Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ros2 add docker #469

Merged
merged 5 commits into from
Dec 20, 2024
Merged

Ros2 add docker #469

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
a883dae
Just copy and paste
rafal-gorecki Dec 13, 2024
45359eb
Merge branch 'ros2-add-msgs' into ros2-add-docker
rafal-gorecki Dec 13, 2024
f1d45b4
Add docker into repository (#467)
rafal-gorecki Dec 20, 2024
e673e44
Merge branch 'ros2-devel' into ros2-add-docker
rafal-gorecki Dec 20, 2024
54dac0f
Fix action name
rafal-gorecki Dec 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
.*/
docker/
85 changes: 85 additions & 0 deletions .github/workflows/build-docker.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
---
name: Build Docker

on:
workflow_call:
inputs:
build_type:
description: Is it a "development" or a "stable" release?
required: true
type: string
default: development
rafal-gorecki marked this conversation as resolved.
Show resolved Hide resolved
target_distro:
description: In case of "stable" release specify the ROS distro of the existing docker image (eg.
humble)
type: string
default: humble
target_release:
description: In case of "stable" release specify the version of the existing docker image (eg.
1.0.12)
type: string
default: 0.0.0
target_date:
description: In case of "stable" release specify the date of the existing docker image in format
YYYYMMDD (eg. 20220124)
type: string
default: '20131206'
workflow_dispatch:
inputs:
build_type:
description: Is it a "development" or a "stable" release?
required: true
type: choice
default: development
options:
- development
- stable
target_distro:
description: In case of "stable" release specify the ROS distro of the existing docker image (eg.
humble)
type: string
default: humble
target_release:
description: In case of "stable" release specify the version of the existing docker image (eg.
1.0.12)
type: string
default: 0.0.0
target_date:
description: In case of "stable" release specify the date of the existing docker image in format
YYYYMMDD (eg. 20220124)
type: string
default: '20131206'
jobs:
build:
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
include:
- dockerfile: ./docker/Dockerfile.hardware
platforms: linux/arm64
ros_distro: humble
- dockerfile: ./docker/Dockerfile.simulation
repo_name: panther-gazebo
platforms: linux/amd64
ros_distro: humble

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Build Docker Image
uses: husarion-ci/ros-docker-img-action@v0.8
with:
dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }}
dockerhub_token: ${{ secrets.DOCKERHUB_TOKEN }}
main_branch_name: ros2
dockerfile: ${{ matrix.dockerfile }}
repo_name: ${{ matrix.repo_name }}
build_type: ${{ inputs.build_type }}
ros_distro: ${{ matrix.ros_distro }}
platforms: ${{ matrix.platforms }}
# variables important only for stable release
target_distro: ${{ inputs.target_distro }}
target_release: ${{ inputs.target_release }}
target_date: ${{ inputs.target_date }}
2 changes: 1 addition & 1 deletion .github/workflows/pre-commit.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
name: Pre-Commit
name: Pre-commit

on:
push:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/protect-default-branch.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
name: Validate PR head branch
name: Protect Default Branch
on:
pull_request:
branches:
Expand Down
131 changes: 50 additions & 81 deletions .github/workflows/release-candidate.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
name: Release candidate
name: Release Candidate

on:
workflow_dispatch:
Expand All @@ -15,121 +15,90 @@ env:
RC_BRANCH_NAME: ${{ github.event.inputs.version }}-${{ github.event.inputs.date }}

jobs:
check_docs:
name: Check docs build
docs:
name: Docs
runs-on: ubuntu-22.04
steps:
- name: Trigger repository build workflow
uses: convictional/trigger-workflow-and-wait@v1.6.1
- name: Check docs build
uses: convictional/trigger-workflow-and-wait@v1.6.5
with:
owner: husarion
repo: docs_new
github_token: ${{ secrets.GH_PAT }}
workflow_file_name: test-release.yml
github_token: ${{ secrets.RAFAL_ACCESS_TOKEN }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Consider using GITHUB_TOKEN instead of personal access token.

