From 4188951a4d5c109ad0cba77b03977884c365ba1d Mon Sep 17 00:00:00 2001 From: Jesus Federico Date: Fri, 1 Oct 2021 14:26:40 -0400 Subject: [PATCH] GRN2-XX: updates to github actions for building and publishing alternate images (#2932) * rework on scripts for git actions * updated ruby version * updated alternate filter * removed ci settings brought forom sl ci * added prefix to image tag and version_code * fixed alternate dockerfile for alpine * updates for amazonlinux alternate image * added missing variables to ci scripts * update of tag in alternate images on release --- .github/PULL_REQUEST_TEMPLATE.md | 4 +- .github/workflows/build.push.yml | 41 -------- .github/workflows/build.release.yml | 32 ------- .github/workflows/ci.build.prerelease.yml | 95 +++++++++++++++++++ .github/workflows/ci.build.push.yml | 101 ++++++++++++++++++++ .github/workflows/ci.build.release.yml | 110 ++++++++++++++++++++++ .github/workflows/{main.yml => ci.yml} | 9 +- dockerfiles/v2/alpine | 55 +++++++++++ dockerfiles/v2/amazonlinux | 46 +++++++++ 9 files changed, 415 insertions(+), 78 deletions(-) delete mode 100644 .github/workflows/build.push.yml delete mode 100644 .github/workflows/build.release.yml create mode 100644 .github/workflows/ci.build.prerelease.yml create mode 100644 .github/workflows/ci.build.push.yml create mode 100644 .github/workflows/ci.build.release.yml rename .github/workflows/{main.yml => ci.yml} (90%) create mode 100644 dockerfiles/v2/alpine create mode 100644 dockerfiles/v2/amazonlinux diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 74bee889..1095877a 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,4 +1,4 @@ - ## Screenshots (if appropriate): - + diff --git a/.github/workflows/build.push.yml b/.github/workflows/build.push.yml deleted file mode 100644 index 3f05b819..00000000 --- a/.github/workflows/build.push.yml +++ /dev/null @@ -1,41 +0,0 @@ -env: - RUBY_VERSION: 2.7.2 - - -name: Build Push -on: - push: - branches: "master" - -jobs: - main: - name: Build Docker Image - runs-on: ubuntu-18.04 - steps: - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Login to Github Container Registry - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Compute Short SHA - uses: farhatahmad/short-sha@v1.2 - id: short-sha - with: - length: 7 - - - name: Get Branch Name - uses: farhatahmad/branch-names@v2 - id: branch-name - - - name: Build and Push latest - uses: docker/build-push-action@v2 - with: - push: true - tags: | - bigbluebutton/greenlight:master - bigbluebutton/greenlight:latest - build-args: version_code=${{ steps.branch-name.outputs.ref_branch }} (${{ steps.short-sha.outputs.sha }}) \ No newline at end of file diff --git a/.github/workflows/build.release.yml b/.github/workflows/build.release.yml deleted file mode 100644 index 46cecd08..00000000 --- a/.github/workflows/build.release.yml +++ /dev/null @@ -1,32 +0,0 @@ -env: - RUBY_VERSION: 2.7.2 - - -name: Build Release -on: - release: - types: [released] - -jobs: - main: - name: Build Docker Image - runs-on: ubuntu-18.04 - steps: - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Login to Github Container Registry - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Build and Push release - uses: docker/build-push-action@v2 - with: - push: true - tags: | - bigbluebutton/greenlight:latest - bigbluebutton/greenlight:v2 - bigbluebutton/greenlight:${{ github.event.release.tag_name }} - build-args: version_code=${{ github.event.release.tag_name }} diff --git a/.github/workflows/ci.build.prerelease.yml b/.github/workflows/ci.build.prerelease.yml new file mode 100644 index 00000000..0c1d2b67 --- /dev/null +++ b/.github/workflows/ci.build.prerelease.yml @@ -0,0 +1,95 @@ +env: + RUBY_VERSION: 2.7 + +name: CI Build Pre-Release +on: + release: + types: [prereleased] + +jobs: + main: + name: Build Docker Image + env: + DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }} + DOCKER_BUILD_ENABLED: ${{ secrets.DOCKER_BUILD_ENABLED }} + DOCKER_BUILD_ALTERNATE_ENABLED: ${{ secrets.DOCKER_BUILD_ALTERNATE_ENABLED }} + runs-on: ubuntu-20.04 + steps: + - name: Checkout + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: docker/setup-buildx-action@v1 + + - name: Cache