Skip to content

Commit

Permalink
new(ci): push docker images to ghcr.
Browse files Browse the repository at this point in the history
Signed-off-by: Federico Di Pierro <[email protected]>
  • Loading branch information
FedeDP committed Dec 6, 2023
1 parent 1aa4263 commit dfad3b1
Show file tree
Hide file tree
Showing 3 changed files with 85 additions and 17 deletions.
48 changes: 48 additions & 0 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
name: Build and Push docker images
on:
pull_request:
branches:
- main
paths:
- 'images/**'
push:
branches:
- main
paths:
- 'images/**'

concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true

jobs:
push-images:
strategy:
fail-fast: false
matrix:
architecture: [amd64, arm64]
runs-on: ${{ (matrix.arch == 'arm64' && 'actuated-arm64-8cpu-16gb') || 'ubuntu-22.04' }}
steps:
- name: Checkout repo
uses: actions/checkout@v3

- name: Login to Github Packages
if: ${{ github.event_name == 'push' }}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Sets PUSH env var for main push
if: ${{ github.event_name == 'push' }}
run: |
echo "PUSH=true" >> $GITHUB_ENV
- name: Build images
working-directory: ./images
run: |
make build-all
45 changes: 32 additions & 13 deletions images/Makefile
Original file line number Diff line number Diff line change
@@ -1,16 +1,21 @@
DRY_RUN := false
REPOSITORY := falcosecurity/kernel-testing
PUSH := false
REPOSITORY := ghcr.io/falcosecurity/kernel-testing
ARCH ?= $(shell uname -m)
YAML_FILE := images.yaml

.PHONY: build-rootfs build-kernel docker-push generate-yaml build-all initrd-builder modernprobe-builder builder
.PHONY: build-rootfs build-kernel generate-yaml build-all initrd-builder modernprobe-builder builder

builder:
if [ "$(DRY_RUN)" = "true" ]; then \
echo "Dry run: Building builder image: docker build -t $(REPOSITORY)/builder:0.0.1-$(ARCH) builder"; \
else \
echo "Building modernprobe-builder image"; \
docker build -t $(REPOSITORY)/builder:0.0.1-$(ARCH) builder; \
if [ "$(PUSH)" = "true" ]; then \
echo "Pushing image: $(REPOSITORY)/builder:0.0.1-$(ARCH)"; \
docker push $(REPOSITORY)/builder:0.0.1-$(ARCH); \
fi; \
fi

modernprobe-builder:
Expand All @@ -19,6 +24,10 @@ modernprobe-builder:
else \
echo "Building modernprobe-builder image"; \
docker build -t $(REPOSITORY)/modernprobe-builder:0.0.1-$(ARCH) modernprobe-builder; \
if [ "$(PUSH)" = "true" ]; then \
echo "Pushing image: $(REPOSITORY)/modernprobe-builder:0.0.1-$(ARCH)"; \
docker push $(REPOSITORY)/modernprobe-builder:0.0.1-$(ARCH); \
fi; \
fi

initrd-builder:
Expand All @@ -39,6 +48,12 @@ build-rootfs:
else \
echo "Building rootfs image: $$image"; \
docker build -t $$image $$rootfs_dir; \
if [ "$(PUSH)" = "true" ]; then \
echo "Pushing image: $$image"; \
docker push $$image; \
fi; \
docker image rm -f $$image; \
docker builder prune -f -a; \
fi; \
done

Expand All @@ -52,16 +67,12 @@ build-kernel: initrd-builder
else \
echo "Building kernel image: $$image"; \
docker build -t $$image -f $$kernel_dir/Dockerfile.kernel $$kernel_dir; \
fi; \
done

docker-push:
@for image in $$(docker images --format "{{.Repository}}:{{.Tag}}" | grep "$(REPOSITORY)" | grep "$(ARCH)"); do \
if [ "$(DRY_RUN)" = "true" ]; then \
echo "Dry run: Pushing image: docker push $$image"; \
else \
echo "Pushing image: $$image"; \
docker push $$image; \
if [ "$(PUSH)" = "true" ]; then \
echo "Pushing image: $$image"; \
docker push $$image; \
fi; \
docker image rm -f $$image; \
docker builder prune -f -a; \
fi; \
done

Expand All @@ -79,6 +90,10 @@ docker-push:
else \
echo "Building rootfs image: $$rootfs_image"; \
docker build -t $$rootfs_image $$rootfs_dir; \
if [ "$(PUSH)" = "true" ]; then \
echo "Pushing image: $$rootfs_image"; \
docker push $$rootfs_image; \
fi; \
fi; \
fi; \
if [ -n "$$kernel_dir" ]; then \
Expand All @@ -87,6 +102,10 @@ docker-push:
else \
echo "Building kernel image: $$kernel_image"; \
docker build -t $$kernel_image -f $$kernel_dir/Dockerfile.kernel $$kernel_dir; \
if [ "$(PUSH)" = "true" ]; then \
echo "Pushing image: $$kernel_image"; \
docker push $$kernel_image; \
fi; \
fi; \
fi;

Expand All @@ -102,4 +121,4 @@ generate-yaml:
fi; \
done

build-all: build-rootfs build-kernel
build-all: build-kernel build-rootfs
9 changes: 5 additions & 4 deletions images/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,10 @@

Makefile present in this directory is specifically designed to generate the static Docker images required by Ignite to run tests on different Linux distributions. The workflow provided by this Makefile is designed to be straightforward, consisting of three main commands:

1. `build-all`: This target builds all the necessary Docker images for the different versions and distributions required for testing with Firecracker.
1. `build-all`: This target builds all the necessary Docker images for the different versions and distributions required for testing with Firecracker.
Optionally, you can set `PUSH=true` env variable to push the resulting Docker images to a Docker Hub registry for easier distribution and access.

2. `docker-push`: Optionally, you can use this target to push the resulting Docker images to a Docker Hub registry for easier distribution and access.

3. `generate-yaml`: This target allows you to generate a YAML file (`images.yaml`) containing the matrix of new image information. The generated YAML file can be conveniently copied to the variables file of Ansible to keep the test environment up to date.
2. `generate-yaml`: This target allows you to generate a YAML file (`images.yaml`) containing the matrix of new image information. The generated YAML file can be conveniently copied to the variables file of Ansible to keep the test environment up to date.

## Prerequisites

Expand Down Expand Up @@ -73,6 +72,8 @@ You can customize the Makefile to suit your specific requirements. The variables

- `DRY_RUN`: Set this variable to `true` for a dry run, where the build commands will be printed but not executed.

- `PUSH`: Set this variable to `true` when executing build to also push built image to remote registry.

- `REPOSITORY`: The Docker repository where the built images will be tagged and pushed.

- `ARCH`: The architecture for which the images will be built. By default, it will use the output of `uname -p`.
Expand Down

0 comments on commit dfad3b1

Please sign in to comment.