAG")
89+
fi
90+
for tag in "${tags[@]}"; do
91+
dest="${IMAGE_BASE}/${dest_repo}:${tag}"
92+
echo "Tagging image $src_img as $dest..."
93+
docker tag "$src_img" "$dest"
94+
echo "Pushing image $dest..."
95+
docker push "$dest"
96+
done
97+
}
98+
get_submodule_sha() {
99+
grep ",$1\$" submodules.csv | cut -d, -f1
100+
}
101+
# Use the submodule SHA for the API image.
102+
SRC_IMG="ghcr.io/${SUBMODULES_IMAGE}/mist:$(get_submodule_sha api)"
103+
docker_pull "$SRC_IMG"
104+
# Build API image with build args (replace '.' with your proper context if needed)
105+
docker build \
106+
-t "ghcr.io/${GITHUB_REPOSITORY_OWNER##*/}/api:${GITHUB_SHA}" \
107+
--build-arg FROM_IMAGE="$SRC_IMG" \
108+
--build-arg MIST_VERSION_SHA="${GITHUB_SHA}" \
109+
--build-arg MIST_VERSION_NAME="${GITHUB_REF##*/}" \
110+
.
111+
docker_push "ghcr.io/${GITHUB_REPOSITORY_OWNER##*/}/api:${GITHUB_SHA}" "api"
112+
113+
build-landing:
114+
name: Build Landing Image
115+
needs: discover-submodules
116+
runs-on: ubuntu-latest
117+
env:
118+
GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
119+
steps:
120+
- name: Checkout code (with submodules)
121+
uses: actions/checkout@v4
122+
with:
123+
fetch-depth: '0'
124+
submodules: recursive
125+
126+
- name: Download submodules artifact
127+
uses: actions/download-artifact@v4
128+
with:
129+
name: submodules
130+
131+
- name: Log in to GitHub Container Registry
132+
run: echo "${GHCR_TOKEN}" | docker login ghcr.io -u "mistcommunity-bot" --password-stdin
133+
134+
- name: Build Landing image
135+
run: |
136+
set -e
137+
# Define helper functions.
138+
docker_pull() {
139+
img=$1
140+
tries=60
141+
sleep_time=10
142+
echo "Pulling image $img (up to $tries attempts)..."
143+
for i in $(seq 1 $tries); do
144+
if docker pull "$img"; then
145+
echo "Image $img pulled successfully!"
146+
return 0
147+
fi
148+
sleep $sleep_time
149+
done
150+
echo "Failed to pull image $img."
151+
return 1
152+
}
153+
docker_push() {
154+
local src_img=$1
155+
local dest_repo=$2
156+
# Define tags: commit SHA, branch slug and add "latest" for master.
157+
tags=("${GITHUB_SHA}" "${GITHUB_REF##*/}")
158+
if [ "${GITHUB_REF##*/}" = "master" ]; then
159+
tags+=("latest")
160+
fi
161+
export GIT_TAG=$(git describe --exact-match --tags $(git log -n1 --pretty='%h'))
162+
if [ "$GIT_TAG" ]; then
163+
tags+=("$GIT_TAG")
164+
fi
165+
for tag in "${tags[@]}"; do
166+
dest="${IMAGE_BASE}/${dest_repo}:${tag}"
167+
echo "Tagging image $src_img as $dest..."
168+
docker tag "$src_img" "$dest"
169+
echo "Pushing image $dest..."
170+
docker push "$dest"
171+
done
172+
}
173+
get_submodule_sha() {
174+
grep ",$1\$" submodules.csv | cut -d, -f1
175+
}
176+
# Use the submodule SHA for the Landing image.
177+
SRC_IMG="ghcr.io/${SUBMODULES_IMAGE}/landing:$(get_submodule_sha landing)"
178+
docker_pull "$SRC_IMG"
179+
docker_push "$SRC_IMG" "landing"
180+
181+
build-ui:
182+
name: Build UI Image
183+
needs: discover-submodules
184+
runs-on: ubuntu-latest
185+
env:
186+
GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
187+
steps:
188+
- name: Checkout code (with submodules)
189+
uses: actions/checkout@v4
190+
with:
191+
fetch-depth: '0'
192+
submodules: recursive
193+
194+
- name: Download submodules artifact
195+
uses: actions/download-artifact@v4
196+
with:
197+
name: submodules
198+
199+
- name: Log in to GitHub Container Registry
200+
run: echo "${GHCR_TOKEN}" | docker login ghcr.io -u "mistcommunity-bot" --password-stdin
201+
202+
- name: Build UI image
203+
run: |
204+
set -e
205+
# Define helper functions.
206+
docker_pull() {
207+
img=$1
208+
tries=60
209+
sleep_time=10
210+
echo "Pulling image $img (up to $tries attempts)..."