Docker layers + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Login to DockerHub + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Extract Docker Repository + id: ci_docker_repository + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + shell: bash + run: echo "##[set-output name=repository;]$(echo ${DOCKER_REPOSITORY:-$GITHUB_REPOSITORY})" + + - name: Extract Tag Release + id: ci_tag_release_version + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + shell: bash + run: echo "##[set-output name=tag;]$(echo ${GITHUB_REF#refs/tags/} | cut -c 9-)" + + - name: Build and Push + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: docker/build-push-action@v2 + with: + push: true + tags: | + "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_version.outputs.tag }}" + build-args: "VERSION_CODE=release-${{ steps.ci_tag_release_version.outputs.tag }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + # Alternate Images with alpine + - name: Alternate Alpine Build and Push + if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true') + uses: docker/build-push-action@v2 + with: + file: dockerfiles/v2/alpine + push: true + tags: | + "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_version.outputs.tag }}-alpine" + build-args: "VERSION_CODE=release-${{ steps.ci_tag_release_version.outputs.tag }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + # Alternate Images with amazonlinux + - name: Alternate Amazon Linux Build and Push + if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true') + uses: docker/build-push-action@v2 + with: + file: dockerfiles/v2/amazonlinux + push: true + tags: | + "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_version.outputs.tag }}-amazonlinux" + build-args: "VERSION_CODE=release-${{ steps.ci_tag_release_version.outputs.tag }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + - name: Move cache + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache diff --git a/.github/workflows/ci.build.push.yml b/.github/workflows/ci.build.push.yml new file mode 100644 index 00000000..e6f6dca6 --- /dev/null +++ b/.github/workflows/ci.build.push.yml @@ -0,0 +1,101 @@ +env: + RUBY_VERSION: 2.7 + +name: CI Build Push +on: + push: + branches: "*" + +jobs: + main: + name: Build Docker Image + env: + DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }} + DOCKER_BUILD_ENABLED: ${{ secrets.DOCKER_BUILD_ENABLED }} + DOCKER_BUILD_ALTERNATE_ENABLED: ${{ secrets.DOCKER_BUILD_ALTERNATE_ENABLED }} + runs-on: ubuntu-20.04 + steps: + - name: Checkout + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: docker/setup-buildx-action@v1 + + - name: Cache Docker layers + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Login to DockerHub + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Extract Docker Repository + id: ci_docker_repository + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + shell: bash + run: echo "##[set-output name=repository;]$(echo ${DOCKER_REPOSITORY:-$GITHUB_REPOSITORY})" + + - name: Extract Branch Name + id: ci_branch_name + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + shell: bash + run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" + + - name: Extract Commit Short SHA + id: ci_commit_short_sha + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + shell: bash + run: echo "##[set-output name=short_sha;]$(echo ${GITHUB_SHA} | cut -c1-7)" + + - name: Build and Push + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: docker/build-push-action@v2 + with: + push: true + tags: | + "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_branch_name.outputs.branch }}" + build-args: "VERSION_CODE=${{ steps.ci_branch_name.outputs.branch }}-${{ steps.ci_commit_short_sha.outputs.short_sha }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + # Alternate Image with alpine + - name: Alternate Alpine Build and Push + if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true') + uses: docker/build-push-action@v2 + with: + file: dockerfiles/v2/alpine + push: true + tags: | + "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_branch_name.outputs.branch }}-alpine" + build-args: "VERSION_CODE=${{ steps.ci_branch_name.outputs.branch }}-${{ steps.ci_commit_short_sha.outputs.short_sha }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + # Alternate Images for bbb-bionic-230 with amazonlinux + - name: Alternate Amazon Linux Build and Push + if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true') + uses: docker/build-push-action@v2 + with: + file: dockerfiles/v2/amazonlinux + push: true + tags: | + "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_branch_name.outputs.branch }}-amazonlinux" + build-args: "VERSION_CODE=${{ steps.ci_branch_name.outputs.branch }}-${{ steps.ci_commit_short_sha.outputs.short_sha }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + - name: Move cache + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache diff --git a/.github/workflows/ci.build.release.yml b/.github/workflows/ci.build.release.yml new file mode 100644 index 00000000..9e6c745a --- /dev/null +++ b/.github/workflows/ci.build.release.yml @@ -0,0 +1,110 @@ +env: + RUBY_VERSION: 2.7 + +name: CI Build Release +on: + release: + types: [released] + +jobs: + main: + name: Build Docker Image + env: + DOCKER_REPOSITORY: ${{ secrets.DOCKER_REPOSITORY }} + DOCKER_BUILD_ENABLED: ${{ secrets.DOCKER_BUILD_ENABLED }} + DOCKER_BUILD_ALTERNATE_ENABLED: ${{ secrets.DOCKER_BUILD_ALTERNATE_ENABLED }} + runs-on: ubuntu-20.04 + steps: + - name: Checkout + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: docker/setup-buildx-action@v1 + + - name: Cache Docker layers + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Login to DockerHub + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Extract Docker Repository + id: ci_docker_repository + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + shell: bash + run: echo "##[set-output name=repository;]$(echo ${DOCKER_REPOSITORY:-$GITHUB_REPOSITORY})" + + - name: Extract Tag Release + id: ci_tag_release + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + shell: bash + run: echo "##[set-output name=tag;]$(echo ${GITHUB_REF#refs/tags/})" + + - name: Extract Tag Release Major + id: ci_tag_release_major + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + shell: bash + run: echo "##[set-output name=tag;]$(echo ${{steps.ci_tag_release.outputs.tag}} | cut -c 9- | cut -f1-1 -d'.')" + + - name: Extract Tag Release Minor + id: ci_tag_release_minor + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + shell: bash + run: echo "##[set-output name=tag;]$(echo ${{steps.ci_tag_release.outputs.tag}} | cut -c 9- | cut -f1-2 -d'.')" + + - name: Build and Push + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + uses: docker/build-push-action@v2 + with: + push: true + tags: | + "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_tag_release.outputs.tag }}" + "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_major.outputs.tag }}" + "${{ steps.ci_docker_repository.outputs.repository }}:v${{ steps.ci_tag_release_minor.outputs.tag }}" + "${{ steps.ci_docker_repository.outputs.repository }}:latest" + build-args: "VERSION_CODE=${{ steps.ci_tag_release_revision.outputs.tag }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + # Alternate Image with alpine + - name: Alternate Alpine Build and Push + if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true') + uses: docker/build-push-action@v2 + with: + file: dockerfiles/v2/alpine + push: true + tags: | + "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_tag_release.outputs.tag }}-alpine" + build-args: "VERSION_CODE=${{ steps.ci_tag_release_revision.outputs.tag }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + # Alternate Image with amazonlinux + - name: Alternate Amazon Linux Build and Push + if: contains(env.DOCKER_BUILD_ENABLED, 'true') && contains(env.DOCKER_BUILD_ALTERNATE_ENABLED, 'true') + uses: docker/build-push-action@v2 + with: + file: dockerfiles/v2/amazonlinux + push: true + tags: | + "${{ steps.ci_docker_repository.outputs.repository }}:${{ steps.ci_tag_release.outputs.tag }}-amazonlinux" + build-args: "VERSION_CODE=${{ steps.ci_tag_release_revision.outputs.tag }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + + - name: Move cache + if: contains(env.DOCKER_BUILD_ENABLED, 'true') + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache diff --git