From 4aa4b9c81edf3d33ed40b058d6a9f6140a38b0e6 Mon Sep 17 00:00:00 2001 From: Florent Poinsard Date: Wed, 3 Apr 2024 16:52:09 -0600 Subject: [PATCH 01/10] Skip workflow if we are below version 20 Signed-off-by: Florent Poinsard --- .github/workflows/docker_build_images.yml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker_build_images.yml b/.github/workflows/docker_build_images.yml index 7ec52fe4c8e..579468b56f6 100644 --- a/.github/workflows/docker_build_images.yml +++ b/.github/workflows/docker_build_images.yml @@ -1,5 +1,6 @@ -name: Docker Build Images +name: Docker Build Images (v20+) on: + pull_request: push: branches: - main @@ -7,7 +8,7 @@ on: - '*' concurrency: - group: format('{0}-{1}', ${{ github.ref }}, 'Docker Build Images') + group: format('{0}-{1}', ${{ github.ref }}, 'Docker Build Images (v20+)') cancel-in-progress: true permissions: read-all @@ -27,6 +28,12 @@ jobs: - name: Check out code uses: actions/checkout@v4 + - name: Skip workflow if below version 20 + run: | + if [ "$(sed -n 's/.*versionName.*\"\([[:digit:]\.]*\).*\"/\1/p' ./go/vt/servenv/version.go | awk -F'.' '{print substr($1, 1, 2)}')" -lt 20 ]; then + exit 0 + fi + - name: Login to Docker Hub uses: docker/login-action@v3 with: @@ -77,6 +84,7 @@ jobs: build_and_push_components: name: Build and push vitess components Docker images + needs: build_and_push_lite runs-on: gh-hosted-runners-16cores-1 if: github.repository == 'vitessio/vitess' @@ -90,6 +98,12 @@ jobs: - name: Check out code uses: actions/checkout@v4 + - name: Skip workflow if below version 20 + run: | + if [ "$(sed -n 's/.*versionName.*\"\([[:digit:]\.]*\).*\"/\1/p' ./go/vt/servenv/version.go | awk -F'.' '{print substr($1, 1, 2)}')" -lt 20 ]; then + exit 0 + fi + - name: Login to Docker Hub uses: docker/login-action@v3 with: From 8472a891be6514937a8fe4c1b3add9003a2a6a1d Mon Sep 17 00:00:00 2001 From: Florent Poinsard Date: Wed, 3 Apr 2024 17:00:18 -0600 Subject: [PATCH 02/10] Re-add old base/lite actions for previous releases Signed-off-by: Florent Poinsard --- .github/workflows/docker_build_images.yml | 14 +- .github/workflows/docker_build_old_base.yml | 259 ++++++++++++++++++++ .github/workflows/docker_build_old_lite.yml | 71 ++++++ 3 files changed, 331 insertions(+), 13 deletions(-) create mode 100644 .github/workflows/docker_build_old_base.yml create mode 100644 .github/workflows/docker_build_old_lite.yml diff --git a/.github/workflows/docker_build_images.yml b/.github/workflows/docker_build_images.yml index 579468b56f6..90ae8ab3c46 100644 --- a/.github/workflows/docker_build_images.yml +++ b/.github/workflows/docker_build_images.yml @@ -5,7 +5,7 @@ on: branches: - main tags: - - '*' + - 'v[2-9][0-9]*.*' # run only on tags greater or equal to v20.0.0 concurrency: group: format('{0}-{1}', ${{ github.ref }}, 'Docker Build Images (v20+)') @@ -28,12 +28,6 @@ jobs: - name: Check out code uses: actions/checkout@v4 - - name: Skip workflow if below version 20 - run: | - if [ "$(sed -n 's/.*versionName.*\"\([[:digit:]\.]*\).*\"/\1/p' ./go/vt/servenv/version.go | awk -F'.' '{print substr($1, 1, 2)}')" -lt 20 ]; then - exit 0 - fi - - name: Login to Docker Hub uses: docker/login-action@v3 with: @@ -98,12 +92,6 @@ jobs: - name: Check out code uses: actions/checkout@v4 - - name: Skip workflow if below version 20 - run: | - if [ "$(sed -n 's/.