Build Node Docker Images #103
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Node Docker Images | |
| # This workflow is used to build and push one-off images for specific node types. This is useful | |
| # when deploying hotfixes or any time a change is not needed for all node roles. | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| type: string | |
| description: 'Git tag/commit' | |
| required: true | |
| docker_tag: | |
| type: string | |
| description: 'Docker tag' | |
| required: true | |
| # GHA doesn't support multi-selects, so simulating it with one boolean for each option | |
| build_access: | |
| type: boolean | |
| description: 'Access' | |
| required: false | |
| build_collection: | |
| type: boolean | |
| description: 'Collection' | |
| required: false | |
| build_consensus: | |
| type: boolean | |
| description: 'Consensus' | |
| required: false | |
| build_execution: | |
| type: boolean | |
| description: 'Execution' | |
| required: false | |
| build_verification: | |
| type: boolean | |
| description: 'Verification' | |
| required: false | |
| build_observer: | |
| type: boolean | |
| description: 'Observer' | |
| required: false | |
| include_with_adx: | |
| type: boolean | |
| description: 'Build `with_adx` images' | |
| required: false | |
| # GHA allows only up to 10 inputs - regroup two entries in one | |
| include_without_netgo_without_adx: | |
| type: boolean | |
| description: 'Build `without_adx` and `without_netgo_without_adx` images' | |
| required: false | |
| jobs: | |
| # matrix_builder generates a matrix that includes the roles selected in the input | |
| matrix_builder: | |
| name: Setup build jobs | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix: ${{ steps.generate.outputs.matrix }} | |
| steps: | |
| - name: Print all input variables | |
| run: echo '${{ toJson(inputs) }}' | jq | |
| - id: generate | |
| run: | | |
| roles=() | |
| if [[ "${{ inputs.build_access }}" = "true" ]]; then | |
| roles+=( "access" ) | |
| fi | |
| if [[ "${{ inputs.build_collection }}" = "true" ]]; then | |
| roles+=( "collection" ) | |
| fi | |
| if [[ "${{ inputs.build_consensus }}" = "true" ]]; then | |
| roles+=( "consensus" ) | |
| fi | |
| if [[ "${{ inputs.build_execution }}" = "true" ]]; then | |
| roles+=( "execution" ) | |
| fi | |
| if [[ "${{ inputs.build_verification }}" = "true" ]]; then | |
| roles+=( "verification" ) | |
| fi | |
| if [[ "${{ inputs.build_observer }}" = "true" ]]; then | |
| roles+=( "observer" ) | |
| fi | |
| rolesJSON=$(jq --compact-output --null-input '$ARGS.positional' --args -- "${roles[@]}") | |
| echo "matrix={\"role\":$(echo $rolesJSON)}" >> $GITHUB_OUTPUT | |
| docker-push: | |
| name: ${{ matrix.role }} images | |
| runs-on: ubuntu-latest | |
| needs: matrix_builder | |
| # setup jobs for each role | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJson(needs.matrix_builder.outputs.matrix) }} | |
| steps: | |
| - name: Setup Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: '1.19' | |
| - name: Checkout repo | |
| uses: actions/checkout@v2 | |
| with: | |
| ref: ${{ inputs.tag }} | |
| # Provide Google Service Account credentials to Github Action, allowing interaction with the Google Container Registry | |
| # Logging in as github-actions@dl-flow.iam.gserviceaccount.com | |
| - id: auth | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| credentials_json: ${{ secrets.GCR_SERVICE_KEY_SECRET }} | |
| - name: Set up Google Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v1 | |
| - name: Authenticate docker with gcloud | |
| run: | | |
| gcloud auth configure-docker | |
| - name: Build/Push ${{ matrix.role }} images with adx | |
| if: ${{ inputs.include_with_adx }} | |
| env: | |
| IMAGE_TAG: ${{ inputs.docker_tag }} | |
| GITHUB_CREDS: "machine github.com login ${{ secrets.REPO_SYNC_USER }} password ${{ secrets.REPO_SYNC }}" | |
| run: | | |
| make docker-build-${{ matrix.role }}-with-adx docker-push-${{ matrix.role }}-with-adx | |
| - name: Build/Push ${{ matrix.role }} without netgo without adx images | |
| if: ${{ inputs.include_without_netgo_without_adx }} | |
| env: | |
| IMAGE_TAG: ${{ inputs.docker_tag }} | |
| GITHUB_CREDS: "machine github.com login ${{ secrets.REPO_SYNC_USER }} password ${{ secrets.REPO_SYNC }}" | |
| run: | | |
| make docker-build-${{ matrix.role }}-without-adx docker-push-${{ matrix.role }}-without-adx | | |
| make docker-build-${{ matrix.role }}-without-netgo-without-adx docker-push-${{ matrix.role }}-without-netgo-without-adx |