Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(superchain): arm64 support #2949

Merged
merged 32 commits into from
Aug 16, 2021
Merged

feat(superchain): arm64 support #2949

Show file tree
Hide file tree
Changes from 29 commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
3bf6e70
feat(superchain): arm64 support
RomainMuller Aug 11, 2021
970a3ba
manually enable buildkit
RomainMuller Aug 11, 2021
9772aac
enable docker experimental
RomainMuller Aug 11, 2021
ca6bb94
no more squashing, sadly
RomainMuller Aug 11, 2021
415347c
setup QEMU
RomainMuller Aug 11, 2021
c77005d
enable docker buildkit
RomainMuller Aug 11, 2021
15a7161
undo breaking change
RomainMuller Aug 11, 2021
ac977e6
correct install of corretto
RomainMuller Aug 11, 2021
2e77ef9
stop tying to $ARCH
RomainMuller Aug 11, 2021
e1ac54a
add missing arguments
RomainMuller Aug 11, 2021
30254cb
add python3-venv
RomainMuller Aug 11, 2021
584340d
make rust available so that pythoon cryptography can be used on ARM64
RomainMuller Aug 11, 2021
3b1e132
fix indent
RomainMuller Aug 11, 2021
9ca99ae
add openssl headers
RomainMuller Aug 11, 2021
8e5e0a8
fix dotnet install on ARM
RomainMuller Aug 12, 2021
fb7aef8
always install powershell and dotnet in the same way
RomainMuller Aug 12, 2021
63f809a
use bash-friendly substitutions
RomainMuller Aug 12, 2021
188aa51
polish up build a bit further
RomainMuller Aug 12, 2021
43db68e
Correctly unpack go
RomainMuller Aug 12, 2021
4a19e7d
fix go & add sudo + non-root user
RomainMuller Aug 13, 2021
1bad3d7
fixup user
RomainMuller Aug 13, 2021
d506d7a
fix test directory permissions
RomainMuller Aug 13, 2021
25987e8
Make CARGO_HOME world-writable
RomainMuller Aug 13, 2021
da33fd9
enable CI=true operation
RomainMuller Aug 13, 2021
2dc5322
limit parallism of buildkit
RomainMuller Aug 13, 2021
967b158
sequential tests
RomainMuller Aug 13, 2021
2c42d1f
store PR validation layer cache to GH cache
RomainMuller Aug 13, 2021
b6e6d60
Merge branch 'main' into rmuller/superchain-arm64
RomainMuller Aug 16, 2021
fc8a2b8
Update Dockerfile
RomainMuller Aug 16, 2021
a3e4eb0
Update Dockerfile
RomainMuller Aug 16, 2021
30923ea
upgrade to maven 3.8.2
RomainMuller Aug 16, 2021
e8ba13d
Merge remote-tracking branch 'origin/main' into rmuller/superchain-arm64
RomainMuller Aug 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
158 changes: 132 additions & 26 deletions .github/workflows/docker-images.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ on:
push:
branches: [main, release]

env:
DOCKER_BUILDKIT: 1

jobs:
superchain:
name: jsii/superchain
Expand All @@ -17,8 +20,8 @@ jobs:
matrix:
node: ['10', '14']
env:
# Node version whose images will be aliased to 'nightly' and 'latest'
DEFAULT_NODE_MAJOR_VERSION: 10
# Node version whose images will be aliased without the -nodeXX segment
DEFAULT_NODE_MAJOR_VERSION: 12
steps:
- name: Check out
uses: actions/checkout@v2.3.4
Expand Down Expand Up @@ -58,48 +61,151 @@ jobs:
# Ensure we run with bash, because that's the syntax we're using here...
shell: bash

- name: Set up QEMU
uses: docker/setup-qemu-action@v1
with:
platforms: arm64

- name: Set up docker buildx
id: buildx
if: steps.should-run.outputs.result == 'true'
uses: docker/setup-buildx-action@v1

# We only restore GH cache if we are not going to publish the result (i.e: PR validation)
- name: Set up layer cache
if: steps.should-run.outputs.result == 'true' && github.event_name != 'push'
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ hashFiles('superchain/*') }}-${{ github.sha }}
restore-keys: |-
${{ runner.os }}-buildx-${{ hashFiles('superchain/*') }}-
${{ runner.os }}-buildx-

- name: Determine build time
id: build-time
if: steps.should-run.outputs.result == 'true'
run: |-
echo "::set-output name=value::$(date -u +'%Y-%m-%dT%H:%M:%SZ')"

- name: Build Image
if: steps.should-run.outputs.result == 'true'
run: |-
docker build \
--pull \
--build-arg BUILD_TIMESTAMP="$(date -u +'%Y-%m-%dT%H:%M:%SZ')" \
--build-arg COMMIT_ID='${{ github.sha }}' \
--build-arg NODE_MAJOR_VERSION=${{ matrix.node }} \
--tag "jsii/superchain:node${{ matrix.node }}-nightly" \
./superchain
- name: Test Image
docker buildx build \
--builder ${{ steps.buildx.outputs.name }} \
--platform linux/amd64,linux/arm64 \
--target superchain \
--cache-from type=local,src=/tmp/.buildx-cache \
--cache-to type=local,dest=/tmp/.buildx-cache-out \
--pull \
--build-arg BUILD_TIMESTAMP="${{ steps.build-time.outputs.value }}" \
--build-arg COMMIT_ID='${{ github.sha }}' \
--build-arg NODE_MAJOR_VERSION=${{ matrix.node }} \
-f superchain/Dockerfile \
.

