Merge pull request #6 from seleniumhq-community/deploy-to-dockerhub

Setup CircleCI to build, test, and deploy Seleniarm images to Docker Hub

Author: jamesmortensen

.circleci/config.yml

@@ -24,46 +24,41 @@ jobs:
       BUILD_DATE: today
       PLATFORMS: << parameters.platforms >>
     steps:
+      - run:
+          name: "Prepare workflow environment variables"
+          command: |
+            echo 'export BRANCH="$CIRCLE_BRANCH"' >> $BASH_ENV
+            cat $BASH_ENV
+            source $BASH_ENV
+            echo "Workflow environment variables:"
+            echo $BRANCH
       - run: uname -a
       - run: docker info
-      - run: |
-          echo "CIRCLE_WORKFLOW_ID = " $CIRCLE_WORKFLOW_ID
-          git clone https://github.com/seleniumhq-community/docker-seleniarm.git
-          cd docker-seleniarm
-          git checkout $CIRCLE_BRANCH
-          echo $PWD
-      - run: |
-          echo "Install QEMU binaries"
-          curl -L  https://github.com/xpack-dev-tools/qemu-arm-xpack/releases/download/v6.2.0-2/xpack-qemu-arm-6.2.0-2-linux-$(uname -m | sed 's/x86_64/x64/' | sed 's/aarch64/arm64/').tar.gz -o xpack-qemu-arm-6.2.0-2-linux-$(uname -m | sed 's/x86_64/x64/' | sed 's/aarch64/arm64/').tar.gz \
-            && tar xvfz xpack-qemu-arm-6.2.0-2-linux-$(uname -m | sed 's/x86_64/x64/' | sed 's/aarch64/arm64/').tar.gz \
-            && echo "export PATH=$PWD/xpack-qemu-arm-6.2.0-2/bin:$PATH" > ~/.bashrc \
-            && source ~/.bashrc \
-            && qemu-system-aarch64 --version
-      - run: |
-          echo "Build Docker images"
-          cd docker-seleniarm
-          echo $PWD
-          export BRANCH=$CIRCLE_BRANCH
-          #export PLATFORMS=
-          NAME=${NAMESPACE} VERSION=${BRANCH} BUILD_DATE=${BUILD_DATE} PLATFORMS=${PLATFORMS} make build_multi
-      - run: |
-          echo "Save Docker Images in Cache"
-          export VERSION=$CIRCLE_BRANCH
-          echo $NAMESPACE/base:$VERSION-$BUILD_DATE 
-          echo $NAMESPACE/node-base:$VERSION-$BUILD_DATE 
-          echo $NAMESPACE/hub:$VERSION-$BUILD_DATE 
-          echo $NAMESPACE/node-chromium:$VERSION-$BUILD_DATE 
-          echo $NAMESPACE/standalone-chromium:$VERSION-$BUILD_DATE 
-          echo $NAMESPACE/node-firefox:$VERSION-$BUILD_DATE 
-          echo $NAMESPACE/standalone-firefox:$VERSION-$BUILD_DATE 
-          docker save -o multi-arch-images.tar \
-            $NAMESPACE/base:$VERSION-$BUILD_DATE \
-            $NAMESPACE/node-base:$VERSION-$BUILD_DATE \
-            $NAMESPACE/hub:$VERSION-$BUILD_DATE \
-            $NAMESPACE/node-chromium:$VERSION-$BUILD_DATE \
-            $NAMESPACE/standalone-chromium:$VERSION-$BUILD_DATE \
-            $NAMESPACE/node-firefox:$VERSION-$BUILD_DATE \
-            $NAMESPACE/standalone-firefox:$VERSION-$BUILD_DATE
+      - checkout
+      - run:
+          name: "Build Docker images"
+          command: |
+            echo "Branch is $BRANCH"
+            NAME=${NAMESPACE} VERSION=${BRANCH} BUILD_DATE=${BUILD_DATE} PLATFORMS=${PLATFORMS} BUILD_ARGS=${BUILD_ARGS} make build_multi
+      - run:
+          name: "Save Docker Images in Cache"
+          command: |  