a/.github/workflows/main.yml b/.github/workflows/ci.yml similarity index 90% rename from .github/workflows/main.yml rename to .github/workflows/ci.yml index 933eb725..90a337e0 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/ci.yml @@ -1,5 +1,5 @@ env: - RUBY_VERSION: 2.7.2 + RUBY_VERSION: 2.7 DB_ADAPTER: postgresql DB_HOST: localhost DB_NAME: postgres @@ -9,6 +9,8 @@ env: name: CI on: + push: + branches-ignore: "master" pull_request: branches: "*" @@ -36,8 +38,8 @@ jobs: - name: Checkout uses: actions/checkout@v2 - - name: Ruby Setup - uses: ruby/setup-ruby@v1 + - name: Install Ruby ${{ env.RUBY_VERSION }} + uses: actions/setup-ruby@v1 with: ruby-version: ${{ env.RUBY_VERSION }} @@ -58,6 +60,7 @@ jobs: run: | bundler exec rails db:create RAILS_ENV=test bundler exec rails db:migrate RAILS_ENV=test + - name: Run Rubocop run: bundle exec rubocop --parallel --fail-level F diff --git a/dockerfiles/v2/alpine b/dockerfiles/v2/alpine new file mode 100644 index 00000000..1fd766f4 --- /dev/null +++ b/dockerfiles/v2/alpine @@ -0,0 +1,55 @@ +FROM alpine:3.13 AS alpine + +ARG RAILS_ROOT=/usr/src/app +ENV RAILS_ROOT=${RAILS_ROOT} + +FROM alpine AS base +WORKDIR $RAILS_ROOT +RUN apk add --no-cache \ + libpq \ + libxml2 \ + libxslt \ + ruby \ + ruby-irb \ + ruby-bigdecimal \ + ruby-bundler \ + ruby-json \ + tzdata \ + shared-mime-info + +FROM base as builder +RUN apk add --no-cache \ + build-base \ + curl-dev \ + git \ + libxml2-dev \ + libxslt-dev \ + pkgconf \ + postgresql-dev \ + sqlite-libs \ + sqlite-dev \ + ruby-dev \ + yaml-dev \ + zlib-dev \ + nodejs \ + yarn \ + && ( echo 'install: --no-document' ; echo 'update: --no-document' ) >>/etc/gemrc +COPY Gemfile* ./ +RUN bundle config build.nokogiri --use-system-libraries \ + && bundle config set --local deployment 'true' without 'development:test' \ + && bundle install -j4 \ + && rm -rf vendor/bundle/ruby/*/cache \ + && find vendor/bundle/ruby/*/gems/ \( -name '*.c' -o -name '*.o' \) -delete +COPY . ./ + +FROM base +ENV RAILS_ENV=production RAILS_LOG_TO_STDOUT=true + +ARG VERSION_CODE +ENV VERSION_CODE=${VERSION_CODE} + +COPY --from=builder $RAILS_ROOT $RAILS_ROOT + +EXPOSE 80 +RUN chmod +x bin/start +CMD [ "bin/start" ] diff --git a/dockerfiles/v2/amazonlinux b/dockerfiles/v2/amazonlinux new file mode 100644 index 00000000..e618aaa8 --- /dev/null +++ b/dockerfiles/v2/amazonlinux @@ -0,0 +1,46 @@ +FROM amazonlinux:2.0.20210813.1 AS amazonlinux + +ARG RAILS_ROOT=/usr/src/app +ENV RAILS_ROOT=${RAILS_ROOT} + +FROM amazonlinux AS amazonlinux-base +ENV TINI_VERSION v0.19.0 +ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini +ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc /tini.asc +RUN gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 595E85A6B1B4779EA4DAAEC70B588DFF0527A9B7 +RUN gpg --batch --verify /tini.asc /sbin/tini +RUN chmod +x /sbin/tini +RUN yum -y install redhat-rpm-config + +FROM amazonlinux-base AS base +WORKDIR $RAILS_ROOT +# Install Node.js (needed for yarn) +RUN yum -y install gcc-c++ make +RUN curl -sL https://rpm.nodesource.com/setup_16.x | bash - +RUN yum -y install nodejs +# Install Ruby & Rails +RUN curl -sL -o /etc/yum.repos.d/yarn.repo https://dl.yarnpkg.com/rpm/yarn.repo +RUN amazon-linux-extras enable ruby2.6 \ + && yum -y install git tar gzip yarn shared-mime-info libxslt zlib-devel sqlite-devel mariadb-devel postgresql-devel ruby-devel rubygems-devel rubygem-bundler rubygem-io-console rubygem-irb rubygem-json rubygem-minitest rubygem-net-http-persistent rubygem-net-telnet rubygem-power_assert rubygem-rake rubygem-test-unit rubygem-thor rubygem-xmlrpc rubygem-bigdecimal \ + && gem install rails +RUN yum -y install python3 python3-pip shadow-utils + +FROM base as builder +COPY Gemfile* ./ +RUN bundle config build.nokogiri --use-system-libraries \ + && bundle install --deployment --without development:test -j4 \ + && rm -rf vendor/bundle/ruby/*/cache \ + && find vendor/bundle/ruby/*/gems/ \( -name '*.c' -o -name '*.o' \) -delete +COPY . ./ + +FROM base +ENV RAILS_ENV=production RAILS_LOG_TO_STDOUT=true + +ARG VERSION_CODE +ENV VERSION_CODE=${VERSION_CODE} + +COPY --from=builder $RAILS_ROOT $RAILS_ROOT + +EXPOSE 80 +RUN chmod +x bin/start +CMD [ "bin/start" ]