-
Notifications
You must be signed in to change notification settings - Fork 179
127 lines (117 loc) · 4.01 KB
/
builds.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# This workflow is used to build and push one-off images for specific node types. This is useful
# when deploying hotfixes or any time a change is not needed for all node roles.
name: Build Node Docker Images
on:
workflow_dispatch:
inputs:
tag:
type: string
description: 'Git tag/commit'
required: true
docker_tag:
type: string
description: 'Docker tag'
required: true
# GHA doesn't support multi-selects, so simulating it with one boolean for each option
build_access:
type: boolean
description: 'Access'
required: false
build_collection:
type: boolean
description: 'Collection'
required: false
build_consensus:
type: boolean
description: 'Consensus'
required: false
build_execution:
type: boolean
description: 'Execution'
required: false
build_verification:
type: boolean
description: 'Verification'
required: false
build_observer:
type: boolean
description: 'Observer'
required: false
include_without_netgo:
type: boolean
description: 'Build `without_netgo` images'
required: false
jobs:
# matrix_builder generates a matrix that includes the roles selected in the input
matrix_builder:
name: Setup build jobs
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.generate.outputs.matrix }}
steps:
- name: Print all input variables
run: echo '${{ toJson(inputs) }}' | jq
- id: generate
run: |
roles=()
if [[ "${{ inputs.build_access }}" = "true" ]]; then
roles+=( "access" )
fi
if [[ "${{ inputs.build_collection }}" = "true" ]]; then
roles+=( "collection" )
fi
if [[ "${{ inputs.build_consensus }}" = "true" ]]; then
roles+=( "consensus" )
fi
if [[ "${{ inputs.build_execution }}" = "true" ]]; then
roles+=( "execution" )
fi
if [[ "${{ inputs.build_verification }}" = "true" ]]; then
roles+=( "verification" )
fi
if [[ "${{ inputs.build_observer }}" = "true" ]]; then
roles+=( "observer" )
fi
rolesJSON=$(jq --compact-output --null-input '$ARGS.positional' --args -- "${roles[@]}")
echo "matrix={\"role\":$(echo $rolesJSON)}" >> $GITHUB_OUTPUT
docker-push:
name: ${{ matrix.role }} images
runs-on: ubuntu-latest
needs: matrix_builder
# setup jobs for each role
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.matrix_builder.outputs.matrix) }}
steps:
- name: Setup Go
uses: actions/setup-go@v2
with:
go-version: '1.19'
- name: Checkout repo
uses: actions/checkout@v2
with:
ref: ${{ inputs.tag }}
# Provide Google Service Account credentials to Github Action, allowing interaction with the Google Container Registry
# Logging in as github-actions@dl-flow.iam.gserviceaccount.com
- id: auth
uses: google-github-actions/auth@v1
with:
credentials_json: ${{ secrets.GCR_SERVICE_KEY_SECRET }}
- name: Set up Google Cloud SDK
uses: google-github-actions/setup-gcloud@v1
- name: Authenticate docker with gcloud
run: |
gcloud auth configure-docker
- name: Build/Push ${{ matrix.role }} images
env:
IMAGE_TAG: ${{ inputs.docker_tag }}
GITHUB_CREDS: "machine github.com login ${{ secrets.REPO_SYNC_USER }} password ${{ secrets.REPO_SYNC }}"
run: |
make docker-build-${{ matrix.role }} docker-push-${{ matrix.role }}
- name: Build/Push ${{ matrix.role }} without_netgo images
if: ${{ inputs.include_without_netgo }}
env:
IMAGE_TAG: ${{ inputs.docker_tag }}
GITHUB_CREDS: "machine github.com login ${{ secrets.REPO_SYNC_USER }} password ${{ secrets.REPO_SYNC }}"
run: |
make docker-build-${{ matrix.role }}-without-netgo docker-push-${{ matrix.role }}-without-netgo