Using a personal access token (RAFAL_ACCESS_TOKEN) could be a security risk as these tokens typically have broader permissions. Consider using GITHUB_TOKEN if possible, or ensure the personal token has minimal required permissions.

workflow_file_name: parser-test.yaml
ref: master
client_payload: '{"husarion_ugv_branch": "ros2-devel"}'

# TODO: Add unit testing for panther_ros when ready
unit_test_panther_ros:
name: Run unit tests for panther_ros
# TODO: Add unit testing when ready
unit_tests:
name: Unit tests
runs-on: ubuntu-22.04
steps:
- name: Trigger repository build workflow
run: echo "Unit tests for panther_ros are not fully implemented yet -> SKIPPING!"
- name: Run unit tests
run: echo "Unit tests are not fully implemented yet -> SKIPPING!"
rafal-gorecki marked this conversation as resolved.
Show resolved Hide resolved

create_release_candidate_branches:
name: Create release candidate branches
docker:
name: Docker
needs: unit_tests
runs-on: ubuntu-22.04
needs:
- unit_test_panther_ros
strategy:
matrix:
repo: [panther_ros, panther-docker, panther-rpi-os-img]
steps:
- name: Create test branch
uses: GuillaumeFalourd/create-other-repo-branch-action@v1.5
- name: Checkout
uses: actions/checkout@v4

- name: Update docker image tag
run: |
sed -i 's/\(husarion\/panther:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.hardware.yaml
sed -i 's/\(husarion\/panther:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.rviz.yaml
sed -i 's/\(husarion\/panther-gazebo:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.simulation.yaml
Comment on lines +48 to +52
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add error handling for sed operations.

The sed commands could fail silently if the files don't exist or if the patterns aren't found. Consider adding error checking:

-          sed -i 's/\(husarion\/panther:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.hardware.yaml
-          sed -i 's/\(husarion\/panther:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.rviz.yaml
-          sed -i 's/\(husarion\/panther-gazebo:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.simulation.yaml
+          for file in docker/demo/compose.{hardware,rviz}.yaml; do
+            if [ ! -f "$file" ]; then
+              echo "Error: $file not found"
+              exit 1
+            fi
+            if ! sed -i 's/\(husarion\/panther:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' "$file"; then
+              echo "Error: Failed to update $file"
+              exit 1
+            fi
+          done
+          
+          if [ ! -f "docker/demo/compose.simulation.yaml" ]; then
+            echo "Error: compose.simulation.yaml not found"
+            exit 1
+          fi
+          if ! sed -i 's/\(husarion\/panther-gazebo:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.simulation.yaml; then
+            echo "Error: Failed to update compose.simulation.yaml"
+            exit 1
+          fi
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Update docker image tag
run: |
sed -i 's/\(husarion\/panther:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.hardware.yaml
sed -i 's/\(husarion\/panther:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.rviz.yaml
sed -i 's/\(husarion\/panther-gazebo:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.simulation.yaml
- name: Update docker image tag
run: |
for file in docker/demo/compose.{hardware,rviz}.yaml; do
if [ ! -f "$file" ]; then
echo "Error: $file not found"
exit 1
fi
if ! sed -i 's/\(husarion\/panther:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' "$file"; then
echo "Error: Failed to update $file"
exit 1
fi
done
if [ ! -f "docker/demo/compose.simulation.yaml" ]; then
echo "Error: compose.simulation.yaml not found"
exit 1
fi
if ! sed -i 's/\(husarion\/panther-gazebo:humble-\)[^[:space:]]*/\1${{ env.RC_BRANCH_NAME }}/g' docker/demo/compose.simulation.yaml; then
echo "Error: Failed to update compose.simulation.yaml"
exit 1
fi


- name: Commit changes
uses: EndBug/add-and-commit@v9
with:
repository_owner: husarion
repository_name: ${{ matrix.repo }}
new_branch_name: ${{ env.RC_BRANCH_NAME }}
new_branch_ref: ros2-devel
access_token: ${{ secrets.GH_PAT}}
message: Update tags in compose files
author_name: action-bot
author_email: action-bot@action-bot.com
new_branch: ${{ env.RC_BRANCH_NAME }}

update_tags_in_compose:
name: Update Docker image tags in compose
runs-on: ubuntu-22.04
needs:
- create_release_candidate_branches
steps:
- name: Trigger repository build workflow
uses: convictional/trigger-workflow-and-wait@v1.6.1
- name: Build Docker
uses: ./.github/workflows/build-docker.yaml
with:
owner: husarion
repo: panther-docker
github_token: ${{ secrets.GH_PAT }}
workflow_file_name: update-tags-in-compose.yaml
ref: ${{ env.RC_BRANCH_NAME }}
client_payload: |
{
"branch_name": "${{ env.RC_BRANCH_NAME }}",
"image_tag": "humble-${{ env.RC_BRANCH_NAME }}"
}
build_type: development

