Make batch sizes configurable #19424
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# This workflow is dangerous and should be handled with great care to avoid security problems. | |
# See the warning at conform-pr.yml. | |
# We also tried a different approach: build Docker image in one normal, secure `pull_request` workflow, | |
# upload artifact, and then download and publish it in another workflow that has access to secrets, but treats | |
# artifact as passive data. We use buildx for building multi-platform images, and there is a way to export | |
# multi-platform OCI tarball: https://docs.docker.com/engine/reference/commandline/buildx_build/#output | |
# Unfortunately, it seems that there is no way to import that tarball in another workflow and publish it | |
# as a Docker image, as strange as it sounds: https://github.com/docker/buildx/issues/186 | |
name: Packages | |
on: | |
pull_request_target: | |
types: | |
# not for "labeled" to prevent two builds for "labeled" and "unlabeled" when labels are changed | |
- unlabeled # if GitHub Actions stuck, add and remove "not ready" label to force rebuild | |
- opened | |
- reopened | |
- synchronize | |
push: | |
branches: | |
- main | |
- main/* | |
- releases/* | |
tags: | |
- "*" | |
schedule: | |
- cron: "10 1 * * 1" # after cleanup | |
# Do not run this workflow in parallel for any PR change or branch/tag push | |
# to prevent concurrent pushes for the same Docker image tag | |
# and save some resources. | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }} | |
cancel-in-progress: false | |
env: | |
GOPATH: /home/runner/go | |
GOCACHE: /home/runner/go/cache | |
GOLANGCI_LINT_CACHE: /home/runner/go/cache/lint | |
GOMODCACHE: /home/runner/go/mod | |
GOPROXY: https://proxy.golang.org | |
GOTOOLCHAIN: local | |
jobs: | |
build: | |
name: Build packages | |
runs-on: server | |
timeout-minutes: 40 | |
if: > | |
github.event_name != 'pull_request_target' || | |
( | |
contains(github.event.pull_request.labels.*.name, 'trust') && | |
!contains(github.event.pull_request.labels.*.name, 'not ready') && | |
contains(github.event.pull_request.labels.*.name, 'packages') | |
) | |
permissions: | |
packages: write | |
steps: | |
# TODO https://github.com/FerretDB/github-actions/issues/211 | |
- name: Checkout code | |
if: github.event_name != 'pull_request_target' | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # for `git describe` to work | |
lfs: false # LFS is used only by website | |
# TODO https://github.com/FerretDB/github-actions/issues/211 | |
- name: Checkout pull request code | |
if: github.event_name == 'pull_request_target' | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
lfs: false | |
ref: ${{ github.event.pull_request.head.sha }} | |
# for version.txt on push tags; see https://github.com/actions/checkout/issues/290 | |
- name: Fetch annotated tags | |
run: | | |
git fetch --tags --force | |
git status | |
# for branch.txt on pull_request_target; the correct branch is already checked out on push / schedule | |
- name: Name branch | |
if: github.event_name == 'pull_request_target' | |
env: | |
BRANCH: ${{ github.head_ref }} # see https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable | |
run: git checkout -b $BRANCH | |
- name: Setup Go | |
uses: FerretDB/github-actions/setup-go@main | |
- name: Install Task | |
run: go generate -x | |
working-directory: tools | |
- name: Run init | |
run: bin/task init | |
- name: Setup QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Initialize Docker Buildx builder | |
run: bin/task docker-init | |
- name: Extract Docker image names | |
id: extract | |
uses: FerretDB/github-actions/extract-docker-tag@main | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ferretdbbot | |
password: ${{ secrets.DOCKER_HUB_TOKEN }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Login to Quay.io | |
uses: docker/login-action@v3 | |
with: | |
registry: quay.io | |
username: ferretdbbot | |
password: ${{ secrets.QUAY_TOKEN }} | |
- name: Build and push all-in-one Docker images ${{ steps.extract.outputs.all_in_one_images }} | |
if: steps.extract.outputs.all_in_one_images != '' | |
run: bin/task docker-all-in-one-push DOCKER_IMAGES=${{ steps.extract.outputs.all_in_one_images }} | |
- name: Build and push development Docker images ${{ steps.extract.outputs.development_images }} | |
if: steps.extract.outputs.development_images != '' | |
run: bin/task docker-development-push DOCKER_IMAGES=${{ steps.extract.outputs.development_images }} | |
- name: Build and push production Docker images ${{ steps.extract.outputs.production_images }} | |
if: steps.extract.outputs.production_images != '' | |
run: bin/task docker-production-push DOCKER_IMAGES=${{ steps.extract.outputs.production_images }} | |
- name: Build development binaries | |
run: bin/task build-development | |
- name: Upload development binaries | |
uses: actions/upload-artifact@v4 | |
with: | |
name: bin-dev | |
path: tmp/bin-dev/ | |
retention-days: 1 | |
if-no-files-found: error | |
- name: Build production binaries | |
run: bin/task build-production | |
- name: Upload production binaries | |
uses: actions/upload-artifact@v4 | |
with: | |
name: bin | |
path: tmp/bin/ | |
retention-days: 1 | |
if-no-files-found: error | |
- name: Build Linux packages | |
run: bin/task packages | |
- name: Upload .deb packages | |
uses: actions/upload-artifact@v4 | |
with: | |
name: debs | |
path: tmp/debs/ | |
retention-days: 1 | |
if-no-files-found: error | |
- name: Upload .rpm packages | |
uses: actions/upload-artifact@v4 | |
with: | |
name: rpms | |
path: tmp/rpms/ | |
retention-days: 1 | |
if-no-files-found: error | |
- name: Check dirty | |
run: | | |
git status | |
git diff --exit-code |