+            export VERSION=$CIRCLE_BRANCH
+            echo $NAMESPACE/base:$VERSION-$BUILD_DATE 
+            echo $NAMESPACE/node-base:$VERSION-$BUILD_DATE 
+            echo $NAMESPACE/hub:$VERSION-$BUILD_DATE 
+            echo $NAMESPACE/node-chromium:$VERSION-$BUILD_DATE 
+            echo $NAMESPACE/standalone-chromium:$VERSION-$BUILD_DATE 
+            echo $NAMESPACE/node-firefox:$VERSION-$BUILD_DATE 
+            echo $NAMESPACE/standalone-firefox:$VERSION-$BUILD_DATE 
+            docker save -o multi-arch-images.tar \
+              $NAMESPACE/base:$VERSION-$BUILD_DATE \
+              $NAMESPACE/node-base:$VERSION-$BUILD_DATE \
+              $NAMESPACE/hub:$VERSION-$BUILD_DATE \
+              $NAMESPACE/node-chromium:$VERSION-$BUILD_DATE \
+              $NAMESPACE/standalone-chromium:$VERSION-$BUILD_DATE \
+              $NAMESPACE/node-firefox:$VERSION-$BUILD_DATE \
+              $NAMESPACE/standalone-firefox:$VERSION-$BUILD_DATE
       - save_cache:
           key: multi-arch-images-{{ .Branch }}-{{ .Environment.CIRCLE_WORKFLOW_ID }}-<< parameters.platforms >>
           paths: 
@@ -80,38 +75,102 @@ jobs:
       NAMESPACE: seleniarm
       BUILD_DATE: today
     steps:
+      - checkout
       - restore_cache:
           keys: 
             - multi-arch-images-{{ .Branch }}-{{ .Environment.CIRCLE_WORKFLOW_ID }}-<< parameters.platforms >>
       - run: uname -a
       - run: docker info
-      - run: |
-          echo "CIRCLE_WORKFLOW_ID = " $CIRCLE_WORKFLOW_ID
-          echo "Load built images into Docker"
-          docker load -i multi-arch-images.tar
-      - run: |
-          git clone https://github.com/seleniumhq-community/docker-seleniarm.git
-          cd docker-seleniarm
-          git checkout $CIRCLE_BRANCH
-          echo $PWD
-      - run: |
-          echo "Use Python3 and pip3 instead of Python2.7"
-          cd docker-seleniarm
-          sed -i 's/pip /pip3 /g' tests/bootstrap.sh
-          sed -i 's/python /python3 /g' tests/bootstrap.sh
-          sed -i 's/-m pip3 /-m pip /g' tests/bootstrap.sh
+      - run:
+          name: "Load built images from cache into Docker"
+          command: |
+            echo "CIRCLE_WORKFLOW_ID = " $CIRCLE_WORKFLOW_ID
+            docker load -i multi-arch-images.tar
+      - run:
+          name: "Use Python3 and pip3 instead of Python2.7"
+          command: |
+            echo "Use Python3 and pip3 instead of Python2.7"
+            sed -i 's/pip /pip3 /g' tests/bootstrap.sh
+            sed -i 's/python /python3 /g' tests/bootstrap.sh
+            sed -i 's/-m pip3 /-m pip /g' tests/bootstrap.sh
       - run: 
+          name: "Test Docker images"
           no_output_timeout: 2m
           command: |
-            echo "Test Docker images"
-            cd docker-seleniarm
-            echo $PWD
             export USE_RANDOM_USER=false
-            #export BUILD_DATE=$(date '+%Y%m%d')
             export BRANCH=$CIRCLE_BRANCH
-            #export ARCH=`dpkg --print-architecture`
             USE_RANDOM_USER_ID=${USE_RANDOM_USER} NAMESPACE=${NAMESPACE} VERSION=${BRANCH} BUILD_DATE=${BUILD_DATE} SKIP_BUILD=true make test_multi_arch
 