211+
for i in $(seq 1 $tries); do
212+
if docker pull "$img"; then
213+
echo "Image $img pulled successfully!"
214+
return 0
215+
fi
216+
sleep $sleep_time
217+
done
218+
echo "Failed to pull image $img."
219+
return 1
220+
}
221+
docker_push() {
222+
local src_img=$1
223+
local dest_repo=$2
224+
# Define tags: commit SHA, branch slug and add "latest" for master.
225+
tags=("${GITHUB_SHA}" "${GITHUB_REF##*/}")
226+
if [ "${GITHUB_REF##*/}" = "master" ]; then
227+
tags+=("latest")
228+
fi
229+
export GIT_TAG=$(git describe --exact-match --tags $(git log -n1 --pretty='%h'))
230+
if [ "$GIT_TAG" ]; then
231+
tags+=("$GIT_TAG")
232+
fi
233+
for tag in "${tags[@]}"; do
234+
dest="${IMAGE_BASE}/${dest_repo}:${tag}"
235+
echo "Tagging image $src_img as $dest..."
236+
docker tag "$src_img" "$dest"
237+
echo "Pushing image $dest..."
238+
docker push "$dest"
239+
done
240+
}
241+
get_submodule_sha() {
242+
grep ",$1\$" submodules.csv | cut -d, -f1
243+
}
244+
# Use the submodule SHA for the UI image.
245+
SRC_IMG="ghcr.io/${SUBMODULES_IMAGE}/ui:$(get_submodule_sha ui)"
246+
docker_pull "$SRC_IMG"
247+
docker_push "$SRC_IMG" "ui"
248+
249+
build-tests:
250+
name: Build Tests Image
251+
needs: discover-submodules
252+
runs-on: ubuntu-latest
253+
env:
254+
GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
255+
steps:
256+
- name: Checkout code (with submodules)
257+
uses: actions/checkout@v4
258+
with:
259+
submodules: recursive
260+
261+
- name: Download submodules artifact
262+
uses: actions/download-artifact@v4
263+
with:
264+
name: submodules
265+
266+
- name: Log in to GitHub Container Registry
267+
run: echo "${GHCR_TOKEN}" | docker login ghcr.io -u "mistcommunity-bot" --password-stdin
268+
269+
- name: Build Tests image
270+
run: |
271+
set -e
272+
# (Optional) Resync/update specific submodule if needed.
273+
git submodule sync --recursive api || true
274+
git submodule update --init --recursive api
275+
276+
docker_pull() {
277+
img=$1
278+
tries=60
279+
sleep_time=10
280+
echo "Pulling image $img (up to $tries attempts)..."
281+
for i in $(seq 1 $tries); do
282+
if docker pull "$img"; then
283+
echo "Image $img pulled successfully!"
284+
return 0
285+
fi
286+
sleep $sleep_time
287+
done
288+
echo "Failed to pull image $img."
289+
return 1
290+
}
291+
docker_push() {
292+
local src_img=$1
293+
local dest_repo=$2
294+
tags=("${GITHUB_SHA}" "${GITHUB_REF##*/}")
295+
if [ "${GITHUB_REF##*/}" = "master" ]; then
296+
tags+=("latest")
297+
fi
298+
for tag in "${tags[@]}"; do
299+
dest="${IMAGE_BASE}/${dest_repo}:${tag}"
300+
echo "Tagging image $src_img as $dest..."
301+
docker tag "$src_img" "$dest"
302+
echo "Pushing image $dest..."
