Skip to content

Commit

Permalink
Use mirror.gcr.io as buildx pull-through cache
Browse files Browse the repository at this point in the history 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
  • Loading branch information
@brandond
brandond committed Jul 17, 2024
1 parent 1ba1b52 commit f10de29
Show file tree
Hide file tree
Showing 10 changed files with 163 additions and 57 deletions.
31 changes: 25 additions & 6 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,17 @@ jobs:
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up buildx
uses: docker/setup-buildx-action@v3
id: buildx
with:
driver: docker-container
buildkitd-config-inline: |
[registry."docker.io"]
mirrors = ["mirror.gcr.io"]
- name: Install Dapper
run: |
curl -sL https://releases.rancher.com/dapper/latest/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
curl -sL https://github.com/brandond/dapper/releases/download/v0.7.0-bd4/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
chmod +x /usr/local/bin/dapper
- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
Expand All @@ -31,21 +39,32 @@ jobs:
secret/data/github/repo/${{ github.repository }}/aws-secret-access-key/credentials token | AWS_SECRET_ACCESS_KEY ;
- name: Build
run: |
dapper -f Dockerfile --target dapper make dapper-ci
dapper -f Dockerfile --bake -target dapper make dapper-ci
env:
AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
- name: Test
run: |
dapper -f Dockerfile --target dapper make test
dapper -f Dockerfile --bake -target dapper make test
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
build-arm64:
runs-on: runs-on,runner=8cpu-linux-arm64,run-id=${{ github.run_id }},image=ubuntu22-full-arm64,hdd=64
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up buildx
uses: docker/setup-buildx-action@v3
id: buildx
with:
driver: docker-container
buildkitd-config-inline: |
[registry."docker.io"]
mirrors = ["mirror.gcr.io"]
- name: Install Dapper
run: |
curl -sL https://releases.rancher.com/dapper/latest/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
curl -sL https://github.com/brandond/dapper/releases/download/v0.7.0-bd4/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
chmod +x /usr/local/bin/dapper
- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
Expand All @@ -55,8 +74,8 @@ jobs:
secret/data/github/repo/${{ github.repository }}/aws-secret-access-key/credentials token | AWS_SECRET_ACCESS_KEY ;
- name: Build
run: |
dapper -f Dockerfile --target dapper make dapper-ci
dapper -f Dockerfile --bake -target dapper make dapper-ci
env:
AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }}

BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
33 changes: 27 additions & 6 deletions .github/workflows/pr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,26 +15,47 @@ jobs:
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up buildx
uses: docker/setup-buildx-action@v3
id: buildx
with:
driver: docker-container
buildkitd-config-inline: |
[registry."docker.io"]
mirrors = ["mirror.gcr.io"]
- name: Install Dapper
run: |
curl -sL https://releases.rancher.com/dapper/latest/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
curl -sL https://github.com/brandond/dapper/releases/download/v0.7.0-bd4/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
chmod +x /usr/local/bin/dapper
- name: Build
run: |
dapper -f Dockerfile --target dapper make dapper-ci
dapper -f Dockerfile --bake -target dapper make dapper-ci
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
- name: Test
run: |
dapper -f Dockerfile --target dapper make test
dapper -f Dockerfile --bake -target dapper make test
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
build-arm64:
runs-on: runs-on,runner=8cpu-linux-arm64,run-id=${{ github.run_id }},image=ubuntu22-full-arm64,hdd=64
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Set up buildx
uses: docker/setup-buildx-action@v3
id: buildx
with:
driver: docker-container
buildkitd-config-inline: |
[registry."docker.io"]
mirrors = ["mirror.gcr.io"]
- name: Install Dapper
run: |
curl -sL https://releases.rancher.com/dapper/latest/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
curl -sL https://github.com/brandond/dapper/releases/download/v0.7.0-bd4/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
chmod +x /usr/local/bin/dapper
- name: Build
run: |
dapper -f Dockerfile --target dapper make dapper-ci
dapper -f Dockerfile --bake -target dapper make dapper-ci
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
90 changes: 73 additions & 17 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,16 +25,29 @@ jobs:

- name: Install Dapper
run: |
curl -sL https://releases.rancher.com/dapper/latest/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
curl -sL https://github.com/brandond/dapper/releases/download/v0.7.0-bd4/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
chmod +x /usr/local/bin/dapper
- name: Set up buildx
uses: docker/setup-buildx-action@v3
id: buildx
with:
driver: docker-container
buildkitd-config-inline: |
[registry."docker.io"]
mirrors = ["mirror.gcr.io"]
- name: Validate Release
run: |
dapper -f Dockerfile --target dapper make validate-release
dapper -f Dockerfile --bake -target dapper make validate-release
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}

- name: Build
run: |
dapper -f Dockerfile --target dapper make dapper-ci
dapper -f Dockerfile --bake -target dapper make dapper-ci
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}

- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
Expand All @@ -45,27 +58,38 @@ jobs:
- name: Package Images
run: |
dapper -f Dockerfile --target dapper make package-images
dapper -f Dockerfile --bake -target dapper make package-images
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}

- name: Scan Images
continue-on-error: true
run: |
dapper -f Dockerfile --target dapper make scan-images
dapper -f Dockerfile --bake -target dapper make scan-images
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}

- name: Test
run: |
dapper -f Dockerfile --target dapper make test
dapper -f Dockerfile --bake -target dapper make test
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}

