Pre-release (web) - Release 6.6.6 #36
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Pre-release (web) | |
| run-name: Pre-release (web) - ${{ github.event.pull_request.title }} | |
| on: | |
| pull_request: | |
| title: | |
| - "Release *.*.*" | |
| - "Release *.*.*b*" | |
| types: [labeled] | |
| branches: refacto2 | |
| paths-ignore: | |
| # - ".github/**" | |
| - "**.md" | |
| env: | |
| # intermediate registry in which architecture-specific images and base images must be pushed | |
| INTERMEDIATE_IMAGES_BUILDS_REGISTRY: "nwodtuhs/exegol-builds" | |
| # base image is used as initial layer when building the final image | |
| # TODO uncomment below | |
| # BASE_IMAGE_REGISTRY: "nwodtuhs/exegol-misc-preprod" | |
| BASE_IMAGE_REGISTRY: "nwodtuhs/exegol-misc-dev-preprod" | |
| BASE_IMAGE_TAG: "base" | |
| # final image parameters | |
| # TODO uncomment below | |
| # IMAGE_TARGET_REGISTRY: "nwodtuhs/exegol-preprod" | |
| IMAGE_TARGET_REGISTRY: "nwodtuhs/exegol-dev-preprod" | |
| IMAGE_TAG: "web" | |
| DOCKERFILE: "./sources/dockerfiles/debug.dockerfile" | |
| # ThePorgs/Exegol-docs branch for tools lists export | |
| DOCS_TARGET_BRANCH: "dev-images" | |
| jobs: | |
| # https://github.com/orgs/community/discussions/26671, "can’t pass ENV variables to the reusable workflow" | |
| varset: | |
| if: ${{ github.event.label.name == 'base success' }} | |
| name: Initialize variables | |
| runs-on: self-hosted | |
| outputs: | |
| INTERMEDIATE_IMAGES_BUILDS_REGISTRY: ${{ steps.varset.outputs.INTERMEDIATE_IMAGES_BUILDS_REGISTRY }} | |
| IMAGE_TARGET_REGISTRY: ${{ steps.varset.outputs.IMAGE_TARGET_REGISTRY }} | |
| IMAGE_TAG: ${{ steps.varset.outputs.IMAGE_TAG }} | |
| IMAGE_VERSION: ${{ steps.varset.outputs.IMAGE_VERSION }} | |
| DOCKERFILE: ${{ steps.varset.outputs.DOCKERFILE }} | |
| BASE_IMAGE_REGISTRY: ${{ steps.varset.outputs.BASE_IMAGE_REGISTRY }} | |
| BASE_IMAGE_TAG: ${{ steps.varset.outputs.BASE_IMAGE_TAG }} | |
| DOCS_TARGET_BRANCH: ${{ steps.varset.outputs.DOCS_TARGET_BRANCH }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Setting variables | |
| id: varset | |
| run: | | |
| echo "INTERMEDIATE_IMAGES_BUILDS_REGISTRY=${INTERMEDIATE_IMAGES_BUILDS_REGISTRY}" >> $GITHUB_OUTPUT | |
| echo "IMAGE_TARGET_REGISTRY=${IMAGE_TARGET_REGISTRY}" >> $GITHUB_OUTPUT | |
| echo "IMAGE_TAG=${IMAGE_TAG}" >> $GITHUB_OUTPUT | |
| echo "IMAGE_VERSION=$(echo ${{ github.event.pull_request.title }} | cut -d ' ' -f 2)" >> $GITHUB_OUTPUT | |
| echo "DOCKERFILE=${DOCKERFILE}" >> $GITHUB_OUTPUT | |
| echo "BASE_IMAGE_REGISTRY=${BASE_IMAGE_REGISTRY}" >> $GITHUB_OUTPUT | |
| echo "BASE_IMAGE_TAG=${BASE_IMAGE_TAG}" >> $GITHUB_OUTPUT | |
| echo "DOCS_TARGET_BRANCH=${DOCS_TARGET_BRANCH}" >> $GITHUB_OUTPUT | |
| cat $GITHUB_OUTPUT | |
| code_check: | |
| name: Code compliance check | |
| if: ${{ github.event.label.name == 'base success' }} | |
| uses: ./.github/workflows/sub_code_check.yml | |
| build: | |
| name: Image build | |