*versionName.*\"\([[:digit:]\.]*\).*\"/\1/p' ./go/vt/servenv/version.go | awk -F'.' '{print substr($1, 1, 2)}')" -lt 20 ]; then - exit 0 - fi - - name: Login to Docker Hub uses: docker/login-action@v3 with: diff --git a/.github/workflows/docker_build_old_base.yml b/.github/workflows/docker_build_old_base.yml new file mode 100644 index 00000000000..c618f39d2e8 --- /dev/null +++ b/.github/workflows/docker_build_old_base.yml @@ -0,0 +1,259 @@ +name: Docker Build Base +on: + push: + tags-ignore: + - 'v[2-9][0-9]*.*' # ignore all the tags greater or equal to v20.0.0 + +concurrency: + group: format('{0}-{1}', ${{ github.ref }}, 'Docker Build Base') + cancel-in-progress: true + +permissions: read-all + +jobs: + build_and_push_base: + name: Build and push vitess/base Docker images + runs-on: gh-hosted-runners-16cores-1 + if: github.repository == 'vitessio/vitess' + + strategy: + fail-fast: true + matrix: + branch: [ latest, mysql57, percona57, percona80 ] + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Dockerfile path + run: | + if [[ "${{ matrix.branch }}" == "latest" ]]; then + echo "DOCKERFILE=./docker/base/Dockerfile" >> $GITHUB_ENV + else + echo "DOCKERFILE=./docker/base/Dockerfile.${{ matrix.branch }}" >> $GITHUB_ENV + fi + + - name: Build and push on main + if: github.ref == 'refs/heads/main' + uses: docker/build-push-action@v5 + with: + context: . + file: ${{ env.DOCKERFILE }} + push: true + tags: vitess/base:${{ matrix.branch }} + + ###### + # All code below only applies to new tags + ###### + + - name: Get the Git tag + if: startsWith(github.ref, 'refs/tags/') + run: echo "TAG_NAME=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV + + - name: Set Docker tag name + if: startsWith(github.ref, 'refs/tags/') && matrix.branch == 'latest' + run: | + if [[ "${{ matrix.branch }}" == "latest" ]]; then + echo "DOCKER_TAG=vitess/base:${TAG_NAME}" >> $GITHUB_ENV + fi + + - name: Build and push on tags + if: startsWith(github.ref, 'refs/tags/') && matrix.branch == 'latest' + uses: docker/build-push-action@v5 + with: + context: . + file: ${{ env.DOCKERFILE }} + push: true + tags: ${{ env.DOCKER_TAG }} + + build_and_push_k8s: + needs: build_and_push_base + name: Build and push vitess/k8s image + runs-on: gh-hosted-runners-16cores-1 + if: github.repository == 'vitessio/vitess' + + strategy: + fail-fast: true + matrix: + debian: [ bullseye, bookworm ] + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker context path + run: | + echo "DOCKER_CTX=./docker/k8s" >> $GITHUB_ENV + + - name: Build and push on main latest tag + if: github.ref == 'refs/heads/main' && matrix.debian == 'bookworm' + uses: docker/build-push-action@v5 + with: + context: ${{ env.DOCKER_CTX }} + push: true + tags: vitess/k8s:latest + build-args: | + VT_BASE_VER=latest + DEBIAN_VER=${{ matrix.debian }}-slim + + - name: Build and push on main debian specific tag + if: github.ref == 'refs/heads/main' + uses: docker/build-push-action@v5 + with: + context: ${{ env.DOCKER_CTX }} + push: true + tags: vitess/k8s:latest-${{ matrix.debian }} + build-args: | + VT_BASE_VER=latest + DEBIAN_VER=${{ matrix.debian }}-slim + + ###### + # All