build_and_push_docker_images:
name: Build panther docker images
os_image:
name: OS image
needs: docker
runs-on: ubuntu-22.04
needs:
- update_tags_in_compose
steps:
- name: Trigger repository build workflow
uses: convictional/trigger-workflow-and-wait@v1.6.1
- name: Create new branch
uses: GuillaumeFalourd/create-other-repo-branch-action@v1.5
with:
owner: husarion
repo: panther-docker
github_token: ${{ secrets.GH_PAT }}
workflow_file_name: ros-docker-image.yaml
ref: ${{ env.RC_BRANCH_NAME }}
client_payload: |
{
"panther_codebase_version": "${{ env.RC_BRANCH_NAME }}",
"build_type": "development",
"target_distro": "humble"
}
repository_owner: husarion
repository_name: panther-rpi-os-img
new_branch_name: ${{ env.RC_BRANCH_NAME }}
new_branch_ref: ros2-devel
access_token: ${{ secrets.RAFAL_ACCESS_TOKEN}}
Comment on lines +72 to +79
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add timeouts and error handling for external operations.

The workflow makes multiple external calls without proper timeout controls or error handling:

  1. Branch creation could fail silently
  2. External workflow triggers have no timeout specified
  3. Personal access token is used repeatedly

Consider these improvements:

  1. Add timeout to workflow triggers:
 uses: convictional/trigger-workflow-and-wait@v1.6.5
 with:
+  trigger_workflow_timeout: '3600'  # 1 hour timeout
  1. Use GITHUB_TOKEN where possible or centralize the token usage:
-  github_token: ${{ secrets.RAFAL_ACCESS_TOKEN }}
+  github_token: ${{ secrets.GITHUB_TOKEN }}
  1. Add error handling for branch creation:
 - name: Create new branch
   uses: GuillaumeFalourd/create-other-repo-branch-action@v1.5
+  id: create_branch
   with:
     repository_owner: husarion
     repository_name: panther-rpi-os-img
     new_branch_name: ${{ env.RC_BRANCH_NAME }}
     new_branch_ref: ros2-devel
     access_token: ${{ secrets.RAFAL_ACCESS_TOKEN}}
+  continue-on-error: true
+
+- name: Check branch creation
+  if: steps.create_branch.outcome == 'failure'
+  run: |
+    echo "Failed to create branch"
+    exit 1

Also applies to: 86-86, 101-101


build_and_publish_rpi_image:
name: Build panther system image
needs:
- update_tags_in_compose
runs-on: ubuntu-22.04
steps:
- name: Trigger repository build workflow
uses: convictional/trigger-workflow-and-wait@v1.6.1
- name: Build OS image
uses: convictional/trigger-workflow-and-wait@v1.6.5
with:
owner: husarion
repo: panther-rpi-os-img
github_token: ${{ secrets.GH_PAT }}
github_token: ${{ secrets.RAFAL_ACCESS_TOKEN }}
workflow_file_name: build_and_deploy_image.yaml
ref: ${{ env.RC_BRANCH_NAME }}
client_payload: |
{
"dev_image": "true",
"panther_codebase_version": "${{ env.RC_BRANCH_NAME }}",
"husarion_ugv_version": "${{ env.RC_BRANCH_NAME }}",
"image_tag": "${{ github.event.inputs.version }}"
}

build_and_publish_rpi_flash_os_image:
name: Build panther flash OS image
if: ${{ fromJSON(github.event.inputs.automatic_mode) == true }}
needs:
- build_and_publish_rpi_image
runs-on: ubuntu-22.04
steps:
- name: Trigger repository build workflow
uses: convictional/trigger-workflow-and-wait@v1.6.1
- name: Build flash OS image
uses: convictional/trigger-workflow-and-wait@v1.6.5
with:
owner: husarion
repo: panther-rpi-os-img
github_token: ${{ secrets.GH_PAT }}
github_token: ${{ secrets.RAFAL_ACCESS_TOKEN }}
workflow_file_name: build_and_deploy_flash_os_image.yaml
ref: ${{ env.RC_BRANCH_NAME }}
client_payload: |
Expand Down
Loading
Loading