attempt a different build strategy to share base image

nginxinc · Jan 10, 2024 · 9944209 · 9944209
1 parent 391f08d
commit 9944209
Showing 1 changed file with 58 additions and 154 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -27,7 +27,7 @@ on:
 
 
 jobs:
-  build-oss:
+  build:
     runs-on: ubuntu-latest
     services:
       registry:
@@ -36,7 +36,11 @@ jobs:
           - 5000:5000
       # Note that uploading the artifact won't work.  We will need to build and push it to a local registry.
       # See here https://docs.docker.com/build/ci/github-actions/named-contexts/#using-with-a-container-builder
-
+      # This person has my problem: https://stackoverflow.com/questions/75831482/how-to-use-a-local-docker-registry2-from-one-job-as-a-container-for-another-job
+      # The issue is that the docker container that is the registery does not persist between jobs.
+      # So I"d need to do something dumb like use the artifact upload and download to get to to the next
+      # step then do it there.
+      # Time to cut my losses and do it mostly in one run.
     if: github.ref != 'refs/heads/master'
     steps:
       - uses: actions/checkout@v4
@@ -47,175 +51,60 @@ jobs:
         with:
           # network=host driver-opt needed to push to local registry
           driver-opts: network=host
-      - name: Build and export
+      - name: Build and export oss image
         uses: docker/build-push-action@v5
         with:
           file: Dockerfile.oss
           context: .
-          tags: nginx-s3-gateway , nginx-s3-gateway:oss
+          tags: localhost:5000/nginx-s3-gateway , localhost:5000/nginx-s3-gateway:oss
           push: true
-
-  test-oss:
-    runs-on: ubuntu-latest
-    needs: build-oss
-    services:
-      registry:
-        image: registry:2
-        ports:
-          - 5000:5000
-
-    if: github.ref != 'refs/heads/master'
-    steps:
-      - uses: actions/checkout@v4
-      - name: Install dependencies
-        run: sudo apt-get update -qq && sudo apt-get install -y curl wait-for-it
-      - name: Restore cached binaries
-        id: cache-binaries-restore
-        uses: actions/cache/restore@v3
-        with:
-          path: .bin
-          key: ${{ runner.os }}-binaries
-      - name: Install MinIO Client
+      - name: save image for upload
         run: |
-          mkdir .bin || exit 0
-          cd .bin
-          curl --insecure --retry 6 --fail --location --output mc.RELEASE.2023-06-19T19-31-19Z "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z"
-          curl --insecure --retry 6 --fail --silent --location "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z.sha256sum" | sha256sum --check -
-          mv mc.RELEASE.2023-06-19T19-31-19Z mc
-          chmod +x mc
-      - name: Save cached binaries
-        id: cache-binaries-save
-        uses: actions/cache/save@v3
+          docker save localhost:5000/nginx-s3-gateway > oss.tar
+      - name: Upload artifact - oss
+        uses: actions/upload-artifact@v3
         with:
-          path: .bin
-          key: ${{ steps.cache-binaries-restore.outputs.cache-primary-key }}
-      - name: Load image
-        run: |
-          docker pull localhost:5000/nginx-s3-gateway:oss
-          docker tag nginx-s3-gateway:oss nginx-s3-gateway 
-      - name: Run tests - stable njs version
-        run: ./test.sh --type oss
-
-  build-latest-njs:
-    runs-on: ubuntu-latest
-    needs: test-oss
-    services:
-      registry:
-        image: registry:2
-        ports:
-          - 5000:5000
+          name: oss
+          path: /tmp/oss.tar
 
-    if: github.ref != 'refs/heads/master'
-    steps:
-      - uses: actions/checkout@v4
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-        with:
-          # network=host driver-opt needed to push to local registry
-          driver-opts: network=host
-      - name: Build and export
+      - name: Build and export latest-njs image
         uses: docker/build-push-action@v5
         with:
           file: Dockerfile.latest-njs
           context: .
-          tags: nginx-s3-gateway:latest-njs-oss
-          push: true
+          tags: localhost:5000/nginx-s3-gateway:latest-njs-oss
+          push: false
+          outputs: type=docker,dest=/tmp/latest-njs.tar
           build-contexts: |
             nginx-s3-gateway=docker-image://localhost:5000/nginx-s3-gateway:oss
-
-  test-latest-njs:
-    runs-on: ubuntu-latest
-    needs: build-latest-njs
-    services:
-      registry:
-        image: registry:2
-        ports:
-          - 5000:5000
-
-    if: github.ref != 'refs/heads/master'
-    steps:
-      - uses: actions/checkout@v4
-      - name: Install dependencies
-        run: sudo apt-get update -qq && sudo apt-get install -y curl wait-for-it
-      - name: Restore cached binaries
-        id: cache-binaries-restore
-        uses: actions/cache/restore@v3
-        with:
-          path: .bin
-          key: ${{ runner.os }}-binaries
-      - name: Install MinIO Client
-        run: |
-          mkdir .bin || exit 0
-          cd .bin
-          curl --insecure --retry 6 --fail --location --output mc.RELEASE.2023-06-19T19-31-19Z "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z"
-          curl --insecure --retry 6 --fail --silent --location "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z.sha256sum" | sha256sum --check -
-          mv mc.RELEASE.2023-06-19T19-31-19Z mc
-          chmod +x mc
-      - name: Save cached binaries
-        id: cache-binaries-save
-        uses: actions/cache/save@v3
+      - name: Upload artifact - latest-njs
+        uses: actions/upload-artifact@v3
         with:
-          path: .bin
-          key: ${{ steps.cache-binaries-restore.outputs.cache-primary-key }}
-      - name: Load image
-        run: |
-          docker pull localhost:5000/nginx-s3-gateway:latest-njs-oss
-          docker tag nginx-s3-gateway:latest-njs-oss nginx-s3-gateway         
-      - name: Run tests - latest njs version
-        run: ./test.sh --latest-njs --type oss
+          name: latest-njs
+          path: /tmp/latest-njs.tar
 
