use earthly to build multiarch images (#92)

* use earthly to build multiarch images * try and speed up a 26 minute build :gasp:
zapier · Dec 19, 2023 · 1a38e5d · 1a38e5d
1 parent b206f2e
commit 1a38e5d
Show file tree

Hide file tree

Showing 6 changed files with 71 additions and 206 deletions.
diff --git a/.github/actions/build-image/action.yaml b/.github/actions/build-image/action.yaml
@@ -0,0 +1,48 @@
+name: Build multiarch image
+description: Builds a multiarch image
+
+inputs:
+  image_tag:
+    description: The image tag
+    required: true
+  token:
+    description: Github token
+    required: true
+
+outputs:
+  image:
+    description: The full image name and tag
+    value: ghcr.io/${{ github.repository }}:${{ inputs.image_tag }}
+
+runs:
+  using: composite
+
+  steps:
+    - uses: docker/setup-qemu-action@v1
+      with:
+        image: tonistiigi/binfmt:latest
+        platforms: all
+
+    - uses: wistia/[email protected]
+
+    - uses: earthly/actions-setup@v1
+      with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" }
+
+    - name: login to registry
+      uses: docker/login-action@v1
+      with:
+        registry: ghcr.io
+        username: ${{ github.repository_owner }}
+        password: ${{ inputs.token }}
+
+    - name: Build and push the Docker image
+      shell: bash
+      run: |
+        GIT_COMMIT=$(git rev-parse --short HEAD)
+        
+        earthly \
+          --push \
+          +build \
+            --GIT_TAG=${{ inputs.image_tag }} \
+            --GIT_COMMIT=${GIT_COMMIT} \
+            --IMAGE_NAME=ghcr.io/${{ github.repository }}:${{ inputs.image_tag }}
diff --git a/.github/workflows/on_pull_request.yaml b/.github/workflows/on_pull_request.yaml
@@ -15,10 +15,8 @@ on:
       - synchronize
 
 env:
-  FS_IMAGE: ghcr.io/${{ github.repository }}
   FS_TAG: 0.0.0-pr${{ github.event.pull_request.number }}
 
-# TODO: Move this to repo config
 jobs:
   build:
     runs-on: ubuntu-22.04
@@ -28,48 +26,16 @@ jobs:
       packages: write
       pull-requests: write
 
-    strategy:
-      matrix:
-        platform:
-          - linux/amd64
-#          - linux/arm64
-
     steps:
-      - name: Set up QEMU
-        id: qemu
-        uses: docker/setup-qemu-action@v1
-        with:
-          image: tonistiigi/binfmt:latest
-          platforms: all
-        if: matrix.platform == 'linux/arm64'
-
       - uses: actions/checkout@v3
 
-      - name: extract git sha
-        run: echo "GIT_SHA_SHORT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
-
-      # Reads in .tools-versions and spits out env variables
-      - uses: wistia/[email protected]
-
-      - uses: docker/login-action@v2
+      - uses: ./.github/actions/build-image
+        id: build-image
         with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - uses: earthly/actions-setup@v1
-        with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" }
-
-      - run: |
-          earthly \
-            --push \
-            --platform ${{ matrix.platform }} \
-            +docker \
-              --GIT_COMMIT=${{ env.GIT_SHA_SHORT }} \
-              --GIT_TAG=${{ env.FS_TAG }} \
-              --IMAGE_NAME=${{ env.FS_IMAGE }}:${{ env.FS_TAG }}
+          image_tag: ${{ env.FS_TAG }}
+          token: ${{ secrets.GITHUB_TOKEN }}
 
       - uses: mshick/add-pr-comment@v2
         with:
           message: |
-            Temporary image available at `${{ env.FS_IMAGE }}:${{ env.FS_TAG }}`.
+            Temporary image available at `${{ steps.build-image.outputs.image }}`.
diff --git a/.github/workflows/on_push_to_main.yaml b/.github/workflows/on_push_to_main.yaml
@@ -7,112 +7,22 @@ env:
   FS_IMAGE: ghcr.io/${{ github.repository }}
 
 jobs:
-  set-version:
-    runs-on: ubuntu-22.04
-
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          # need to get everything so that 'git describe' works
-          fetch-depth: 0
-
-      - run: |
-          echo "export GIT_COMMIT=$(git rev-parse --short HEAD)" >> vars.sh
-          echo "export GIT_TAG=$(git describe)" >> vars.sh
-
-      - uses: actions/upload-artifact@v3
-        with:
-          name: vars.sh
-          path: vars.sh
-
   release-docker:
     runs-on: ubuntu-22.04
 
-    needs:
-      - set-version
-
     permissions:
       contents: read
       packages: write
 
-    strategy:
-      matrix:
-        platform:
-#          - { earthly: linux/arm64, suffix: linux-arm64 }
-          - { earthly: linux/amd64, suffix: linux-amd64 }
-
     steps:
-      - name: Set up QEMU
-        id: qemu
-        uses: docker/setup-qemu-action@v1
-        with:
-          image: tonistiigi/binfmt:latest
-          platforms: all
-        if: matrix.platform == 'linux/arm64'
-
       - uses: actions/checkout@v3
 