code below only applies to new tags + ###### + + - name: Get the Git tag + if: startsWith(github.ref, 'refs/tags/') + run: echo "TAG_NAME=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV + + # We push git-tag-based k8s image to three tags, i.e. for 'v19.0.0' we push to: + # + # vitess/k8s:v19.0.0 (DOCKER_TAG_DEFAULT_DEBIAN) + # vitess/k8s:v19.0.0-bookworm (DOCKER_TAG) + # vitess/k8s:v19.0.0-bullseye (DOCKER_TAG) + # + - name: Set Docker tag name + if: startsWith(github.ref, 'refs/tags/') + run: | + echo "DOCKER_TAG_DEFAULT_DEBIAN=vitess/k8s:${TAG_NAME}" >> $GITHUB_ENV + echo "DOCKER_TAG=vitess/k8s:${TAG_NAME}-${{ matrix.debian }}" >> $GITHUB_ENV + + # Build and Push component image to DOCKER_TAG, applies to both debian version + - name: Build and push on tags using Debian extension + if: startsWith(github.ref, 'refs/tags/') + uses: docker/build-push-action@v5 + with: + context: ${{ env.DOCKER_CTX }} + push: true + tags: ${{ env.DOCKER_TAG }} + build-args: | + VT_BASE_VER=${{ env.TAG_NAME }} + DEBIAN_VER=${{ matrix.debian }}-slim + + # Build and Push component image to DOCKER_TAG_DEFAULT_DEBIAN, only applies when building the default Debian version (bookworm) + # It is fine to build a second time here when "matrix.debian == 'bookworm'" as we have cached the first build already + - name: Build and push on tags without Debian extension + if: startsWith(github.ref, 'refs/tags/') && matrix.debian == 'bookworm' + uses: docker/build-push-action@v5 + with: + context: ${{ env.DOCKER_CTX }} + push: true + tags: ${{ env.DOCKER_TAG_DEFAULT_DEBIAN }} + build-args: | + VT_BASE_VER=${{ env.TAG_NAME }} + DEBIAN_VER=${{ matrix.debian }}-slim + + + build_and_push_components: + needs: build_and_push_k8s + name: Build and push vitess components Docker images + runs-on: gh-hosted-runners-16cores-1 + if: github.repository == 'vitessio/vitess' + + strategy: + fail-fast: true + matrix: + debian: [ bullseye, bookworm ] + component: [ vtadmin, vtorc, vtgate, vttablet, mysqlctld, mysqlctl, vtctl, vtctlclient, vtctld, logrotate, logtail, vtbackup, vtexplain ] + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Set Docker context path + run: | + echo "DOCKER_CTX=./docker/k8s/${{ matrix.component }}" >> $GITHUB_ENV + + - name: Build and push on main latest tag + if: github.ref == 'refs/heads/main' && matrix.debian == 'bookworm' + uses: docker/build-push-action@v5 + with: + context: ${{ env.DOCKER_CTX }} + push: true + tags: vitess/${{ matrix.component }}:latest + build-args: | + VT_BASE_VER=latest + DEBIAN_VER=${{ matrix.debian }}-slim + + - name: Build and push on main debian specific tag + if: github.ref == 'refs/heads/main' + uses: docker/build-push-action@v5 + with: + context: ${{ env.DOCKER_CTX }} + push: true + tags: vitess/${{ matrix.component }}:latest-${{ matrix.debian }} + build-args: | + VT_BASE_VER=latest + DEBIAN_VER=${{ matrix.debian }}-slim + + ###### + # All code below only applies to new tags + ###### + + - name: Get the Git tag + if: startsWith(github.ref, 'refs/tags/') + run: echo "TAG_NAME=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV + + # We push git-tag-based images to three tags, i.e. for 'v19.0.0' we push to: + # + # vitess/${{ matrix.component }}:v19.0.0 (DOCKER_TAG_DEFAULT_DEBIAN) + # vitess/${{ matrix.component }}:v19.0.0-bookworm (DOCKER_TAG) + # vitess/${{ matrix.component }}:v19.0.0-bullseye (DOCKER_TAG) + # + - name: Set Docker tag name + if: startsWith(github.ref, 'refs/tags/') + run: | + echo "DOCKER_TAG_DEFAULT_DEBIAN=vitess/${{ matrix.component }}:${TAG_NAME}" >> $GITHUB_ENV + echo "DOCKER_TAG=vitess/${{ matrix.component }}:${TAG_NAME}-${{ matrix.debian }}" >> $GITHUB_ENV + + # Build and Push component image to DOCKER_TAG, applies to both debian version + - name: Build and push on tags using Debian extension + if: startsWith(github.ref, 'refs/tags/') + uses: docker/build-push-action@v5 + with: + context: ${{ env.DOCKER_CTX }} + push: true + tags: ${{ env.DOCKER_TAG }} + build-args: | + VT_BASE_VER=${{ env.TAG_NAME }} + DEBIAN_VER=${{ matrix.debian }}-slim + + # Build and Push component image to DOCKER_TAG_DEFAULT_DEBIAN, only applies when building the default Debian version (bookworm) + # It is fine to build a second time here when "matrix.debian == 'bookworm'" as we have cached the first build already + - name: Build and push on tags without Debian extension + if: startsWith(github.ref, 'refs/tags/') && matrix.debian == 'bookworm' + uses: docker/build-push-action@v5 + with: + context: ${{ env.DOCKER_CTX }} + push: true + tags: ${{ env.DOCKER_TAG_DEFAULT_DEBIAN }} + build-args: | + VT_BASE_VER=${{ env.TAG_NAME }} + DEBIAN_VER=${{ matrix.debian }}-slim \ No newline at end of file diff --git a/.github/workflows/docker_build_old_lite.yml b/.github/workflows/docker_build_old_lite.yml new file mode 100644 index 00000000000..2b94064cd29 --- /dev/null +++ b/.github/workflows/docker_build_old_lite.yml @@ -0,0 +1,71 @@ +name: Docker Build Lite (> $GITHUB_ENV + else + echo "DOCKERFILE=./docker/lite/Dockerfile.${{ matrix.branch }}" >> $GITHUB_ENV + fi + + - name: Build and push on main + if: github.ref == 'refs/heads/main' + uses: docker/build-push-action@v5 + with: + context: . + file: ${{ env.DOCKERFILE }} + push: true + tags: vitess/lite:${{ matrix.branch }} + + - name: Get the Git tag + if: startsWith(github.ref, 'refs/tags/') + run: echo "TAG_NAME=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV + + - name: Set Docker tag name + if: startsWith(github.ref, 'refs/tags/') + run: | + if [[ "${{ matrix.branch }}" == "latest" ]]; then + echo "DOCKER_TAG=vitess/lite:${TAG_NAME}" >> $GITHUB_ENV + else + echo "DOCKER_TAG=vitess/lite:${TAG_NAME}-${{ matrix.branch }}" >> $GITHUB_ENV + fi + + - name: Build and push on tags + if: startsWith(github.ref, 'refs/tags/') + uses: docker/build-push-action@v5 + with: + context: . + file: ${{ env.DOCKERFILE }} + push: true + tags: ${{ env.DOCKER_TAG }} \ No newline at end of file From fa4efbe29515c82c80dd535a2ef7b1a675d7a37a Mon Sep 17 00:00:00 2001 From: Florent Poinsard Date: Wed, 3 Apr 2024 17:01:10 -0600 Subject: [PATCH 03/10] Rename old base action Signed-off-by: Florent Poinsard --- .github/workflows/docker_build_old_base.