# Replace the cache so it does not grow forever
- name: Update layer cache
if: always() && steps.should-run.outputs.result == 'true'
run: |-
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-out /tmp/.buildx-cache

# Testing sequentially, because in parallel it's too slow due to IO contention
- name: Test Image (AMD64)
if: steps.should-run.outputs.result == 'true'
run: |-
docker buildx build \
--builder ${{ steps.buildx.outputs.name }} \
--platform linux/amd64 \
--target superchain \
--cache-from type=local,src=/tmp/.buildx-cache \
--cache-to type=local,dest=/tmp/.buildx-cache \
--build-arg BUILD_TIMESTAMP="${{ steps.build-time.outputs.value }}" \
--build-arg COMMIT_ID='${{ github.sha }}' \
--build-arg NODE_MAJOR_VERSION=${{ matrix.node }} \
-f superchain/Dockerfile \
.
- name: Test Image (ARM64)
if: steps.should-run.outputs.result == 'true'
run: |-
docker run \
--rm \
--tty \
--network=host \
-v${{ github.workspace }}:${{ github.workspace }} \
-w${{ github.workspace }} \
"jsii/superchain:node${{ matrix.node }}-nightly" \
bash -c "yarn install --frozen-lockfile && yarn build && yarn test"
docker buildx build \
--builder ${{ steps.buildx.outputs.name }} \
--platform linux/arm64 \
--target superchain \
--cache-from type=local,src=/tmp/.buildx-cache \
--cache-to type=local,dest=/tmp/.buildx-cache \
--build-arg BUILD_TIMESTAMP="${{ steps.build-time.outputs.value }}" \
--build-arg COMMIT_ID='${{ github.sha }}' \
--build-arg NODE_MAJOR_VERSION=${{ matrix.node }} \
-f superchain/Dockerfile \
.

# Only when puhsing to main/release from now on
- name: Publish (nightly)
if: steps.should-run.outputs.result == 'true' && github.event_name == 'push' && github.ref != 'refs/heads/release'
run: |-
docker push jsii/superchain:node${{ matrix.node }}-nightly
docker buildx build \
--builder ${{ steps.buildx.outputs.name }} \
--platform linux/amd64,linux/arm64 \
--target superchain \
--cache-from type=local,src=/tmp/.buildx-cache \
--cache-to type=local,dest=/tmp/.buildx-cache \
--push \
--build-arg BUILD_TIMESTAMP="${{ steps.build-time.outputs.value }}" \
--build-arg COMMIT_ID='${{ github.sha }}' \
--build-arg NODE_MAJOR_VERSION=${{ matrix.node }} \
--tag "jsii/superchain:1-buster-slim-node${{ matrix.node }}-nightly"\
-f superchain/Dockerfile \
.

# If the current version is the default version, also tag this with the unqualified ':nightly' label
if [[ "${{ matrix.node }}" == "$DEFAULT_NODE_MAJOR_VERSION" ]]; then
docker tag jsii/superchain:node${{ matrix.node }}-nightly jsii/superchain:nightly
docker push jsii/superchain:nightly
docker buildx build \
--builder ${{ steps.buildx.outputs.name }} \
--platform linux/amd64,linux/arm64 \
--target superchain \
--cache-from type=local,src=/tmp/.buildx-cache \
--cache-to type=local,dest=/tmp/.buildx-cache \
--push \
--build-arg BUILD_TIMESTAMP="${{ steps.build-time.outputs.value }}" \
--build-arg COMMIT_ID='${{ github.sha }}' \
--build-arg NODE_MAJOR_VERSION=${{ matrix.node }} \
--tag "jsii/superchain:1-buster-slim-nightly" \
-f superchain/Dockerfile \
.
fi
- name: Publish (latest)
if: steps.should-run.outputs.result == 'true' && github.event_name == 'push' && github.ref == 'refs/heads/release'
run: |-
# Alias 'nodeX-nightly's to 'nodeX', then push
docker tag jsii/superchain:node${{ matrix.node }}-nightly jsii/superchain:node${{ matrix.node }}
docker push jsii/superchain:node${{ matrix.node }}
docker buildx build \
--builder ${{ steps.buildx.outputs.name }} \
--platform linux/amd64,linux/arm64 \
--target superchain \
--cache-from type=local,src=/tmp/.buildx-cache \
--cache-to type=local,dest=/tmp/.buildx-cache \
--push \
--build-arg BUILD_TIMESTAMP="${{ steps.build-time.outputs.value }}" \
--build-arg COMMIT_ID='${{ github.sha }}' \
--build-arg NODE_MAJOR_VERSION=${{ matrix.node }} \
--tag "jsii/superchain:1-buster-slim-node${{ matrix.node }}" \
-f superchain/Dockerfile \
.

# If the current version is the default version, also tag this with the unqualified ':latest' label
# If the current version is the default version, also tag this with the unqualified ':1-*' label
if [[ "${{ matrix.node }}" == "$DEFAULT_NODE_MAJOR_VERSION" ]]; then
docker tag jsii/superchain:node${{ matrix.node }} jsii/superchain:latest
docker push jsii/superchain:latest
docker buildx build \
--builder ${{ steps.buildx.outputs.name }} \
--platform linux/amd64,linux/arm64 \
--target superchain \
--cache-from type=local,src=/tmp/.buildx-cache \
--cache-to type=local,dest=/tmp/.buildx-cache \
--push \
--build-arg BUILD_TIMESTAMP="${{ steps.build-time.outputs.value }}" \
--build-arg COMMIT_ID='${{ github.sha }}' \
--build-arg NODE_MAJOR_VERSION=${{ matrix.node }} \
--tag "jsii/superchain:1-buster-slim" \
-f superchain/Dockerfile \
.
fi
2 changes: 2 additions & 0 deletions superchain/.dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
/.dockerignore
/build-local.sh
Loading