From 1beb7c7701cd0a01d4facd6b4caadf1e345b4225 Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Wed, 5 Jun 2024 16:45:06 +0300 Subject: [PATCH 1/5] ci: build and push image for `main` branch --- .github/workflows/ci.yaml | 48 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 071f1d61..913f1db9 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -15,11 +15,12 @@ permissions: contents: read deployments: none issues: none - packages: none pull-requests: none repository-projects: none security-events: none statuses: none + # Necessary to push docker images to ghcr.io. + packages: write # Cancel in-progress runs for pull requests when developers push # additional changes @@ -67,3 +68,48 @@ jobs: - name: Check format run: ./scripts/check_fmt.sh + build: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - uses: actions/setup-go@v5 + with: + go-version: "~1.22" + + - name: Login to GitHub Container Registry + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + # do not push images for pull requests + - name: Build + if: github.event_name == 'pull_request' + run: | + VERSION=$(./scripts/version.sh)-dev-$(git rev-parse --short HEAD) + BASE=ghcr.io/coder/envbuilder-preview + + ./scripts/build.sh \ + --arch=amd64 \ + --arch=arm64 \ + --arch=arm \ + --base=$BASE \ + --tag=$VERSION + + - name: Build and Push + if: github.ref == 'refs/heads/main' + run: | + VERSION=$(./scripts/version.sh)-dev-$(git rev-parse --short HEAD) + BASE=ghcr.io/coder/envbuilder-preview + + ./scripts/build.sh \ + --arch=amd64 \ + --arch=arm64 \ + --arch=arm \ + --base=$BASE \ + --tag=$VERSION \ + --push From 2dc20546043e52a21038bd16c04cbc747367b57c Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Wed, 5 Jun 2024 16:58:05 +0300 Subject: [PATCH 2/5] chore: update fetch-depth in CI workflow to get older tags --- .github/workflows/ci.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 913f1db9..81c1fb2f 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -73,6 +73,9 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + with: + # Needed to get older tags + fetch-depth: 0 - uses: actions/setup-go@v5 with: From 990e64fa228e4fe0f7d6b8866dc96a2f8a7146a3 Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Wed, 5 Jun 2024 17:25:52 +0300 Subject: [PATCH 3/5] do not make envbuilder the default builder --- scripts/build.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/build.sh b/scripts/build.sh index 4f0b17f9..2fac5e04 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -41,7 +41,6 @@ if [ -z "$BUILDER_EXISTS" ]; then docker buildx create --use --platform=linux/arm64,linux/amd64,linux/arm/v7 --name $BUILDER_NAME else echo "Builder $BUILDER_NAME already exists. Using it." - docker buildx use $BUILDER_NAME fi # Ensure the builder is bootstrapped and ready to use @@ -63,7 +62,7 @@ else args+=( --load ) fi -docker buildx build "${args[@]}" -t $base:$tag -t $base:latest -f Dockerfile . +docker buildx build --builder $BUILDER_NAME "${args[@]}" -t $base:$tag -t $base:latest -f Dockerfile . # Check if archs contains the current. If so, then output a message! if [[ -z "${CI:-}" ]] && [[ " ${archs[@]} " =~ " ${current} " ]]; then From 3b455a801d2c93b14b14355f04bf5be43b1e055e Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Wed, 5 Jun 2024 17:34:31 +0300 Subject: [PATCH 4/5] --load does not work for multiarch images See: https://github.com/docker/buildx/issues/59#issuecomment-616061869 --- scripts/build.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/build.sh b/scripts/build.sh index 2fac5e04..9060cb4e 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -58,8 +58,6 @@ for arch in "${archs[@]}"; do done if [ "$push" = true ]; then args+=( --push ) -else - args+=( --load ) fi docker buildx build --builder $BUILDER_NAME "${args[@]}" -t $base:$tag -t $base:latest -f Dockerfile . From 5a969c7359776ad713494f157403b91c53abdf95 Mon Sep 17 00:00:00 2001 From: Muhammad Atif Ali Date: Wed, 5 Jun 2024 17:38:20 +0300 Subject: [PATCH 5/5] only build amd64 when on PR --- .github/workflows/ci.yaml | 2 -- scripts/build.sh | 2 ++ 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 81c1fb2f..6dc12b3d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -98,8 +98,6 @@ jobs: ./scripts/build.sh \ --arch=amd64 \ - --arch=arm64 \ - --arch=arm \ --base=$BASE \ --tag=$VERSION diff --git a/scripts/build.sh b/scripts/build.sh index 9060cb4e..2fac5e04 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -58,6 +58,8 @@ for arch in "${archs[@]}"; do done if [ "$push" = true ]; then args+=( --push ) +else + args+=( --load ) fi docker buildx build --builder $BUILDER_NAME "${args[@]}" -t $base:$tag -t $base:latest -f Dockerfile .