303+
docker push "$dest"
304+
done
305+
}
306+
get_submodule_sha() {
307+
grep ",$1\$" submodules.csv | cut -d, -f1
308+
}
309+
# For tests image, determine the source image using the submodule SHA.
310+
SRC_IMG="ghcr.io/${SUBMODULES_IMAGE}/tests:$(get_submodule_sha tests)"
311+
IMG="tests"
312+
docker build \
313+
-t "ghcr.io/${GITHUB_REPOSITORY_OWNER##*/}/${IMG}:${GITHUB_SHA}" \
314+
--build-arg SRC_IMG="$SRC_IMG" \
315+
-f docker/tests/Dockerfile .
316+
docker_push "ghcr.io/${GITHUB_REPOSITORY_OWNER##*/}/${IMG}:${GITHUB_SHA}" "$IMG"
317+
318+
build-other:
319+
name: Build Other Images
320+
needs: discover-submodules
321+
runs-on: ubuntu-latest
322+
strategy:
323+
matrix:
324+
image: [nginx, gocky, logstash, elasticsearch-manage, huproxy, wsproxy]
325+
env:
326+
GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
327+
steps:
328+
- name: Checkout code
329+
uses: actions/checkout@v4
330+
with:
331+
fetch-depth: '0'
332+
333+
- name: Log in to GitHub Container Registry
334+
run: echo "${GHCR_TOKEN}" | docker login ghcr.io -u "mistcommunity-bot" --password-stdin
335+
336+
- name: Build ${{ matrix.image }} image
337+
run: |
338+
set -e
339+
# Build the image using the Dockerfile in docker/<image>.
340+
docker build -t "ghcr.io/${GITHUB_REPOSITORY_OWNER##*/}/${{ matrix.image }}:${GITHUB_SHA}" docker/${{ matrix.image }}
341+
docker_push() {
342+
local src_img=$1
343+
local dest_repo=$2
344+
tags=("${GITHUB_SHA}" "${GITHUB_REF##*/}")
345+
if [ "${GITHUB_REF##*/}" = "master" ]; then
346+
tags+=("latest")
347+
fi
348+
export GIT_TAG=$(git describe --exact-match --tags $(git log -n1 --pretty='%h'))
349+
if [ "$GIT_TAG" ]; then
350+
tags+=("$GIT_TAG")
351+
fi
352+
for tag in "${tags[@]}"; do
353+
dest="${IMAGE_BASE}/${dest_repo}:${tag}"
354+
echo "Tagging image $src_img as $dest..."
355+
docker tag "$src_img" "$dest"
356+
echo "Pushing image $dest..."
357+
docker push "$dest"
358+
done
359+
}
360+
docker_push "ghcr.io/${GITHUB_REPOSITORY_OWNER##*/}/${{ matrix.image }}:${GITHUB_SHA}" "${{ matrix.image }}"
361+
362+
compose:
363+
name: Generate Compose File
364+
runs-on: ubuntu-latest
365+
env:
366+
IMAGE_BASE: ghcr.io/${{ github.repository_owner }}
367+
steps:
368+
- name: Checkout code
369+
uses: actions/checkout@v4
370+
with:
371+
fetch-depth: '0'
372+
373+
- name: Install gettext for envsubst
374+
run: |
375+
sudo apt-get update && sudo apt-get install -y gettext
376+
377+
- name: Generate docker-compose file
378+
run: |
379+
mkdir -p artifacts
380+
# Set the registry and tag variables used in the compose file.
381+
export IMG_REGISTRY="${IMAGE_BASE}"
382+
echo "IMG_REGISTRY=$IMG_REGISTRY"
383+
export IMG_TAG="${GITHUB_REF##*/}"
384+
export GIT_TAG=$(git describe --exact-match --tags $(git log -n1 --pretty='%h'))
385+
if [ "$GIT_TAG" ]; then
386+
export IMG_TAG=$GIT_TAG
387+
fi
388+
echo "IMG_TAG=$IMG_TAG"
389+
export CONF_DIR=/etc/mist
390+
envsubst < docker-compose.yml > artifacts/docker-compose.yml
391+
392+
- name: Upload docker-compose artifact
393+
uses: actions/upload-artifact@v4
394+
with:
395+
name: docker-compose
396+
path: artifacts/docker-compose.yml

0 commit comments

Comments
 (0)