Switch to docker secrets #106
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CI Full Run" | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| - grok/*/* | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - "v*" | |
| jobs: | |
| # Tests ci-storage tool and action itself. | |
| ci-storage-tool-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Create dummy file | |
| run: | | |
| echo "dummy" > dummy.txt | |
| echo -n "" > ~/ci-storage-host | |
| - name: Test store | |
| uses: ./ | |
| with: | |
| action: "store" | |
| - name: Remove dummy file | |
| run: rm dummy.txt | |
| - name: Test load | |
| uses: ./ | |
| with: | |
| action: "load" | |
| - name: Check that dummy file was restored | |
| run: | | |
| set -e | |
| ls -la ~/ci-storage/dimikot/ci-storage | |
| [ "$(cat dummy.txt)" = "dummy" ] || { echo "dummy.txt was not restored"; exit 1; } | |
| # Builds and boots a self-hosted runner inside GitHub's infra. Once it's | |
| # settled, there is a running container with one self-hosted runner waiting | |
| # for jobs with "ci-storage-test" tag to pick up (based on Dockerfile image). | |
| build-and-boot-containers: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Start test Docker containers | |
| run: | | |
| exec 2>&1; set -e -o xtrace | |
| cd docker | |
| # Build all containers. | |
| docker compose build --parallel | |
| # Boot "host" container in background. | |
| docker compose up host -d | |
| # Boot "self-hosted-runner" container. It connects to "host" container | |
| # and load a test (non-existent) ci-storage slot from there, then | |
| # register a GitHub self-hosted runner and remain waiting for jobs. | |
| docker compose up self-hosted-runner | |
| env: | |
| GH_REPOSITORY: ${{ github.repository }} | |
| GH_LABELS: ${{ format('ci-storage-test-{0}-{1}', github.run_id, github.run_attempt) }} | |
| GH_TOKEN: ${{ secrets.CI_PAT }} | |
| # Test the job with "ci-storage-test" tag which is initially queued, but then | |
| # is picked up by the self-hosted-runner container booted in the previous job. | |
| # In the end, the test job sends SIGINT to the container entrypoint.sh PID, so | |
| # the container (based on Dockerfile image) shuts down gracefully. | |
| spawn-job-test: | |
| runs-on: | |
| - self-hosted | |
| - ${{ format('ci-storage-test-{0}-{1}', github.run_id, github.run_attempt) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run test job inside the self-hosted runner | |
| run: echo "Hello, world!" | |
| - name: Test store using GitHub Action | |
| uses: ./ | |
| with: | |
| action: "store" | |
| - name: Kill self-hosted runner container | |
| run: kill -SIGINT $(cat ~user/.entrypoint.pid) | |
| # Publishes "host" image to Docker Hub. | |
| push-host: | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' | |
| needs: | |
| - ci-storage-tool-test | |
| - build-and-boot-containers | |
| - spawn-job-test | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/metadata-action@v5 | |
| id: meta | |
| with: | |
| images: dimikot/ci-storage-host | |
| - uses: docker/login-action@v3 | |
| with: | |
| username: dimikot | |
| password: ${{ secrets.DOCKERHUB_PAT }} | |
| - uses: docker/build-push-action@v5 | |
| with: | |
| context: docker/host | |
| platforms: linux/amd64,linux/arm64,linux/arm64/v8 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| - uses: peter-evans/dockerhub-description@v3 | |
| with: | |
| username: dimikot | |
| password: ${{ secrets.DOCKERHUB_PAT }} | |
| readme-filepath: docker/host/README.md | |
| repository: dimikot/ci-storage-host | |
| # Publishes "self-hosted-runner" image to Docker Hub. | |
| push-self-hosted-runner: | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' | |
| needs: | |
| - ci-storage-tool-test | |
| - build-and-boot-containers | |
| - spawn-job-test | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-qemu-action@v3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/metadata-action@v5 | |
| id: meta | |
| with: | |
| images: dimikot/ci-storage-self-hosted-runner | |
| - uses: docker/login-action@v3 | |
| with: | |
| username: dimikot | |
| password: ${{ secrets.DOCKERHUB_PAT }} | |
| - uses: docker/build-push-action@v5 | |
| with: | |
| context: docker/self-hosted-runner | |
| platforms: linux/amd64,linux/arm64,linux/arm64/v8 | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| - uses: peter-evans/dockerhub-description@v3 | |
| with: | |
| username: dimikot | |
| password: ${{ secrets.DOCKERHUB_PAT }} | |
| readme-filepath: docker/self-hosted-runner/README.md | |
| repository: dimikot/ci-storage-self-hosted-runner |