-  build-oss-unprivileged:
-    runs-on: ubuntu-latest
-    needs: test-oss
-    services:
-      registry:
-        image: registry:2
-        ports:
-          - 5000:5000
-
-    if: github.ref != 'refs/heads/master'
-    steps:
-      - uses: actions/checkout@v4
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-        with:
-          # network=host driver-opt needed to push to local registry
-          driver-opts: network=host
-      - name: Build and export
+      - name: Build and export - unprivileged
         uses: docker/build-push-action@v5
         with:
           file: Dockerfile.unprivileged
           context: .
-          tags: nginx-s3-gateway:unprivileged
-          push: true
+          tags: localhost:5000/nginx-s3-gateway:unprivileged
+          push: false
+          outputs: type=docker,dest=/tmp/unprivileged.tar
           build-contexts: |
             nginx-s3-gateway=docker-image://localhost:5000/nginx-s3-gateway:oss
-
-      # - name: Run tests - latest njs version
-      #   run: ./test.sh --latest-njs --type oss
-      # - name: Run tests - stable njs version
-      #   run: ./test.sh --type oss
-      # - name: Run tests - stable njs version - unprivileged process
-      #   run: ./test.sh --unprivileged --type oss
-      # - name: Run tests - latest njs version - unprivileged process
-      #   run: ./test.sh --latest-njs --unprivileged --type oss
-
-  test-oss-unprivileged:
+      - name: Upload artifact - unprivileged
+        uses: actions/upload-artifact@v3
+        with:
+          name: unprivileged
+          path: /tmp/unprivileged.tar
+  test:
     runs-on: ubuntu-latest
-    needs: build-oss-unprivileged
-    services:
-      registry:
-        image: registry:2
-        ports:
-          - 5000:5000
-
     if: github.ref != 'refs/heads/master'
     steps:
       - uses: actions/checkout@v4
+      ## Start tests.  Keep things here because we can't keep the registry between jobs
+      ## TODO: Try saving the artifact after all are built?  What happens to the other archs?
       - name: Install dependencies
         run: sudo apt-get update -qq && sudo apt-get install -y curl wait-for-it
       - name: Restore cached binaries
@@ -232,18 +121,33 @@ jobs:
           curl --insecure --retry 6 --fail --silent --location "https://dl.min.io/client/mc/release/linux-$(dpkg --print-architecture)/archive/mc.RELEASE.2023-06-19T19-31-19Z.sha256sum" | sha256sum --check -
           mv mc.RELEASE.2023-06-19T19-31-19Z mc
           chmod +x mc
-      - name: Save cached binaries
-        id: cache-binaries-save
-        uses: actions/cache/save@v3
+
+      ## OSS Test. No retagging needed
+      - name: Download artifact
+        uses: actions/download-artifact@v3
         with:
-          path: .bin
-          key: ${{ steps.cache-binaries-restore.outputs.cache-primary-key }}
+          name: oss
+          path: /tmp
       - name: Load image
         run: |
-          docker pull localhost:5000/nginx-s3-gateway:unprivileged
-          docker tag nginx-s3-gateway:unprivileged nginx-s3-gateway          
-      - name: Run tests - stable njs version - unprivileged process
-        run: ./test.sh --unprivileged --type oss
+          docker load --input /tmp/oss.tar
+      - name: Run tests - stable njs version
+        run: ./test.sh --type oss
+
+      # ## Latest NJS test. Requires that we retag the latest njs one as the primary for now
+      # - name: Load image latest-oss
+      #   run: |
+      #     docker pull localhost:5000/nginx-s3-gateway:latest-njs-oss
+      #     docker tag nginx-s3-gateway:latest-njs-oss nginx-s3-gateway         
+      # - name: Run tests - latest njs version
+      #   run: ./test.sh --latest-njs --type oss
+
+      # - name: Load image - unprivilegedp
+      #   run: |
+      #     docker pull localhost:5000/nginx-s3-gateway:unprivileged
+      #     docker tag nginx-s3-gateway:unprivileged nginx-s3-gateway          
+      # - name: Run tests - stable njs version - unprivileged process
+      #   run: ./test.sh --unprivileged --type oss
 
   # build_and_deploy:
   #   runs-on: ubuntu-latest