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker_build_old_base.yml b/.github/workflows/docker_build_old_base.yml index c618f39d2e8..4dcadaa59ff 100644 --- a/.github/workflows/docker_build_old_base.yml +++ b/.github/workflows/docker_build_old_base.yml @@ -1,11 +1,11 @@ -name: Docker Build Base +name: Docker Build Base ( Date: Wed, 3 Apr 2024 17:07:56 -0600 Subject: [PATCH 04/10] Copy config folder in lite image Signed-off-by: Florent Poinsard --- docker/lite/Dockerfile | 2 ++ docker/lite/Dockerfile.testing | 2 ++ docker/lite/Dockerfile.ubi7 | 2 ++ docker/lite/Dockerfile.ubi8 | 2 ++ docker/lite/Dockerfile.ubi8.arm64 | 2 ++ 5 files changed, 10 insertions(+) diff --git a/docker/lite/Dockerfile b/docker/lite/Dockerfile index ff65d858dad..89e0cd8bd6a 100644 --- a/docker/lite/Dockerfile +++ b/docker/lite/Dockerfile @@ -48,6 +48,8 @@ ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/mycnf /vt/config/ # Create mount point for actual data (e.g. MySQL data dir) VOLUME /vt/vtdataroot diff --git a/docker/lite/Dockerfile.testing b/docker/lite/Dockerfile.testing index c6a34df2784..8a1d7121f69 100644 --- a/docker/lite/Dockerfile.testing +++ b/docker/lite/Dockerfile.testing @@ -48,6 +48,8 @@ ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/mycnf /vt/config/ # Create mount point for actual data (e.g. MySQL data dir) VOLUME /vt/vtdataroot diff --git a/docker/lite/Dockerfile.ubi7 b/docker/lite/Dockerfile.ubi7 index 52cebdc15b7..baab4f5f50b 100644 --- a/docker/lite/Dockerfile.ubi7 +++ b/docker/lite/Dockerfile.ubi7 @@ -48,6 +48,8 @@ ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/mycnf /vt/config/ RUN mkdir -p /licenses COPY LICENSE /licenses diff --git a/docker/lite/Dockerfile.ubi8 b/docker/lite/Dockerfile.ubi8 index 36ef69e5867..ea933184d5e 100644 --- a/docker/lite/Dockerfile.ubi8 +++ b/docker/lite/Dockerfile.ubi8 @@ -48,6 +48,8 @@ ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/mycnf /vt/config/ RUN mkdir -p /licenses COPY LICENSE /licenses diff --git a/docker/lite/Dockerfile.ubi8.arm64 b/docker/lite/Dockerfile.ubi8.arm64 index a5efb9daa8f..a4b518be74e 100644 --- a/docker/lite/Dockerfile.ubi8.arm64 +++ b/docker/lite/Dockerfile.ubi8.arm64 @@ -48,6 +48,8 @@ ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ +COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/mycnf /vt/config/ RUN mkdir -p /licenses COPY LICENSE /licenses From 091cdc9e71868f5d89d808ea0a90e76bc03635ae Mon Sep 17 00:00:00 2001 From: Florent Poinsard Date: Wed, 3 Apr 2024 17:14:56 -0600 Subject: [PATCH 05/10] More debug Signed-off-by: Florent Poinsard --- .github/workflows/docker_build_images.yml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/.github/workflows/docker_build_images.yml b/.github/workflows/docker_build_images.yml index 90ae8ab3c46..2ef0f2720b6 100644 --- a/.github/workflows/docker_build_images.yml +++ b/.github/workflows/docker_build_images.yml @@ -43,13 +43,13 @@ jobs: fi - name: Build and push on main - if: github.ref == 'refs/heads/main' +# if: github.ref == 'refs/heads/main' uses: docker/build-push-action@v5 with: context: . file: ${{ env.DOCKERFILE }} push: true - tags: vitess/lite:${{ matrix.branch }} + tags: vitess/lite:test-${{ matrix.branch }} ###### # All code below only applies to new tags @@ -103,25 +103,26 @@ jobs: echo "DOCKER_CTX=./docker/binaries/${{ matrix.component }}" >> $GITHUB_ENV - name: Build and push on main latest tag - if: github.ref == 'refs/heads/main' && matrix.debian == 'bookworm' +# if: github.ref == 'refs/heads/main' && matrix.debian == 