+  deploy-multi-arch:
+    parameters:
+      platforms: 
+        type: string
+      build-args:
+        type: string
+      machine-type:
+        type: executor
+    executor: << parameters.machine-type >>
+    environment:
+      NAMESPACE: seleniarm
+      PLATFORMS: << parameters.platforms >>
+      BUILD_ARGS: << parameters.build-args >>
+      DEPLOY_BRANCH: trunk
+      GITHUB_USER: seleniumhq-community
+      GITHUB_REPO: docker-seleniarm
+      SELENIUM_VERSION: 4.1.3
+    steps:
+      - run:
+          name: "Prepare workflow environment variables"
+          command: |
+            echo "Prepare workflow environment variables"
+            echo 'export BRANCH="$SELENIUM_VERSION"' >> $BASH_ENV
+            echo 'export GITHUB_REPO="$CIRCLE_PROJECT_REPONAME"' >> $BASH_ENV
+            echo 'export GITHUB_USER="$CIRCLE_PROJECT_USERNAME"' >> $BASH_ENV
+            echo 'export BUILD_DATE=$(date '+%Y%m%d')' >> $BASH_ENV
+            echo 'export RELEASE_TAG="seleniarm-v`echo $BRANCH`-`echo $BUILD_DATE`"' >> $BASH_ENV
+            cat $BASH_ENV
+            source $BASH_ENV
+            echo "Workflow environment variables:"
+            echo BRANCH="$BRANCH"
+            echo GITHUB_REPO="$GITHUB_REPO"
+            echo GITHUB_USER="$GITHUB_USER"
+            echo BUILD_DATE="$BUILD_DATE"
+            echo RELEASE_TAG="$RELEASE_TAG"
+            echo PLATFORMS="$PLATFORMS"
+            echo BUILD_ARGS="$BUILD_ARGS"
+            echo DEPLOY_BRANCH="$DEPLOY_BRANCH"
+      - checkout
+      - run: uname -a
+      - run: docker info
+      - run:
+          name: "Check if branch is deployable (contains [deploy] in commit msg on $DEPLOY_BRANCH"
+          command: |
+            export CI_DEPLOY=`git log --format=oneline -n 1 | grep '\[deploy\]'` && echo "$CI_DEPLOY"
+            if [ -z "$CI_DEPLOY" ] || [ "$CIRCLE_BRANCH" != "$DEPLOY_BRANCH" ]; then
+              echo "Cancelling run. Pass [deploy] in commit message on $DEPLOY_BRANCH to deploy"
+              circleci-agent step halt
+            else 
+              echo "[deploy] is present in commit message to $DEPLOY_BRANCH. Running workflow to deploy container images"
+            fi
+      - run:
+          name: "Build and Push Docker images"
+          command: |
+            echo "Login to Docker, and setup to use a buildx builder and push built multi-arch images"
+            docker buildx use `docker buildx create`
+            docker buildx ls
+            docker login -u="$DOCKER_USERNAME" -p="$DOCKER_PASSWORD"
+            NAME=${NAMESPACE} VERSION=${BRANCH} BUILD_DATE=${BUILD_DATE} PLATFORMS=${PLATFORMS} BUILD_ARGS=${BUILD_ARGS} make build_multi
+      - run:
+          name: "Generate release notes"
+          command: |
+            export LATEST_TAG=$(git describe --tags --abbrev=0)
+            sh generate_multi-arch-release_notes.sh $LATEST_TAG $CIRCLE_BRANCH $BRANCH $BUILD_DATE
+            sudo apt-get update -y && sudo apt-get install python3-venv
+            go install github.com/github-release/[email protected]
+            cat release_notes.md
+            export GITHUB_TOKEN=$(sh get-access-token.sh | tail -n 1)
+            github-release release --tag $RELEASE_TAG --name $RELEASE_TAG --description "`cat release_notes.md`"
+
 workflows:
   build-and-test-multi-arch:
     jobs:
@@ -133,5 +192,19 @@ workflows:
           requires: [build-multi-arch-amd64]
           platforms: linux/amd64
           machine-type: ubuntu2004amd64
+  
+  deploy-multi-arch:
+    jobs:
+      - deploy-multi-arch:
+          name: deploy-multi-arch
+          platforms: linux/arm64,linux/amd64,linux/arm/v7
+          build-args: --push
+          machine-type: ubuntu2004arm64
+          filters: 
+            branches: 
+              only: 
+                - trunk
+
+
 
