Add develop Docker image release flow (#17)

immutable · Jan 7, 2025 · 81d3fcc · 81d3fcc
1 parent a390d99
commit 81d3fcc
Show file tree

Hide file tree

Showing 4 changed files with 103 additions and 15 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -3,4 +3,4 @@
 
 .github/workflows/              @immutable/prodsec @sergerad @rzmahmood @EdwardJES @jp-imx
 .github/actions/                @immutable/prodsec @sergerad @rzmahmood @EdwardJES @jp-imx
-./                              @sergerad @rzmahmood @EdwardJES @jp-imx
+./                              @sergerad @drinkcoffee @ermyas @jp-imx @ipekt @wcgcyx
diff --git a/.github/actions/push/action.yaml b/.github/actions/push/action.yaml
@@ -0,0 +1,92 @@
+---
+name: Docker build and push
+
+inputs:
+  github-token:
+    required: true
+  image_tag:
+    required: false
+    type: string
+  dockerfile:
+    required: false
+    type: string
+    default: "Dockerfile"
+  build-args:
+    required: false
+    type: string
+
+runs:
+  using: "composite"
+  steps:
+    - name: Log in to GitHub Container Registry
+      uses: docker/login-action@v2
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ inputs.github-token }}
+
+    - name: Extract Docker metadata
+      id: meta
+      uses: docker/metadata-action@v4
+      with:
+        images: ghcr.io/${{ github.repository }}/s
+        github-token: ${{ inputs.github-token }}
+
+    - name: Image tag
+      shell: bash
+      run: |
+        REPOSITORY_NAME="$(echo '${{ github.repository }}' | awk -F '/' '{print $2}')"
+        if [ -z ${{ inputs.image_tag }} ]; then
+            BUILD_TIMESTAMP="$(date +%s)"
+            SHORT_SHA="$(git rev-parse --short HEAD)"
+            echo GHCR_TAG="ghcr.io/${{ github.repository }}/immutable-geth:develop-$BUILD_TIMESTAMP-git.$SHORT_SHA" >> $GITHUB_ENV
+        else
+            echo GHCR_TAG="ghcr.io/${{ github.repository }}/immutable-geth:${{ inputs.image_tag }}" >> $GITHUB_ENV
+        fi
+
+    - name: Restore Go mod (pkg)
+      uses: actions/cache/restore@v3
+      with:
+        path: "~/go/pkg/mod"
+        key: ${{ runner.os }}-gomod-${{ hashFiles('**/go.sum') }}-${{ github.sha }}-${{ github.run_id }}
+        restore-keys: |
+          ${{ runner.os }}-gomod-${{ hashFiles('**/go.sum') }}-${{ github.sha }}-
+          ${{ runner.os }}-gomod-${{ hashFiles('**/go.sum') }}-
+          ${{ runner.os }}-gomod-
+
+    - name: Restore Go build (test)
+      uses: actions/cache/restore@v3
+      with:
+        path: "~/.cache/go-build"
+        key: ${{ runner.os }}-gobuild-${{ hashFiles('**/go.sum') }}-${{ github.sha }}-${{ github.run_id }}
+        restore-keys: |
+          ${{ runner.os }}-gobuild-${{ hashFiles('**/go.sum') }}-${{ github.sha }}-
+          ${{ runner.os }}-gobuild-${{ hashFiles('**/go.sum') }}-
+          ${{ runner.os }}-gobuild-
+
+    - name: Set up Docker Context for buildx
+      id: buildx-context
+      shell: bash
+      run: |
+        docker context create builders
+
+    - name: Set up Docker Buildx
+      id: buildx
+      uses: docker/setup-buildx-action@v2
+      with:
+        version: latest
+        endpoint: builders
+
+    - name: Build and push
+      uses: docker/build-push-action@v4
+      with:
+        context: .
+        platforms: linux/amd64
+        file: ${{ inputs.dockerfile }}
+        push: true
+        build-args: ${{ inputs.build-args }}
+        tags: ${{ env.GHCR_TAG }}
+        labels: ${{ steps.meta.outputs.labels }}
+        cache-from: type=registry,ref=ghcr.io/${{ github.repository }}/immutable-geth:cache
+        cache-to: type=registry,ref=ghcr.io/${{ github.repository }}/immutable-geth:cache,mode=max
+        provenance: false
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
@@ -11,19 +11,15 @@ permissions: # see this: https://docs.github.com/en/actions/using-jobs/assigning
   contents: write # This is required for actions/checkout
 
 jobs:
-  dev_docker_build_push:
-    if: ${{ github.ref == 'refs/heads/main' }}
-    uses: immutable/im-shared-github-actions/.github/workflows/docker-build-tag-push.yml@v1.3.1
-    with:
-      environment: dev
-      dockerfile: "Dockerfile"
-      role-to-assume: "arn:aws:iam::783421985614:role/immutable-nonprod-docker-image-push"
-      role-session-name: "go-ethereum-immutable-nonprod-docker-image-push"
-      aws-region: "us-east-2"
-      go-mod-cache-path: "~/go/pkg/mod"
-      go-build-cache-path: "~/.cache/go-build"
-    secrets:
-      github-token: ${{ secrets.PLATFORM_SA_GITHUB_TOKEN }}
+  push:
+    name: Push Docker
+    runs-on: ubuntu-20-04-4-cores
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - uses: ./.github/actions/push
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
 
   tests:
     name: Tests

diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
@@ -73,4 +73,4 @@ jobs:
         shell: bash
         run: |
           go run build/ci.go install
-          go test $(go list ./... | grep -v 'go-ethereum/tests/immutable') -p 1 --parallel 4 -timeout=30m
+          go test $(go list ./... | grep -v 'go-ethereum/tests/immutable') -p 1 --parallel 4 -timeout=30m