| needs: [ varset, code_check ] | |
| if: always() && needs.code_check.result == 'success' && ${{ github.event.label.name == 'base success' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [ arm64, amd64 ] | |
| uses: ./.github/workflows/sub_build_belt.yml | |
| with: | |
| # ex: nwodtuhs/exegol-builds | |
| IMAGE_REGISTRY: ${{ needs.varset.outputs.INTERMEDIATE_IMAGES_BUILDS_REGISTRY }} | |
| # ex: full | |
| IMAGE_TAG: ${{ needs.varset.outputs.IMAGE_TAG }} | |
| # ex: full-1.2.3-arm64 | |
| IMAGE_NAME: ${{ needs.varset.outputs.IMAGE_TAG }}-${{ needs.varset.outputs.IMAGE_VERSION }}-${{ matrix.arch }} | |
| # ex: 1.2.3 | |
| IMAGE_VERSION: ${{ needs.varset.outputs.IMAGE_VERSION }} | |
| # ex: full.dockerfile | |
| DOCKERFILE: ${{ needs.varset.outputs.DOCKERFILE }} | |
| # ex: arm64 | |
| ARCH: ${{ matrix.arch }} | |
| # ex: nwodtuhs/exegol-misc-preprod | |
| BASE_IMAGE_REGISTRY: ${{ needs.varset.outputs.BASE_IMAGE_REGISTRY }} | |
| # ex: base-1.2.3 | |
| BASE_IMAGE_NAME: ${{ needs.varset.outputs.BASE_IMAGE_TAG }}-${{ needs.varset.outputs.IMAGE_VERSION }} | |
| EXPORT_TOOLS: true | |
| DOCS_TARGET_BRANCH: ${{ needs.varset.outputs.DOCS_TARGET_BRANCH }} | |
| PUSH_IMAGE: true | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| EXEGOL_DOCS_SSH_DEPLOY_KEY: ${{ secrets.EXEGOL_DOCS_SSH_DEPLOY_KEY }} | |
| publish: | |
| name: Publish image | |
| needs: [ varset, build ] | |
| if: ${{ github.event.label.name == 'base success' }} && needs.build.result == 'success' | |
| timeout-minutes: 60 | |
| runs-on: self-hosted | |
| # only publishing if the tests were a success (implicit by the success of build). | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| image: [ "${{ needs.varset.outputs.IMAGE_TAG }}", "${{ needs.varset.outputs.IMAGE_TAG }}-${{ needs.varset.outputs.IMAGE_VERSION }}" ] | |
| steps: | |
| - name: Checking if remote image exists | |
| id: check_remote_image | |
| run: | | |
| echo "docker manifest inspect ${IMAGE_TARGET_REGISTRY}:${IMAGE_TAG}${{ matrix.version }}" | |
| if docker manifest inspect ${IMAGE_TARGET_REGISTRY}:${IMAGE_TAG}${{ matrix.version }}; then | |
| echo "Image exists" | |
| echo "image_exists=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "Image does not exist" | |
| echo "image_exists=false" >> $GITHUB_OUTPUT | |
| fi | |
| cat $GITHUB_OUTPUT | |
| - name: Login to Dockerhub | |
| if: success() && steps.check_remote_image.outputs.image_exists != 'true' | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Create manifest | |
| id: create_manifest | |
| if: success() && steps.check_remote_image.outputs.image_exists != 'true' | |
| # ex: docker manifest create nwodtuhs/exegol-preprod:full nwodtuhs/exegol-builds:full-1.2.3-arm64 nwodtuhs/exegol-builds:full-1.2.3-amd64 | |
| # ex: docker manifest create nwodtuhs/exegol-preprod:full-1.2.3 nwodtuhs/exegol-builds:full-1.2.3-arm64 nwodtuhs/exegol-builds:full-1.2.3-amd64 | |