'bookworm' + if: matrix.debian == 'bookworm' uses: docker/build-push-action@v5 with: context: ${{ env.DOCKER_CTX }} push: true - tags: vitess/${{ matrix.component }}:latest + tags: vitess/${{ matrix.component }}:test-latest build-args: | - VT_BASE_VER=latest + VT_BASE_VER=test-latest DEBIAN_VER=${{ matrix.debian }}-slim - name: Build and push on main debian specific tag - if: github.ref == 'refs/heads/main' +# if: github.ref == 'refs/heads/main' uses: docker/build-push-action@v5 with: context: ${{ env.DOCKER_CTX }} push: true - tags: vitess/${{ matrix.component }}:latest-${{ matrix.debian }} + tags: vitess/${{ matrix.component }}:test-latest-${{ matrix.debian }} build-args: | - VT_BASE_VER=latest + VT_BASE_VER=test-latest DEBIAN_VER=${{ matrix.debian }}-slim ###### From ab696dd9982adb0119ea6b26e3c2793ad3300eb1 Mon Sep 17 00:00:00 2001 From: Florent Poinsard Date: Wed, 3 Apr 2024 17:32:46 -0600 Subject: [PATCH 06/10] install ca-cert in the common bootstrap image Signed-off-by: Florent Poinsard --- docker/bootstrap/Dockerfile.common | 1 + 1 file changed, 1 insertion(+) diff --git a/docker/bootstrap/Dockerfile.common b/docker/bootstrap/Dockerfile.common index 2793ad94eee..821ec6916db 100644 --- a/docker/bootstrap/Dockerfile.common +++ b/docker/bootstrap/Dockerfile.common @@ -4,6 +4,7 @@ FROM --platform=linux/amd64 golang:1.22.1-bullseye RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ # TODO(mberlin): Group these to make it easier to understand which library actually requires them. ant \ + ca-certificates \ chromium \ curl \ default-jdk \ From 143a53a7b53ab2c5596b4f076ca96555d59b8a39 Mon Sep 17 00:00:00 2001 From: Florent Poinsard Date: Wed, 3 Apr 2024 18:05:59 -0600 Subject: [PATCH 07/10] copy ca-cert into the lite image Signed-off-by: Florent Poinsard --- docker/lite/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/docker/lite/Dockerfile b/docker/lite/Dockerfile index 89e0cd8bd6a..798c882f52d 100644 --- a/docker/lite/Dockerfile +++ b/docker/lite/Dockerfile @@ -46,6 +46,7 @@ ENV VTDATAROOT /vt/vtdataroot ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ From 1e4de4093be8d63a9828dc9bfb224c34929c81fc Mon Sep 17 00:00:00 2001 From: Florent Poinsard Date: Wed, 3 Apr 2024 18:09:32 -0600 Subject: [PATCH 08/10] copy cert on all lite images Signed-off-by: Florent Poinsard --- docker/lite/Dockerfile.testing | 1 + docker/lite/Dockerfile.ubi7 | 1 + docker/lite/Dockerfile.ubi8 | 1 + docker/lite/Dockerfile.ubi8.arm64 | 1 + 4 files changed, 4 insertions(+) diff --git a/docker/lite/Dockerfile.testing b/docker/lite/Dockerfile.testing index 8a1d7121f69..845d339d996 100644 --- a/docker/lite/Dockerfile.testing +++ b/docker/lite/Dockerfile.testing @@ -46,6 +46,7 @@ ENV VTDATAROOT /vt/vtdataroot ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ diff --git a/docker/lite/Dockerfile.ubi7 b/docker/lite/Dockerfile.ubi7 index baab4f5f50b..e659219a6f3 100644 --- a/docker/lite/Dockerfile.ubi7 +++ b/docker/lite/Dockerfile.ubi7 @@ -46,6 +46,7 @@ ENV VTDATAROOT /vt/vtdataroot ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ diff --git a/docker/lite/Dockerfile.ubi8 b/docker/lite/Dockerfile.ubi8 index ea933184d5e..f5b95a9f483 100644 --- a/docker/lite/Dockerfile.ubi8 +++ b/docker/lite/Dockerfile.ubi8 @@ -46,6 +46,7 @@ ENV VTDATAROOT /vt/vtdataroot ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ diff --git a/docker/lite/Dockerfile.ubi8.arm64 b/docker/lite/Dockerfile.ubi8.arm64 index a4b518be74e..f3bee6353d6 100644 --- a/docker/lite/Dockerfile.ubi8.arm64 +++ b/docker/lite/Dockerfile.ubi8.arm64 @@ -46,6 +46,7 @@ ENV VTDATAROOT /vt/vtdataroot ENV PATH $VTROOT/bin:$PATH # Copy artifacts from builder layer. +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt COPY --from=builder --chown=vitess:vitess /vt/install /vt COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/web/vtadmin /vt/web/vtadmin COPY --from=builder --chown=vitess:vitess /vt/src/vitess.io/vitess/config/init_db.sql /vt/config/ From 0caa1b7dfa706c64555556c98b23cd6470f78131 Mon Sep 17 00:00:00 2001 From: Florent Poinsard Date: Wed, 3 Apr 2024 18:17:47 -0600 Subject: [PATCH 09/10] remove any debug Signed-off-by: Florent Poinsard --- .github/workflows/docker_build_images.yml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/.github/workflows/docker_build_images.yml b/.github/workflows/docker_build_images.yml index 2ef0f2720b6..90ae8ab3c46 100644 --- a/.github/workflows/docker_build_images.yml +++ b/.github/workflows/docker_build_images.yml @@ -43,13 +43,13 @@ jobs: fi - name: Build and push on main -# if: github.ref == 'refs/heads/main' + if: github.ref == 'refs/heads/main' uses: docker/build-push-action@v5 with: context: . file: ${{ env.DOCKERFILE }} push: true - tags: vitess/lite:test-${{ matrix.branch }} + tags: vitess/lite:${{ matrix.branch }} ###### # All code below only applies to new tags @@ -103,26 +103,25 @@ jobs: echo "DOCKER_CTX=./docker/binaries/${{ matrix.component }}" >> $GITHUB_ENV - name: Build and push on main latest tag -# if: github.ref == 'refs/heads/main' && matrix.debian == 'bookworm' - if: matrix.debian == 'bookworm' + if: github.ref == 'refs/heads/main' && matrix.debian == 'bookworm' uses: docker/build-push-action@v5 with: context: ${{ env.DOCKER_CTX }} push: true - tags: vitess/${{ matrix.component }}:test-latest + tags: vitess/${{ matrix.component }}:latest build-args: | - VT_BASE_VER=test-latest + VT_BASE_VER=latest DEBIAN_VER=${{ matrix.debian }}-slim - name: Build and push on main debian specific tag -# if: github.ref == 'refs/heads/main' + if: github.ref == 'refs/heads/main' uses: docker/build-push-action@v5 with: context: ${{ env.DOCKER_CTX }} push: true - tags: vitess/${{ matrix.component }}:test-latest-${{ matrix.debian }} + tags: vitess/${{ matrix.component }}:latest-${{ matrix.debian }} build-args: | - VT_BASE_VER=test-latest + VT_BASE_VER=latest DEBIAN_VER=${{ matrix.debian }}-slim ###### From b2062419cb3ac21faf1b8a7bde48497918aa97a4 Mon Sep 17 00:00:00 2001 From: Florent Poinsard Date: Wed, 3 Apr 2024 18:19:39 -0600 Subject: [PATCH 10/10] Remove build on PR Signed-off-by: Florent Poinsard --- .github/workflows/docker_build_images.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/docker_build_images.yml b/.github/workflows/docker_build_images.yml index 90ae8ab3c46..347af8f5887 100644 --- a/.github/workflows/docker_build_images.yml +++ b/.github/workflows/docker_build_images.yml @@ -1,6 +1,5 @@ name: Docker Build Images (v20+) on: - pull_request: push: branches: - main