GRN2-XX: updates to github actions for building and publishing alternate images (#2932)

* rework on scripts for git actions * updated ruby version * updated alternate filter * removed ci settings brought forom sl ci * added prefix to image tag and version_code * fixed alternate dockerfile for alpine * updates for amazonlinux alternate image * added missing variables to ci scripts * update of tag in alternate images on release
2021-10-01 14:26:40 -04:00 · 2021-10-01 14:26:40 -04:00 · 4188951a4d
parent d2cc7b3d41
commit 4188951a4d
9 changed files with 415 additions and 78 deletions
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@ -1,4 +1,4 @@
-<!--- 
+<!---
 IMPORTANT
 This template is mandatory for all Pull Requests.
 Please follow the template to ensure your Pull Request is reviewed.
@ -13,4 +13,4 @@ Please follow the template to ensure your Pull Request is reviewed.
 <!--- Please describe in detail how to test your changes. -->

 ## Screenshots (if appropriate):
-<!--- Please include screenshots of ALL visual changes. -->
+<!--- Please include screenshots that may help to visualize your changes. -->
--- a/.github/workflows/build.push.yml
+++ b/.github/workflows/build.push.yml
@ -1,41 +0,0 @@
-env:
-  RUBY_VERSION: 2.7.2
-
-
-name: Build Push
-on:
-  push:
-    branches: "master"
-
-jobs:
-  main:
-    name: Build Docker Image
-    runs-on: ubuntu-18.04
-    steps:
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-        
-      - name: Login to Github Container Registry
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-
-      - name: Compute Short SHA
-        uses: farhatahmad/short-sha@v1.2
-        id: short-sha
-        with:
-          length: 7
-
-      - name: Get Branch Name
-        uses: farhatahmad/branch-names@v2
-        id: branch-name
-
-      - name: Build and Push latest
-        uses: docker/build-push-action@v2
-        with:
-          push: true
-          tags: |
-            bigbluebutton/greenlight:master
-            bigbluebutton/greenlight:latest
-          build-args: version_code=${{ steps.branch-name.outputs.ref_branch }} (${{ steps.short-sha.outputs.sha }})
--- a/.github/workflows/build.release.yml
+++ b/.github/workflows/build.release.yml
@ -1,32 +0,0 @@
-env:
-  RUBY_VERSION: 2.7.2
-
-
-name: Build Release
-on:
-  release:
-    types: [released]
-
-jobs:
-  main:
-    name: Build Docker Image
-    runs-on: ubuntu-18.04
-    steps:
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-        
-      - name: Login to Github Container Registry
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-
-      - name: Build and Push release
-        uses: docker/build-push-action@v2
-        with:
-          push: true
-          tags: |
-            bigbluebutton/greenlight:latest
-            bigbluebutton/greenlight:v2
-            bigbluebutton/greenlight:${{ github.event.release.tag_name }}
-          build-args: version_code=${{ github.event.release.tag_name }}
--- a/.github/workflows/ci.build.prerelease.yml
+++ b/.github/workflows/ci.build.prerelease.yml
@ -0,0 +1,95 @@
+env:
+  RUBY_VERSION: 2.7
+
+name: CI Build Pre-Release
+on:
+  release:
+    types: [prereleased]
+
+jobs:
+  main:
+    name: Build Docker Image
+    env:
+      DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }}
+      DOCKER_BUILD_ENABLED: ${{ secrets.DOCKER_BUILD_ENABLED }}
+      DOCKER_BUILD_ALTERNATE_ENABLED: ${{ secrets.DOCKER_BUILD_ALTERNATE_ENABLED }}
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: actions/checkout@v2
+
+      - name: Set up Docker Buildx
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: docker/setup-buildx-action@v1
+
+      - name: Cache Docker layers
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: actions/cache@v2
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+
+      - name: Login to DockerHub
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract Docker Repository
+        id: ci_docker_repository
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        shell: bash
+        run: echo "##[set-output name=repository;]$(echo ${DOCKER_REPOSITORY:-$GITHUB_REPOSITORY})"
+
+      - name: Extract Tag Release
+        id: ci_tag_release_version
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        shell: bash