| run: docker manifest create ${IMAGE_TARGET_REGISTRY}:${{ matrix.image }} ${INTERMEDIATE_IMAGES_BUILDS_REGISTRY}:${IMAGE_TAG}-${{ needs.varset.outputs.IMAGE_VERSION }}-arm64 ${INTERMEDIATE_IMAGES_BUILDS_REGISTRY}:${IMAGE_TAG}-${{ needs.varset.outputs.IMAGE_VERSION }}-amd64 | |
| - name: Push manifest to remote | |
| if: success() && steps.check_remote_image.outputs.image_exists != 'true' | |
| # ex: docker manifest push nwodtuhs/exegol-preprod:full | |
| # ex: docker manifest push nwodtuhs/exegol-preprod:full-1.2.3 | |
| run: docker manifest push ${IMAGE_TARGET_REGISTRY}:${{ matrix.image }} | |
| - name: Remove manifest locally | |
| if: always() && steps.create_manifest.result == success() | |
| # ex: docker manifest rm nwodtuhs/exegol-preprod:full | |
| # ex: docker manifest rm nwodtuhs/exegol-preprod:full-1.2.3 | |
| run: docker manifest rm ${IMAGE_TARGET_REGISTRY}:${{ matrix.image }} | |
| clean_runners: | |
| name: Clean runner | |
| needs: [ varset, build, publish ] | |
| # clean runners, if publish was a success, or at least if build succeeded | |
| if: always() && ${{ github.event.label.name == 'base success' }} && ( needs.publish.result == 'success' || !contains(needs.build.outputs.build, 'failure')) | |
| # even if this job fails, it won't affect the success/fail status of the whole workflow | |
| continue-on-error: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [ arm64, amd64 ] | |
| runs-on: | |
| - self-hosted | |
| - builder | |
| - ${{ matrix.arch }} | |
| steps: | |
| - name: Remove local image | |
| # ex: docker rmi nwodtuhs/exegol-builds:full-1.2.3-arm64 | |
| run: docker rmi ${INTERMEDIATE_IMAGES_BUILDS_REGISTRY}:${{ env.IMAGE_TAG }}-${{ needs.varset.outputs.IMAGE_VERSION }}-${{ matrix.arch }} | |
| clean_registries: | |
| name: Clean registries | |
| needs: [ varset, publish ] | |
| if: always() && ${{ github.event.label.name == 'base success' }} && needs.publish.result == 'success' | |
| runs-on: self-hosted | |
| # only cleaning if publish was a success. And publish requires that tests were a success. If tests were a success, there's no need for debugging the images, they can be removed from the exegol-builds registry | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [ arm64, amd64 ] | |
| steps: | |
| - name: Remove remote arch-specific images in ${{ env.INTERMEDIATE_IMAGES_BUILDS_REGISTRY }} | |
| # ex: curl [...] --request DELETE [...]exegol-builds/tags/full-1.2.3-arm64 | |
| run: | | |
| HUB_TOKEN=$(curl --silent --header "Content-Type: application/json" --request POST --data "{\"username\": \"${{ secrets.DOCKER_USERNAME }}\", \"password\": \"${{ secrets.DOCKER_PASSWORD }}\"}" https://hub.docker.com/v2/users/login/ | jq -r .token) | |
| curl --fail-with-body --include --request DELETE -H "Accept: application/json" --header "Authorization: JWT $HUB_TOKEN" https://hub.docker.com/v2/repositories/${{ env.INTERMEDIATE_IMAGES_BUILDS_REGISTRY }}/tags/${{ env.IMAGE_TAG }}-${{ needs.varset.outputs.IMAGE_VERSION }}-${{ matrix.arch }}/ |