Skip to content

Commit

Permalink
feat(ci): Add building base docker image (matter-labs#2913)
Browse files Browse the repository at this point in the history 
## What ❔

Workflow to build base-image

## Why ❔

Added ability to push to ghcr.io

## Checklist

<!-- Check your PR fulfills the following items. -->
<!-- For draft PRs check the boxes as you complete them. -->

- [x] PR title corresponds to the body of PR (we generate changelog
entries from PRs).
- [ ] Tests for the changes have been added / updated.
- [ ] Documentation comments have been added / updated.
- [ ] Code has been formatted via `zk fmt` and `zk lint`.
  • Loading branch information
@artmakh
artmakh committed Sep 18, 2024
1 parent ba21c6e commit 5cb04ed
Showing 1 changed file with 159 additions and 0 deletions.
159 changes: 159 additions & 0 deletions .github/workflows/build-base.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,159 @@
name: Build base Docker image
on:
workflow_dispatch:
inputs:
repo_ref:
description: "git reference of the zksync-era to build"
required: true
default: main
jobs:
build-images:
name: Build and Push Docker Images
runs-on: ${{ fromJSON('["matterlabs-ci-runner-high-performance", "matterlabs-ci-runner-arm"]')[contains(matrix.arch, 'arm')] }}
outputs:
image_tag_sha: ${{ steps.get-sha.outputs.image_tag_sha }}
# Needed to push to Gihub Package Registry
permissions:
packages: write
contents: read
env:
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
REPO_REF: ${{ github.event.inputs.repo_ref }}
strategy:
matrix:
name: [ build-base ]
repository: [ zksync-build-base ]
arch: [ amd64, arm64 ]

steps:
- uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc # v4.1.7
with:
submodules: "recursive"

- name: Login to google container registry
run: |
gcloud auth configure-docker us-docker.pkg.dev -q
- name: Login to DockerHub
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Login to GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Get tag
id: get-sha
run: |
echo IMAGE_TAG_SHA=$(git rev-parse --short HEAD) >> $GITHUB_ENV
echo image_tag_sha=$(git rev-parse --short HEAD) >> $GITHUB_OUTPUT
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1

- name: Build and push
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
with:
push: true
context: .
file: docker/build-base/Dockerfile
labels: |
org.opencontainers.image.source=https://github.com/matter-labs/zksync-era
org.opencontainers.image.licenses="MIT OR Apache-2.0"
tags: |
matterlabs/zksync-build-base:${{ steps.get-sha.outputs.image_tag_sha }}-${{ matrix.arch }}
us-docker.pkg.dev/matterlabs-infra/matterlabs-docker/zksync-build-base:${{ steps.get-sha.outputs.image_tag_sha }}-${{ matrix.arch }}
ghcr.io/${{ github.repository_owner }}/zksync-build-base:${{ steps.get-sha.outputs.image_tag_sha }}-${{ matrix.arch }}
multiarch_manifest:
# Needed to push to Gihub Package Registry
permissions:
packages: write
contents: read
needs: [ build-images ]
env:
IMAGE_TAG_SUFFIX: ${{ needs.build-images.outputs.image_tag_sha }}
runs-on: [ matterlabs-ci-runner-high-performance ]
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1

- name: Login to google container registry
run: |
gcloud auth configure-docker us-docker.pkg.dev -q
- name: Login to DockerHub
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Login to GitHub Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Create and push multi-arch manifests for Dockerhub
shell: bash
run: |
images=("zksync-build-base")
archs=("amd64" "arm64")
for img in "${images[@]}"; do
multiarch_tag="matterlabs/zksync-build-base:latest"
individual_images=()
for arch in "${archs[@]}"; do
TAG="$IMAGE_TAG_SUFFIX"
docker pull matterlabs/zksync-build-base:${TAG}-${arch} --platform linux/${arch}
individual_images+=("matterlabs/zksync-build-base:${TAG}-${arch}")
done
docker buildx imagetools create --tag "${multiarch_tag}" "${individual_images[@]}"
done
- name: Create and push multi-arch manifests for GitHub Container Registry
shell: bash
run: |
images=("zksync-build-base")
archs=("amd64" "arm64")
for img in "${images[@]}"; do
multiarch_tag="ghcr.io/${{ github.repository_owner }}/zksync-build-base:latest"
individual_images=()
for arch in "${archs[@]}"; do
TAG="$IMAGE_TAG_SUFFIX"
docker pull ghcr.io/${{ github.repository_owner }}/zksync-build-base:${TAG}-${arch} --platform linux/${arch}
individual_images+=("ghcr.io/${{ github.repository_owner }}/zksync-build-base:${TAG}-${arch}")
done
docker buildx imagetools create --tag "${multiarch_tag}" "${individual_images[@]}"
done
- name: Create and push multi-arch manifests for Google Artifact Registry
shell: bash
run: |
images=("zksync-build-base")
archs=("amd64" "arm64")
for img in "${images[@]}"; do
multiarch_tag="us-docker.pkg.dev/matterlabs-infra/matterlabs-docker/zksync-build-base:latest"
individual_images=()
for arch in "${archs[@]}"; do
TAG="$IMAGE_TAG_SUFFIX"
us-docker.pkg.dev/matterlabs-infra/matterlabs-docker/zksync-build-base:${TAG}-${arch} --platform linux/${arch}
individual_images+=("us-docker.pkg.dev/matterlabs-infra/matterlabs-docker/zksync-build-base:${TAG}-${arch}")
done
docker buildx imagetools create --tag "${multiarch_tag}" "${individual_images[@]}"
done

0 comments on commit 5cb04ed

Please sign in to comment.