-
-
Notifications
You must be signed in to change notification settings - Fork 68
139 lines (127 loc) · 4.91 KB
/
entrypoint_pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: External PR tests
on:
pull_request:
branches:
- dev
- "*.*.*"
- "*.*.*b*"
paths-ignore: # not always respected. See https://github.com/actions/runner/issues/2324#issuecomment-1703345084
- ".github/**"
- "**.md"
env:
# fake local registry for base and final images
FAKE_LOCAL_REGISTRY: "nwodtuhs/exegol-local"
BASE_IMAGE_TAG: "base"
BASE_IMAGE_DOCKERFILE: "./sources/dockerfiles/base.dockerfile"
# final image parameters
IMAGE_TARGET_REGISTRY: "nwodtuhs/exegol-preprod"
DOCKERFILE: "./sources/dockerfiles/Dockerfile"
# creating a separate concurrency group for each PR
# so that our "PR checks" are always running for the latest commit in the PR
# and as PRs are updated we want to make sure "in progress" jobs are killed so we don't waste resources
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
jobs:
# https://github.com/orgs/community/discussions/26671, "can’t pass ENV variables to the reusable workflow"
init:
name: Initialize
runs-on: self-hosted
outputs:
FAKE_LOCAL_REGISTRY: ${{ steps.varset.outputs.FAKE_LOCAL_REGISTRY }}
IMAGE_TAG: ${{ steps.varset.outputs.IMAGE_TAG }}
IMAGE_VERSION: ${{ steps.varset.outputs.IMAGE_VERSION }}
DOCKERFILE: ${{ steps.varset.outputs.DOCKERFILE }}
BASE_IMAGE_TAG: ${{ steps.varset.outputs.BASE_IMAGE_TAG }}
BASE_IMAGE_DOCKERFILE: ${{ steps.varset.outputs.BASE_IMAGE_DOCKERFILE }}
steps:
- name: Setting variables
id: varset
run: |
PR_NUMBER=$(echo ${{ github.ref }} | awk 'BEGIN { FS = "/" } ; { print $3 }')
echo "FAKE_LOCAL_REGISTRY=${{ env.FAKE_LOCAL_REGISTRY }}" >> $GITHUB_OUTPUT
echo "IMAGE_TAG=PR${PR_NUMBER}" >> $GITHUB_OUTPUT
echo "DOCKERFILE=${{ env.DOCKERFILE }}" >> $GITHUB_OUTPUT
echo "BASE_IMAGE_TAG=${{ env.BASE_IMAGE_TAG }}" >> $GITHUB_OUTPUT
echo "BASE_IMAGE_DOCKERFILE=${{ env.BASE_IMAGE_DOCKERFILE }}" >> $GITHUB_OUTPUT
cat $GITHUB_OUTPUT
code_check:
name: Code compliance check
uses: ./.github/workflows/sub_code_check.yml
build_base:
name: Base image build
needs: [ init, code_check ]
# only running build if ccc was a success
if: needs.code_check.result == 'success'
strategy:
fail-fast: false
matrix:
arch: [ arm64, amd64 ]
uses: ./.github/workflows/sub_build_belt.yml
with:
# ex: nwodtuhs/exegol-local
IMAGE_REGISTRY: ${{ needs.init.outputs.FAKE_LOCAL_REGISTRY }}
# ex: base
IMAGE_TAG: ${{ needs.init.outputs.BASE_IMAGE_TAG }}
# ex: base-PR123-arm64
IMAGE_NAME: ${{ needs.init.outputs.BASE_IMAGE_TAG }}-${{ needs.init.outputs.IMAGE_TAG }}-${{ matrix.arch }}
# ex: base.dockerfile
DOCKERFILE: ${{ needs.init.outputs.BASE_IMAGE_DOCKERFILE }}
# ex: arm64
ARCH: ${{ matrix.arch }}
EXPORT_TOOLS: false
PUSH_IMAGE: false
build:
name: Final image build
needs: [ init, code_check, build_base ]
# only running build if base_build was a success
if: needs.build_base.outputs.build == 'success'
strategy:
fail-fast: false
matrix:
arch: [ arm64, amd64 ]
uses: ./.github/workflows/sub_build_belt.yml
with:
# ex: nwodtuhs/exegol-local
IMAGE_REGISTRY: ${{ needs.init.outputs.FAKE_LOCAL_REGISTRY }}
# ex: PR123
IMAGE_TAG: ${{ needs.init.outputs.IMAGE_TAG }}
# ex: PR123-arm64
IMAGE_NAME: ${{ needs.init.outputs.IMAGE_TAG }}-${{ matrix.arch }}
# ex: Dockerfile
DOCKERFILE: ${{ needs.init.outputs.DOCKERFILE }}
# ex: arm64
ARCH: ${{ matrix.arch }}
# ex: nwodtuhs/exegol-local
BASE_IMAGE_REGISTRY: ${{ needs.init.outputs.FAKE_LOCAL_REGISTRY }}
# ex: base-PR123-arm64
BASE_IMAGE_NAME: ${{ needs.init.outputs.BASE_IMAGE_TAG }}-${{ needs.init.outputs.IMAGE_TAG }}-${{ matrix.arch }}
EXPORT_TOOLS: false
PUSH_IMAGE: false
clean_runners:
name: Clean runner
needs: [ init, build ]
if: always()
# even if this job fails, it won't affect the success/fail status of the whole workflow
continue-on-error: true
strategy:
fail-fast: false
matrix:
arch: [ arm64, amd64 ]
runs-on:
- self-hosted
- builder
- ${{ matrix.arch }}
steps:
- name: List docker images
run: docker image ls
- name: Remove local base image
# always removing image, no need to keep it on the runner
if: always()
# ex: docker rmi nwodtuhs/exegol-local:base-arm64
run: docker rmi ${{ env.FAKE_LOCAL_REGISTRY }}:${{ env.BASE_IMAGE_TAG }}-${{ needs.init.outputs.IMAGE_TAG }}-${{ matrix.arch }}
- name: Remove local final image
# always removing image, no need to keep it on the runner
if: always()
# ex: docker rmi nwodtuhs/exegol-local:PR123-arm64
run: docker rmi ${{ env.FAKE_LOCAL_REGISTRY }}:${{ needs.init.outputs.IMAGE_TAG }}-${{ matrix.arch }}