- name: Publish Image Runtime
run: |
GITHUB_ACTION_TAG=${{ github.ref_name }} dapper -f Dockerfile --target dapper make publish-image-runtime
dapper -f Dockerfile --bake -target dapper make publish-image-runtime
env:
DOCKER_USERNAME: ${{ env.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ env.DOCKER_PASSWORD }}
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
GITHUB_ACTION_TAG: ${{ github.ref_name }}

- name: Checksum Artifacts
run: |
GITHUB_ACTION_TAG=${{ github.ref_name }} dapper -f Dockerfile --target dapper make checksum
dapper -f Dockerfile --bake -target dapper make checksum
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
GITHUB_ACTION_TAG: ${{ github.ref_name }}

- name: Publish Artifacts
run: |
Expand All @@ -76,18 +100,31 @@ jobs:
- name: Checkout code
uses: actions/checkout@v4

- name: Set up buildx
uses: docker/setup-buildx-action@v3
id: buildx
with:
driver: docker-container
buildkitd-config-inline: |
[registry."docker.io"]
mirrors = ["mirror.gcr.io"]
- name: Install Dapper
run: |
curl -sL https://releases.rancher.com/dapper/latest/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
curl -sL https://github.com/brandond/dapper/releases/download/v0.7.0-bd4/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
chmod +x /usr/local/bin/dapper
- name: Validate Release
run: |
dapper -f Dockerfile --target dapper make validate-release
dapper -f Dockerfile --bake -target dapper make validate-release
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}

- name: Build
run: |
dapper -f Dockerfile --target dapper make dapper-ci
dapper -f Dockerfile --bake -target dapper make dapper-ci
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}

- name: "Read secrets"
uses: rancher-eio/read-vault-secrets@main
Expand All @@ -98,23 +135,32 @@ jobs:
- name: Package Images
run: |
dapper -f Dockerfile --target dapper make package-images
dapper -f Dockerfile --bake -target dapper make package-images
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}

- name: Scan Images
continue-on-error: true
run: |
dapper -f Dockerfile --target dapper make scan-images
dapper -f Dockerfile --bake -target dapper make scan-images
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}

- name: Publish Image Runtime
run: |
GITHUB_ACTION_TAG=${{ github.ref_name }} dapper -f Dockerfile --target dapper make publish-image-runtime
dapper -f Dockerfile --bake -target dapper make publish-image-runtime
env:
DOCKER_USERNAME: ${{ env.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ env.DOCKER_PASSWORD }}
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
GITHUB_ACTION_TAG: ${{ github.ref_name }}

- name: Checksum
run: |
GITHUB_ACTION_TAG=${{ github.ref_name }} dapper -f Dockerfile --target dapper make checksum
dapper -f Dockerfile --bake -target dapper make checksum
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
GITHUB_ACTION_TAG: ${{ github.ref_name }}

- name: Publish Artifacts
run: |
Expand All @@ -126,9 +172,18 @@ jobs:
- name: Checkout code
uses: actions/checkout@v4

- name: Set up buildx
uses: docker/setup-buildx-action@v3
id: buildx
with:
driver: docker-container
buildkitd-config-inline: |
[registry."docker.io"]
mirrors = ["mirror.gcr.io"]
- name: Install Dapper
run: |
curl -sL https://releases.rancher.com/dapper/latest/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
curl -sL https://github.com/brandond/dapper/releases/download/v0.7.0-bd4/dapper-$(uname -s)-$(uname -m) > /usr/local/bin/dapper
chmod +x /usr/local/bin/dapper
- name: "Read secrets"
Expand All @@ -139,8 +194,9 @@ jobs:
- name: Dispatch
run: |
dapper -f Dockerfile --target dapper make dispatch
dapper -f Dockerfile --bake -target dapper make dispatch
env:
PAT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PATH_USERNAME: ${{ env.PAT_USERNAME }}
GITHUB_ACTION_TAG: ${{ env.GITHUB_ACTION_TAG }}
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
18 changes: 14 additions & 4 deletions .github/workflows/test-suite.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,14 @@ jobs:
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
id: buildx
with:
driver: docker-container
buildkitd-config-inline: |
[registry."docker.io"]
mirrors = ["mirror.gcr.io"]
- name: Find Go Version for Build
id: go-finder
run: |
Expand All @@ -39,20 +47,22 @@ jobs:
uses: ./.github/actions/setup-go
with:
go-version: ${{ steps.go-finder.outputs.VERSION_GOLANG }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Install OS Packages
run: sudo apt-get install -y libarchive-tools g++-mingw-w64-x86-64 gcc-mingw-w64-x86-64
# Can only upload from a single path, so we need to copy the binary to the image directory
# Additionally, we have a rke2-runtime.tar and a rke2-images.linux-amd64.tar.zst which are the same thing
# just compressed. We remove the rke2-runtime.tar as its not used by the install script.
- name: Build RKE2 Binary and Compressed Runtime Image
run: |
GOCOVER=true make package-bundle
make package-bundle
make package-image-runtime
cp ./bin/rke2 ./build/images/rke2
cp ./dist/artifacts/rke2.*-amd64.tar.gz ./build/images/
rm ./build/images/rke2-runtime.tar
env:
BUILDX_BUILDER: ${{ steps.buildx.outputs.name }}
GOCOVER: "true"

- name: Upload RKE2 Binary and Runtime Image
uses: actions/upload-artifact@v4
with:
Expand Down Expand Up @@ -175,4 +185,4 @@ jobs:
with:
## If no one connects after 5 minutes, shut down server.
wait-timeout-minutes: 5
limit-access-to-actor: true
limit-access-to-actor: true
Loading

0 comments on commit f10de29

Please sign in to comment.