Skip to content
Publish OneDocker image

Publish OneDocker image #3367

Sign in to view logs

Publish OneDocker image

Publish OneDocker image #3367

Workflow file for this run

.github/workflows/docker-publish.yml at 9cfe4a7
name: Publish OneDocker image
on:
workflow_dispatch:
inputs:
new_tag:
description: "The new tag of the docker image"
required: false
type: string
default: latest-build
tracker_hash:
description: "[Internal usage] Used for tracking workflow job status within Meta infra"
required: false
type: string
env:
DISTRO: ubuntu
REGISTRY: ghcr.io
LOCAL_IMAGE_NAME: fbpcs/onedocker/test
RC_REGISTRY_IMAGE_NAME: ghcr.io/${{ github.repository }}/rc/onedocker
PROD_REGISTRY_IMAGE_NAME: ghcr.io/${{ github.repository }}/onedocker
PL_CONTAINER_NAME: e2e_pl_container
PA_CONTAINER_NAME: e2e_pa_container
TIME_RANGE: 24 hours
FBPCF_VERSION: 2.1.148 # Please also update line 8 in .github/workflows/build_fbpcs_images.yml
PID_VERSION: 0.0.9
jobs:
### Build and publish rc/onedocker image
build_image:
name: Build Onedocker, MPC Games and Data Processing Images
runs-on: [self-hosted, fbpcs-build]
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v3
- name: Print Tracker Hash
run: echo ${{ inputs.tracker_hash }}
- name: Remove unused images
run: |
docker image prune -af
- name: Build onedocker image in rc
run: |
./build-docker.sh onedocker -t ${{ inputs.new_tag }} -f -p linux/amd64 -v ${{ env.FBPCF_VERSION }} -i ${{ env.PID_VERSION }}
- name: Log into registry ${{ env.REGISTRY }}
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Tag docker image
run: |
docker tag ${{ env.LOCAL_IMAGE_NAME }}:${{ inputs.new_tag }} ${{ env.RC_REGISTRY_IMAGE_NAME }}:${{ github.sha }}
docker tag ${{ env.LOCAL_IMAGE_NAME }}:${{ inputs.new_tag }} ${{ env.RC_REGISTRY_IMAGE_NAME }}:${{ inputs.new_tag }}
# temporarily tagging with rc because the task definition
# (fbpcs-github-cicd:4 https://us-west-2.console.aws.amazon.com/ecs/home?region=us-west-2#/taskDefinitions/fbpcs-github-cicd/4)
# points at :rc instead of latest-build
docker tag ${{ env.LOCAL_IMAGE_NAME }}:${{ inputs.new_tag }} ${{ env.RC_REGISTRY_IMAGE_NAME }}:rc
- name: Push image to rc registry
run: |
docker push --all-tags ${{ env.RC_REGISTRY_IMAGE_NAME }}
e2e_test:
needs: build_image
uses: ./.github/workflows/local_e2e_test.yml
with:
onedocker_image_tag: ${{ inputs.new_tag }}
coordinator_image_tag: ${{ inputs.new_tag }}
tracker_hash: ${{ inputs.tracker_hash }}
secrets: inherit # pass all secrets
publish_onedocker_image:
name: Publish the OneDocker Image After Successful Tests
needs: e2e_test
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Print Tracker Hash
run: echo ${{ inputs.tracker_hash }}
- name: Pull image from rc registry
run: |
docker pull ${{ env.RC_REGISTRY_IMAGE_NAME }}:${{ github.sha }}
- name: Set output
id: vars
run: echo "ref=${GITHUB_REF##*/}" >> $GITHUB_OUTPUT
- name: Tag image
run: |
docker tag ${{ env.RC_REGISTRY_IMAGE_NAME }}:${{ github.sha }} ${{ env.PROD_REGISTRY_IMAGE_NAME }}:${{ github.sha }}
docker tag ${{ env.RC_REGISTRY_IMAGE_NAME }}:${{ github.sha }} ${{ env.PROD_REGISTRY_IMAGE_NAME }}:${{ inputs.new_tag }}
docker tag ${{ env.RC_REGISTRY_IMAGE_NAME }}:${{ github.sha }} ${{ env.PROD_REGISTRY_IMAGE_NAME }}:${{ steps.vars.outputs.ref }}
- name: Log into registry ${{ env.REGISTRY }}
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push docker image to prod registry
if: ${{ github.event_name != 'pull_request' }}
run: |
docker push --all-tags ${{ env.PROD_REGISTRY_IMAGE_NAME }}