+        run: echo "##[set-output name=tag;]$(echo ${GITHUB_REF#refs/tags/} | cut -c 9-)"
+
+      - name: Build and Push
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          tags: |
+            "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_version.outputs.tag }}"
+          build-args: "VERSION_CODE=release-${{ steps.ci_tag_release_version.outputs.tag }}"
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      # Alternate Images with alpine
+      - name: Alternate Alpine Build and Push
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true')
+        uses: docker/build-push-action@v2
+        with:
+          file: dockerfiles/v2/alpine
+          push: true
+          tags: |
+            "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_version.outputs.tag }}-alpine"
+          build-args: "VERSION_CODE=release-${{ steps.ci_tag_release_version.outputs.tag }}"
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      # Alternate Images with amazonlinux
+      - name: Alternate Amazon Linux Build and Push
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true')
+        uses: docker/build-push-action@v2
+        with:
+          file: dockerfiles/v2/amazonlinux
+          push: true
+          tags: |
+            "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_version.outputs.tag }}-amazonlinux"
+          build-args: "VERSION_CODE=release-${{ steps.ci_tag_release_version.outputs.tag }}"
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      - name: Move cache
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
--- a/.github/workflows/ci.build.push.yml
+++ b/.github/workflows/ci.build.push.yml
@ -0,0 +1,101 @@
+env:
+  RUBY_VERSION: 2.7
+
+name: CI Build Push
+on:
+  push:
+    branches: "*"
+
+jobs:
+  main:
+    name: Build Docker Image
+    env:
+      DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }}
+      DOCKER_BUILD_ENABLED: ${{ secrets.DOCKER_BUILD_ENABLED }}
+      DOCKER_BUILD_ALTERNATE_ENABLED: ${{ secrets.DOCKER_BUILD_ALTERNATE_ENABLED }}
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: actions/checkout@v2
+
+      - name: Set up Docker Buildx
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: docker/setup-buildx-action@v1
+
+      - name: Cache Docker layers
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: actions/cache@v2
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+
+      - name: Login to DockerHub
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract Docker Repository
+        id: ci_docker_repository
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        shell: bash
+        run: echo "##[set-output name=repository;]$(echo ${DOCKER_REPOSITORY:-$GITHUB_REPOSITORY})"
+
+      - name: Extract Branch Name
+        id: ci_branch_name
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        shell: bash
+        run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
+
+      - name: Extract Commit Short SHA
+        id: ci_commit_short_sha
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        shell: bash
+        run: echo "##[set-output name=short_sha;]$(echo ${GITHUB_SHA} | cut -c1-7)"
+
+      - name: Build and Push
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          tags: |
+            "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_branch_name.outputs.branch }}"
+          build-args: "VERSION_CODE=${{ steps.ci_branch_name.outputs.branch }}-${{ steps.ci_commit_short_sha.outputs.short_sha }}"
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      # Alternate Image with alpine
+      - name: Alternate Alpine Build and Push
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true')
+        uses: docker/build-push-action@v2
+        with:
+          file: dockerfiles/v2/alpine
+          push: true
+          tags: |
+            "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_branch_name.outputs.branch }}-alpine"
+          build-args: "VERSION_CODE=${{ steps.ci_branch_name.outputs.branch }}-${{ steps.ci_commit_short_sha.outputs.short_sha }}"
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      # Alternate Images for bbb-bionic-230 with amazonlinux
+      - name: Alternate Amazon Linux Build and Push
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true')
+        uses: docker/build-push-action@v2
+        with:
+          file: dockerfiles/v2/amazonlinux
+          push: true
+          tags: |
+            "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_branch_name.outputs.branch }}-amazonlinux"
+          build-args: "VERSION_CODE=${{ steps.ci_branch_name.outputs.branch }}-${{ steps.ci_commit_short_sha.outputs.short_sha }}"
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      - name: Move cache
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
--- a/.github/workflows/ci.build.release.yml
+++ b/.github/workflows/ci.build.release.yml
@ -0,0 +1,110 @@
+env:
+  RUBY_VERSION: 2.7
+
+name: CI Build Release
+on:
+  release:
+    types: [released]
+
+jobs:
+  main:
+    name: Build Docker Image
+    env:
+      DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }}
+      DOCKER_BUILD_ENABLED: ${{ secrets.DOCKER_BUILD_ENABLED }}
+      DOCKER_BUILD_ALTERNATE_ENABLED: ${{ secrets.DOCKER_BUILD_ALTERNATE_ENABLED }}
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: actions/checkout@v2
+
+      - name: Set up Docker Buildx
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: docker/setup-buildx-action@v1
+
+      - name: Cache Docker layers
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: actions/cache@v2
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+
+      - name: Login to DockerHub
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract Docker Repository
+        id: ci_docker_repository
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        shell: bash
+        run: echo "##[set-output name=repository;]$(echo ${DOCKER_REPOSITORY:-$GITHUB_REPOSITORY})"
+
+      - name: Extract Tag Release
+        id: ci_tag_release
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        shell: bash
+        run: echo "##[set-output name=tag;]$(echo ${GITHUB_REF#refs/tags/})"
+
+      - name: Extract Tag Release Major
+        id: ci_tag_release_major
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        shell: bash
+        run: echo "##[set-output name=tag;]$(echo ${{steps.ci_tag_release.outputs.tag}} | cut -c 9- | cut -f1-1 -d'.')"
+
+      - name: Extract Tag Release Minor
+        id: ci_tag_release_minor
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        shell: bash
+        run: echo "##[set-output name=tag;]$(echo ${{steps.ci_tag_release.outputs.tag}} | cut -c 9- | cut -f1-2 -d'.')"
+
+      - name: Build and Push
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          tags: |
+            "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_tag_release.outputs.tag }}"
+            "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_major.outputs.tag }}"
+            "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_minor.outputs.tag }}"
+            "${{ steps.ci_docker_repository.outputs.repository }}:latest"
+          build-args: "VERSION_CODE=${{ steps.ci_tag_release_revision.outputs.tag }}"
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      # Alternate Image with alpine
+      - name: Alternate Alpine Build and Push
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true')
+        uses: docker/build-push-action@v2
+        with:
+          file: dockerfiles/v2/alpine
+          push: true
+          tags: |
+            "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_tag_release.outputs.tag }}-alpine"
+          build-args: "VERSION_CODE=${{ steps.ci_tag_release_revision.outputs.tag }}"
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      # Alternate Image with amazonlinux
+      - name: Alternate Amazon Linux Build and Push
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true')
+        uses: docker/build-push-action@v2
+        with:
+          file: dockerfiles/v2/amazonlinux
+          push: true
+          tags: |
+            "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_tag_release.outputs.tag }}-amazonlinux"
+          build-args: "VERSION_CODE=${{ steps.ci_tag_release_revision.outputs.tag }}"
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      - name: Move cache
+        if: contains(env.DOCKER_BUILD_ENABLED, 'true')
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -1,5 +1,5 @@
 env:
-  RUBY_VERSION: 2.7.2
+  RUBY_VERSION: 2.7
  DB_ADAPTER: postgresql
  DB_HOST: localhost
  DB_NAME: postgres
@ -9,6 +9,8 @@ env:

 name: CI
 on:
+  push:
+    branches-ignore: "master"
  pull_request:
    branches: "*"

@ -36,8 +38,8 @@ jobs:
      - name: Checkout
        uses: actions/checkout@v2

-      - name: Ruby Setup
-        uses: ruby/setup-ruby@v1
+      - name: Install Ruby ${{ env.RUBY_VERSION }}
+        uses: actions/setup-ruby@v1
        with:
          ruby-version: ${{ env.RUBY_VERSION }}

@ -58,6 +60,7 @@ jobs:
        run:  |
          bundler exec rails db:create RAILS_ENV=test
          bundler exec rails db:migrate RAILS_ENV=test
+
      - name: Run Rubocop
        run: bundle exec rubocop --parallel --fail-level F

--- a/dockerfiles/v2/alpine
+++ b/dockerfiles/v2/alpine
@ -0,0 +1,55 @@
+FROM alpine:3.13 AS alpine
+
+ARG RAILS_ROOT=/usr/src/app
+ENV RAILS_ROOT=${RAILS_ROOT}
+
+FROM alpine AS base
+WORKDIR $RAILS_ROOT
+RUN apk add --no-cache \
+    libpq \
+    libxml2 \
+    libxslt \
+    ruby \
+    ruby-irb \
+    ruby-bigdecimal \
+    ruby-bundler \
+    ruby-json \
+    tzdata \
+    shared-mime-info
+
+FROM base as builder
+RUN apk add --no-cache \
+    build-base \
+    curl-dev \
+    git \
+    libxml2-dev \
+    libxslt-dev \
+    pkgconf \
+    postgresql-dev \
+    sqlite-libs \
+    sqlite-dev \
+    ruby-dev \
+    yaml-dev \
+    zlib-dev \
+    nodejs \
+    yarn \
+    && ( echo 'install: --no-document' ; echo 'update: --no-document' ) >>/etc/gemrc
+COPY Gemfile* ./
+RUN bundle config build.nokogiri --use-system-libraries \
+    && bundle config set --local deployment 'true'  without 'development:test' \
+    && bundle install -j4 \
+    && rm -rf vendor/bundle/ruby/*/cache \
+    && find vendor/bundle/ruby/*/gems/ \( -name '*.c' -o -name '*.o' \) -delete
+COPY . ./
+
+FROM base
+ENV RAILS_ENV=production RAILS_LOG_TO_STDOUT=true
+
+ARG VERSION_CODE
+ENV VERSION_CODE=${VERSION_CODE}
+
+COPY --from=builder $RAILS_ROOT $RAILS_ROOT
+
+EXPOSE 80
+RUN chmod +x bin/start
+CMD [ "bin/start" ]
--- a/dockerfiles/v2/amazonlinux
+++ b/dockerfiles/v2/amazonlinux
@ -0,0 +1,46 @@
+FROM amazonlinux:2.0.20210813.1 AS amazonlinux
+
+ARG RAILS_ROOT=/usr/src/app
+ENV RAILS_ROOT=${RAILS_ROOT}
+
+FROM amazonlinux AS amazonlinux-base
+ENV TINI_VERSION v0.19.0
+ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini
+ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc /tini.asc
+RUN gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7
+RUN gpg --batch --verify /tini.asc /sbin/tini
+RUN chmod +x /sbin/tini
+RUN yum -y install redhat-rpm-config
+
+FROM amazonlinux-base AS base
+WORKDIR $RAILS_ROOT
+# Install Node.js (needed for yarn)
+RUN yum -y install gcc-c++ make
+RUN curl -sL https://rpm.nodesource.com/setup_16.x | bash -
+RUN yum -y install nodejs
+# Install Ruby & Rails
+RUN curl -sL -o /etc/yum.repos.d/yarn.repo https://dl.yarnpkg.com/rpm/yarn.repo
+RUN amazon-linux-extras enable ruby2.6 \
+  && yum -y install git tar gzip yarn shared-mime-info libxslt zlib-devel sqlite-devel mariadb-devel postgresql-devel ruby-devel rubygems-devel rubygem-bundler rubygem-io-console rubygem-irb rubygem-json rubygem-minitest rubygem-net-http-persistent rubygem-net-telnet rubygem-power_assert rubygem-rake rubygem-test-unit rubygem-thor rubygem-xmlrpc rubygem-bigdecimal \
+  && gem install rails
+RUN yum -y install python3 python3-pip shadow-utils
+
+FROM base as builder
+COPY Gemfile* ./
+RUN bundle config build.nokogiri --use-system-libraries \
+    && bundle install --deployment --without development:test -j4 \
+    && rm -rf vendor/bundle/ruby/*/cache \
+    && find vendor/bundle/ruby/*/gems/ \( -name '*.c' -o -name '*.o' \) -delete
+COPY . ./
+
+FROM base
+ENV RAILS_ENV=production RAILS_LOG_TO_STDOUT=true
+
+ARG VERSION_CODE
+ENV VERSION_CODE=${VERSION_CODE}
+
+COPY --from=builder $RAILS_ROOT $RAILS_ROOT
+
+EXPOSE 80
+RUN chmod +x bin/start
+CMD [ "bin/start" ]