-      - uses: wistia/[email protected]
-
-      - uses: earthly/actions-setup@v1
-        with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" }
-
-      - name: login to registry
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - uses: actions/download-artifact@v3
-        with:
-          name: vars.sh
-
-      - name: Build and push the Docker image
-        run: |
-          source vars.sh
-          
-          ./earthly \
-            --platform ${{ matrix.platform.earthly }} \
-            --push \
-            +docker \
-              --GIT_TAG=${GIT_TAG} \
-              --GIT_COMMIT=${GIT_COMMIT} \
-              --IMAGE_NAME=${{ env.FS_IMAGE }}:${GIT_TAG}-${{ matrix.platform.suffix }}
-
-  release-multiarch:
-    runs-on: ubuntu-22.04
-
-    needs:
-      - release-docker
-
-    permissions:
-      packages: write
-
-    steps:
-      - name: login to registry
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - uses: actions/download-artifact@v3
-        with:
-          name: vars.sh
-
-      - name: extract sha
-        run: |
-          source vars.sh
-          echo "GIT_TAG=${GIT_TAG}" >> "$GITHUB_OUTPUT"
-        id: vars
+      - run: echo "GIT_TAG=$(git describe)" >> $GITHUB_ENV
 
-      - uses: int128/docker-manifest-create-action@v1
+      - uses: ./.github/actions/build-image
         with:
-          tags: ghcr.io/${{ github.repository_owner }}/kubechecks:${{ steps.vars.outputs.GIT_TAG }}
-          suffixes: |
-            -linux-amd64
-#            -linux-arm64
+          image_tag: ${{ env.GIT_TAG }}
+          token: ${{ secrets.GITHUB_TOKEN }}
 
   release-helm:
     runs-on: ubuntu-22.04

diff --git a/.github/workflows/on_release_published.yaml b/.github/workflows/on_release_published.yaml
@@ -13,74 +13,10 @@ jobs:
       contents: read
       packages: write
 
-    strategy:
-      matrix:
-        platform:
-#          - { earthly: linux/arm64, suffix: linux-arm64 }
-          - { earthly: linux/amd64, suffix: linux-amd64 }
-
     steps:
-      - name: Set up QEMU
-        id: qemu
-        uses: docker/setup-qemu-action@v1
-        with:
-          image: tonistiigi/binfmt:latest
-          platforms: all
-        if: matrix.platform == 'linux/arm64'
-
       - uses: actions/checkout@v3
 
-      - uses: wistia/[email protected]
-
-      - uses: earthly/actions-setup@v1
-        with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" }
-
-      - name: extract tag and sha
-        run: |
-          echo "GIT_COMMIT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
-          echo "GIT_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
-
-      - name: login to registry
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push the Docker image
-        run: |
-          earthly \
-            --platform ${{ matrix.platform.earthly }} \
-            --push \
-            +docker \
-              --GIT_TAG=${{ env.GIT_TAG }} \
-              --GIT_COMMIT=${{ env.GIT_COMMIT }} \
-              --IMAGE_NAME=ghcr.io/${{ github.repository_owner }}/kubechecks:${{ env.GIT_TAG }}-${{ matrix.platform.suffix }}
-
-  release-multiarch:
-    runs-on: ubuntu-22.04
-
-    needs:
-      - release-docker
-
-    permissions:
-      packages: write
-
-    steps:
-      - name: extract tag and sha
-        run: |
-          echo "GIT_RELEASE_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
-
-      - name: login to registry
-        uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - uses: int128/docker-manifest-create-action@v1
+      - uses: ./.github/actions/build-image
         with:
-          tags: ghcr.io/${{ github.repository_owner }}/kubechecks:${{ env.GIT_RELEASE_TAG }}
-          suffixes: |
-            -linux-amd64
-#            -linux-arm64
+          image_tag: ${{ github.ref }}
+          token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.tool-versions b/.tool-versions
@@ -1,4 +1,4 @@
-earthly 0.7.22
+earthly 0.7.23
 golang 1.19.11
 helm 3.12.2
 helm-cr 1.6.1

diff --git a/Earthfile b/Earthfile
@@ -23,7 +23,10 @@ release:
 
 go-deps:
     ARG GOLANG_VERSION="1.19.3"
-    FROM golang:$GOLANG_VERSION-bullseye
+    ARG GOOS=linux
+    ARG GOARCH=amd64
+
+    FROM --platform=linux/amd64 golang:$GOLANG_VERSION-bullseye
 
     ENV GO111MODULE=on
     ENV CGO_ENABLED=0
@@ -58,24 +61,26 @@ test-golang:
     RUN go test ./...
 
 build-binary:
-    FROM +go-deps
-
     ARG GOOS=linux
     ARG GOARCH=amd64
     ARG VARIANT
     ARG --required GIT_TAG
     ARG --required GIT_COMMIT
 
+    FROM --platform=linux/amd64 +go-deps
+
     WORKDIR /src
     COPY . /src
     RUN GOARM=${VARIANT#v} go build -ldflags "-X github.com/zapier/kubechecks/pkg.GitCommit=$GIT_COMMIT -X github.com/zapier/kubechecks/pkg.GitTag=$GIT_TAG" -o kubechecks
     SAVE ARTIFACT kubechecks
 
 docker:
-    FROM ubuntu:20.04
     ARG --required IMAGE_NAME
+    ARG TARGETPLATFORM
+    ARG TARGETARCH
     ARG TARGETVARIANT
 
+    FROM --platform=$TARGETPLATFORM ubuntu:20.04
     RUN apt update && apt install -y ca-certificates curl git
 
     WORKDIR /tmp
@@ -110,7 +115,7 @@ docker:
     VOLUME /app/policies
     VOLUME /app/schemas
 
-    COPY (+build-binary/kubechecks --GOARCH=amd64 --VARIANT=$TARGETVARIANT) .
+    COPY (+build-binary/kubechecks --platform=linux/amd64 --GOARCH=$TARGETARCH --VARIANT=$TARGETVARIANT) .
     RUN ./kubechecks help
 
     CMD ["./kubechecks", "controller"]