Skip to content
This repository has been archived by the owner on Sep 21, 2024. It is now read-only.
Container images

Add support for sentry tracing in noosphere-core tracing #475

Sign in to view logs

Add support for sentry tracing in noosphere-core tracing

Add support for sentry tracing in noosphere-core tracing #475

Workflow file for this run

.github/workflows/container_images.yaml at e736bf2
on:
pull_request:
push:
branches:
- main
workflow_call:
inputs:
image-tag:
type: string
workflow_dispatch:
inputs:
image-tag:
type: string
name: 'Container images'
jobs:
determine-image-tags:
name: 'Determine image tags'
outputs:
tags: ${{ steps.determine-image-tags.outputs.tags }}
concurrency: ${{ steps.determine-image-tags.outputs.concurrency }}
runs-on: ubuntu-latest
steps:
- id: determine-image-tags
env:
EVENT_NAME: ${{ github.event_name }}
PR_NUMBER: ${{ github.event.number }}
CUSTOM_TAG: ${{ inputs.image-tag }}
run: |
concurrency="docker-build"
tags=()
if [[ "$EVENT_NAME" == "pull_request" ]]; then
tags+=("pr-$PR_NUMBER")
concurrency="$concurrency-pr-$PR_NUMBER"
fi
if [[ "$EVENT_NAME" == "push" ]]; then
tags+=("latest")
concurrency="$concurrency-latest"
fi
if [[ "$CUSTOM_TAG" != "" ]]; then
tags+=("$CUSTOM_TAG")
concurrency="$concurrency-$CUSTOM_TAG"
fi
concurrency="$concurrency-$GITHUB_SHA"
tags+=("${GITHUB_SHA:0:6}")
tags_out=""
for tag in "${tags[@]}"; do
if [ -z "$tags_out" ]; then
tags_out="\"$tag\""
else
tags_out="$tags_out,\"$tag\""
fi
done
echo "TAGS: $tags_out"
echo "CONCURRENCY: $concurrency"
echo "tags=[$tags_out]" >> $GITHUB_OUTPUT
echo "concurrency=\"$concurrency\"" >> $GITHUB_OUTPUT
build-and-push:
name: 'Build and push'
runs-on: ubuntu-latest
needs: ['determine-image-tags']
# It would be ideal to run container build jobs sequentially, but the
# current behavior of Github Workflow "concurrency" prevents this from
# being viable because it cancels any pending jobs instead of queuing
# them. An outstanding feature request to fix this can be found here:
# https://github.com/orgs/community/discussions/5435
#
# Ultimately this is a build speed optimization for us, so not a deal
# breaker to comment out for now.
#
# concurrency:
# group: ${{ needs.determine-image-tags.outputs.concurrency }}
# cancel-in-progress: false
permissions:
contents: 'read'
id-token: 'write'
strategy:
matrix:
image:
- name: 'orb'
file: 'images/orb/Dockerfile'
- name: 'orb-ns'
file: 'images/orb-ns/Dockerfile'
tag: ${{ fromJSON(needs.determine-image-tags.outputs.tags) }}
steps:
- uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- id: 'authenticate'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@v1'
with:
token_format: 'access_token'
workload_identity_provider: 'projects/${{ secrets.GCP_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/build-pipeline/providers/build-pipeline-provider'
service_account: 'build-pipeline@${{ secrets.GCP_PROJECT_ID }}.iam.gserviceaccount.com'
- name: 'Set up Google Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v1'
with:
version: '>= 413.0.0'
- name: 'Set up Google Cloud Docker auth helper'
run: gcloud auth configure-docker us-central1-docker.pkg.dev
- name: 'Log Docker in to Google Artifact Registry'
uses: 'docker/[email protected]'
with:
registry: 'us-central1-docker.pkg.dev'
username: 'oauth2accesstoken'
password: '${{ steps.authenticate.outputs.access_token }}'
- name: Build and push container images
uses: docker/build-push-action@v4
with:
file: ${{ matrix.image.file }}
context: .
cache-from: type=gha
cache-to: type=gha,mode=max
push: true
tags: 'us-central1-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/subconscious/${{ matrix.image.name }}:${{matrix.tag}}'