Merge pull request #5165 from Joystream/petra #1728
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Production runtime build of joystream-node | |
name: joystream-node-docker | |
on: | |
- push | |
- workflow_dispatch | |
env: | |
REPOSITORY: joystream/node | |
KEY_NAME: joystream-github-action-key-new | |
jobs: | |
repo-check: | |
name: Check if main image already published | |
runs-on: ubuntu-latest | |
outputs: | |
shasum: ${{ steps.compute_shasum.outputs.shasum }} | |
image_exists: ${{ steps.compute_main_image_exists.outputs.image_exists }} | |
branch_name: ${{ steps.extract_branch.outputs.branch }} | |
steps: | |
- name: Extract branch name | |
shell: bash | |
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" | |
id: extract_branch | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: '18.x' | |
- id: compute_shasum | |
name: Compute runtime code shasum | |
run: | | |
export RUNTIME_CODE_SHASUM=`scripts/runtime-code-shasum.sh` | |
echo "::set-output name=shasum::${RUNTIME_CODE_SHASUM}" | |
# docker manifest inspect command requires authentication | |
- name: Login to DockerHub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Check if we already have the main image on Dockerhub | |
id: compute_main_image_exists | |
# Will output 0 if image exists and 1 if does not exists | |
run: | | |
export IMAGE_EXISTS=$(docker manifest inspect ${{ env.REPOSITORY }}:${{ steps.compute_shasum.outputs.shasum }} > /dev/null ; echo $?) | |
echo "::set-output name=image_exists::${IMAGE_EXISTS}" | |
build-images: | |
name: Build joystream/node Docker images | |
needs: repo-check | |
# Only run this job if the main image does not exist | |
if: needs.repo-check.outputs.image_exists == 1 | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
platform: ['linux/amd64', 'linux/arm64'] | |
include: | |
- platform: 'linux/amd64' | |
platform_tag: 'amd64' | |
file: 'joystream-node.Dockerfile' | |
ec2ami: 'ami-0149b2da6ceec4bb0' | |
ec2type: 'c6id.2xlarge' | |
- platform: 'linux/arm64' | |
platform_tag: 'arm64' | |
file: 'joystream-node.Dockerfile' | |
ec2ami: 'ami-00266f51b6b22db58' | |
ec2type: 't4g.2xlarge' | |
env: | |
STACK_NAME: build-joystream-node-docker-ga-${{ github.run_number }}-${{ matrix.platform_tag }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: '18.x' | |
# docker manifest inspect requires authentication | |
- name: Login to DockerHub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Check if we have pre-built image on Dockerhub | |
id: compute_image_exists | |
# Will output 0 if image exists and 1 if does not exists | |
run: | | |
export IMAGE_EXISTS=$(docker manifest inspect ${{ env.REPOSITORY }}:${{ needs.repo-check.outputs.shasum }}-${{ matrix.platform_tag }} > /dev/null ; echo $?) | |
echo "::set-output name=image_exists::${IMAGE_EXISTS}" | |
- name: Install Ansible | |
run: | | |
pip3 install --upgrade --user ansible | |
pipx inject ansible-core boto3 botocore | |
ansible-playbook --version | |
if: ${{ steps.compute_image_exists.outputs.image_exists == 1 }} | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: us-east-1 | |
if: ${{ steps.compute_image_exists.outputs.image_exists == 1 }} | |
- name: Deploy to AWS CloudFormation | |
uses: aws-actions/aws-cloudformation-github-deploy@v1 | |
id: deploy_stack | |
with: | |
name: ${{ env.STACK_NAME }} | |
template: devops/aws/cloudformation/single-instance.yml | |
no-fail-on-empty-changeset: '1' | |
parameter-overrides: 'KeyName=${{ env.KEY_NAME }},EC2AMI=${{ matrix.ec2ami }},EC2InstanceType=${{ matrix.ec2type }}' | |
if: ${{ steps.compute_image_exists.outputs.image_exists == 1 }} | |
- name: Wait for docker build server to be ready | |
run: | | |
sleep 30 | |
- name: Run playbook | |
uses: dawidd6/action-ansible-playbook@v2 | |
with: | |
playbook: build-joystream-node-docker.yml | |
directory: devops/ansible | |
requirements: requirements.yml | |
key: ${{ secrets.SSH_PRIVATE_KEY }} | |
inventory: | | |
${{ steps.deploy_stack.outputs.PublicIp }} | |
options: | | |
--extra-vars "git_repo=https://github.com/${{ github.repository }} \ | |
branch_name=${{ needs.repo-check.outputs.branch_name }} \ | |
docker_username=${{ secrets.DOCKERHUB_USERNAME }} \ | |
docker_password=${{ secrets.DOCKERHUB_PASSWORD }} \ | |
tag_name=${{ needs.repo-check.outputs.shasum }}-${{ matrix.platform_tag }} \ | |
repository=${{ env.REPOSITORY }} dockerfile=${{ matrix.file }} \ | |
platform=${{ matrix.platform }} \ | |
cargo_features='' \ | |
code_shasum=${{ needs.repo-check.outputs.shasum }}" | |
if: ${{ steps.compute_image_exists.outputs.image_exists == 1 }} | |
- name: Delete CloudFormation Stack | |
if: always() | |
continue-on-error: true | |
run: | | |
echo "Deleting ${{ env.STACK_NAME }} stack" | |
aws cloudformation delete-stack --stack-name ${{ env.STACK_NAME }} | |
echo "Waiting for ${{ env.STACK_NAME }} to be deleted..." | |
aws cloudformation wait stack-delete-complete --stack-name ${{ env.STACK_NAME }} | |
push-manifest: | |
name: Create main manifest | |
needs: [repo-check, build-images] | |
# Only run this job if the image does not exist with tag equal to the shasum | |
if: needs.repo-check.outputs.image_exists == 1 | |
runs-on: ubuntu-latest | |
env: | |
TAG_SHASUM: ${{ needs.repo-check.outputs.shasum }} | |
steps: | |
- name: Login to DockerHub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_PASSWORD }} | |
- name: Create manifest for multi-arch images | |
run: | | |
# get artifacts from previous steps | |
IMAGE=${{ env.REPOSITORY }}:${{ env.TAG_SHASUM }} | |
echo $IMAGE | |
docker pull $IMAGE-amd64 | |
docker pull $IMAGE-arm64 | |
docker manifest create $IMAGE $IMAGE-amd64 $IMAGE-arm64 | |
docker manifest annotate $IMAGE $IMAGE-amd64 --arch amd64 | |
docker manifest annotate $IMAGE $IMAGE-arm64 --arch arm64 | |
docker manifest push $IMAGE | |