 

.gitignore

@@ -147,3 +147,4 @@ ENV/
 
 # End of https://www.gitignore.io/api/python
 .DS_Store
+release_sandbox

generate_multi-arch-release_notes.sh

@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+
+LATEST_TAG=$1
+HEAD_BRANCH=$2
+GRID_VERSION=$3
+BUILD_DATE=$4
+
+TAG_VERSION=${GRID_VERSION}-${BUILD_DATE}
+
+echo "" >> release_notes.md
+echo "### Changelog" > release_notes.md
+git --no-pager log "${LATEST_TAG}...${HEAD_BRANCH}" --pretty=format:"* [\`%h\`](http://github.com/seleniumhq-community/docker-seleniarm/commit/%H) - %s :: %an" --reverse >> release_notes.md
+
+# Pull the other images so we populate the release notes
+docker pull seleniarm/base:${TAG_VERSION}
+docker pull seleniarm/hub:${TAG_VERSION}
+docker pull seleniarm/node-base:${TAG_VERSION}
+docker pull seleniarm/standalone-chromium:${TAG_VERSION}
+docker pull seleniarm/standalone-firefox:${TAG_VERSION}
+
+CHROMIUM_VERSION=$(docker run --rm seleniarm/node-chromium:${TAG_VERSION} chromium --version | awk '{print $2}')
+CHROMEDRIVER_VERSION=$(docker run --rm seleniarm/node-chromium:${TAG_VERSION} chromedriver --version | awk '{print $2}')
+FIREFOX_VERSION=$(docker run --rm seleniarm/node-firefox:${TAG_VERSION} firefox --version | awk '{print $3}')
+GECKODRIVER_VERSION=$(docker run --rm seleniarm/node-firefox:${TAG_VERSION} geckodriver --version | awk 'NR==1{print $2}')
+
+
+echo "" >> release_notes.md
+echo "### Released versions" >> release_notes.md
+echo "* Selenium: ${GRID_VERSION}" >> release_notes.md
+echo "* Chromium: ${CHROMIUM_VERSION}" >> release_notes.md
+echo "* ChromiumDriver: ${CHROMEDRIVER_VERSION}" >> release_notes.md
+echo "* Firefox: ${FIREFOX_VERSION}" >> release_notes.md
+echo "* GeckoDriver: ${GECKODRIVER_VERSION}" >> release_notes.md
+
+echo "" >> release_notes.md
+echo "### Published Docker images" >> release_notes.md
+echo "<details>" >> release_notes.md
+echo "<summary>Click to see published Docker images</summary>" >> release_notes.md
+echo "" >> release_notes.md
+echo '```' >> release_notes.md
+docker images --filter=reference='seleniarm/*:*' --format "table {{.ID}}\t{{.Repository}}\t{{.Tag}}\t{{.Size}}" >> release_notes.md
+echo '```' >> release_notes.md
+echo "" >> release_notes.md
+echo "</details>" >> release_notes.md
+

get-access-token.py

@@ -0,0 +1,40 @@
+import time
+from cryptography.hazmat.backends import default_backend
+import jwt
+import os
+import requests
+import logging
+
+github_app_id = os.environ.get('GITHUB_APP_ID')
+github_installation_id = os.environ.get('GITHUB_INSTALLATION_ID')
+private_key = os.environ.get('GITHUB_APP_PEM')
+private_key = private_key.replace("\\n", "\n")
+
+standard_error_msg = 'Seleniarm GitHub App installation environment variables are not set. '
+if github_app_id == '':
+  raise Exception(standard_error_msg + 'Valid GITHUB_APP_ID is required to obtain an access token.')
+if github_installation_id == '':
+  raise Exception(standard_error_msg + 'Valid GITHUB_INSTALLATION_ID is required to obtain an access token.')
+if private_key == '':
+  raise Exception(standard_error_msg + 'Valid GITHUB_APP_PEM token is required to obtain an access token.')
+
+
+time_since_epoch_in_seconds = int(time.time())
+    
+payload = {
+  # issued at time
+  'iat': time_since_epoch_in_seconds,
+  # JWT expiration time (10 minute maximum)
+  'exp': time_since_epoch_in_seconds + (10 * 60),
+  # GitHub App's identifier
+  'iss': github_app_id
+}
+
+actual_jwt = jwt.encode(payload, private_key, algorithm='RS256')
+
+headers = {"Authorization": "Bearer " + actual_jwt,
+           "Accept": "application/vnd.github.v3+json"}
+
+resp = requests.post('https://api.github.com/app/installations/' + github_installation_id + '/access_tokens', headers=headers)
+
+print(resp.json()['token'])

get-access-token.sh

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+python3 -m venv release_sandbox
+. release_sandbox/bin/activate
+if [ -z "$VIRTUAL_ENV" ]; then
+	echo "Virtual environment not activated."
+	exit 1
+fi
+
+pip3 install cryptography
+pip3 install requests
+pip3 install PyJWT
+
+export GITHUB_APP_ID="$SELENIARM_GITHUB_APP_ID"
+export GITHUB_INSTALLATION_ID="$SELENIARM_GITHUB_INSTALLATION_ID"
+export GITHUB_APP_PEM="$SELENIARM_GITHUB_APP_PEM" 
+
+python3 get-access-token.py