-
Notifications
You must be signed in to change notification settings - Fork 542
131 lines (117 loc) · 5.55 KB
/
push-mimir-build-image.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: Build and Push mimir-build-image
# configure trigger by pull request
on:
pull_request:
types: [opened, synchronize]
paths:
- mimir-build-image/Dockerfile
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
cancel-in-progress: true
jobs:
build_and_push:
runs-on: ubuntu-latest
permissions:
# Allow pushing to the GitHub repo for collaborators, forks should remain read-only
contents: write
# Allow PR modification for collaborators, forks should remain read-only
pull-requests: write
# We want to allow running github actions for all contributors, but don't want all contributors to be able to
# publish new build images just by sending the PR. Hence this change.
if: ${{ contains(fromJSON('["OWNER", "MEMBER"]'), github.event.pull_request.author_association )}} || github.actor == 'renovate[bot]'
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Checkout Pull Request Branch
run: gh pr checkout ${{ github.event.pull_request.number }}
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Prepare Variables
id: prepare
run: |
echo "path=mimir-build-image/Dockerfile" >> $GITHUB_OUTPUT
main_build_image=$(make print-build-image)
main_image_tag=$(echo $main_build_image | cut -d ':' -f 2)
image_name=$(echo $main_build_image | cut -d ':' -f 1)
echo "image=$image_name" >> $GITHUB_OUTPUT
echo "main_image_tag=$main_image_tag" >> $GITHUB_OUTPUT
- name: Compute Image Tag
id: compute_hash
run: |
current_hash=$(md5sum ${{ steps.prepare.outputs.path }} | awk '{print substr($1, 0, 10)}')
echo "the file path is ${{ steps.prepare.outputs.path }}"
echo "build tag is $current_hash"
tag="pr${{ github.event.pull_request.number }}-$current_hash"
echo "tag=$tag" >> $GITHUB_OUTPUT
- name: Check Should Build Image
id: check_build
run: |
echo "Checking if image should be built"
if skopeo inspect --raw "docker://${{ steps.prepare.outputs.image }}:${{ steps.compute_hash.outputs.tag }}" >/dev/null 2>&1; then
echo "build=false" >> $GITHUB_OUTPUT
echo "Tag ${{ steps.compute_hash.outputs.tag }} exists"
else
echo "Tag ${{ steps.compute_hash.outputs.tag }} does not exist"
echo "build=true" >> $GITHUB_OUTPUT
fi
- name: Add Comment to the PR
id: notification
run: |
if [ ${{ steps.check_build.outputs.build }} == 'true' ]; then
gh pr comment $PR_NUMBER --body "**Building new version of mimir-build-image**. After image is built and pushed to Docker Hub, \
a new commit will automatically be added to this PR with new image version \`$IMAGE:$TAG\`. This can take up to 1 hour."
else
echo "This PR will not trigger a build of mimir-build-image"
gh pr comment $PR_NUMBER --body "**Not building new version of mimir-build-image**. This PR modifies \`mimir-build-image/Dockerfile\`, but the image \`$IMAGE:$TAG\` already exists."
fi
env:
PR_NUMBER: ${{ github.event.pull_request.number }}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
TAG: ${{ steps.compute_hash.outputs.tag }}
IMAGE: ${{ steps.prepare.outputs.image }}
- name: Build and Push Docker Image
if: steps.check_build.outputs.build == 'true'
run: |
echo "Building and Pushing Docker Image"
make push-multiarch-build-image IMAGE_TAG=${{ steps.compute_hash.outputs.tag }}
- name: Compare built tag with Makefile
id: compare_tag
run: |
echo "Comparing built tag with Makefile"
if [ ${{ steps.compute_hash.outputs.tag }} == "$(make print-build-image)" ]; then
echo "Built tag is the same as the one in Makefile"
echo "isDifferent=false" >> $GITHUB_OUTPUT
else
echo "Built tag is different from the one in Makefile"
echo "isDifferent=true" >> $GITHUB_OUTPUT
fi
- name: Add commit to PR in order to update Build Image version
if: steps.compare_tag.outputs.isDifferent == 'true'
run: |
echo "Get current Build Image Version"
echo "Current Build Image Version is $MAIN_TAG"
echo "Built Image Version is $TAG"
if [ "$MAIN_TAG" = "$TAG" ]; then
echo "Build Image Version is already up to date"
else
echo "Build Image Version is not up to date"
sed -i "s/$MAIN_TAG/${{ steps.compute_hash.outputs.tag }}/g" Makefile
git config --global user.email "${{ github.event.pull_request.user.login }}@users.noreply.github.com"
git config --global user.name "${{ github.event.pull_request.user.login }}"
git add Makefile
git commit -m "Update build image version to ${{ steps.compute_hash.outputs.tag }}"
git push origin HEAD
fi
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
TAG: ${{ steps.compute_hash.outputs.tag }}
MAIN_TAG: ${{ steps.prepare.outputs.main_image_tag }}