-
Notifications
You must be signed in to change notification settings - Fork 5
201 lines (172 loc) · 5.9 KB
/
docker-build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
name: CI and Docker Deploy
on:
push:
branches: [ 'main', 'dev', 'staging' ]
tags: [ 'v*.*.*' ]
pull_request:
branches: [ 'main', 'dev', 'staging' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
# github.repository as <account>/<repo>
IMAGE_NAME: mnestix-browser
# Update the version manually
IMAGE_TAG_VERSION: 1.3.3
jobs:
build-browser-image:
name: Build browser image
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build image
id: build
uses: docker/build-push-action@v6
with:
platforms: linux/amd64
context: "."
cache-to: type=gha,scope=amd64,mode=max
cache-from: type=gha,scope=amd64
target: production
push: false
tags: mnestix/mnestix-browser:latest
load: true
- name: Save mnestix-browser image
run: docker save mnestix/mnestix-browser:latest -o mnestix-browser.tar
- name: Upload mnestix-browser artifact
uses: actions/upload-artifact@v4
with:
retention-days: 1
name: mnestix-browser
path: mnestix-browser.tar
e2e-tests:
name: e2e test matrix
runs-on: ubuntu-latest
needs: [ 'build-browser-image' ]
permissions:
contents: read
strategy:
fail-fast: false
matrix:
# add more containers to run more tests in parallel
containers: [ 1, 2, 3, 4 ]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download mnestix-browser artifact
uses: actions/download-artifact@v4
with:
name: mnestix-browser
# image too big to be reused
- name: Build test image
run: docker compose -f compose.yml -f docker-compose/compose.test.yml --profile tests build cypress-test
- name: Pull images
run: docker compose -f compose.yml -f docker-compose/compose.test.yml --profile tests pull
- name: Load mnestix-browser image
run: docker load -i mnestix-browser.tar
- name: Run e2e tests
id: test
timeout-minutes: 18
run: |
docker compose -f compose.yml -f docker-compose/compose.test.yml --profile tests up -d &&
docker compose -f compose.yml -f docker-compose/compose.test.yml attach cypress-test
env:
SPLIT: ${{ strategy.job-total }}
SPLIT_INDEX: ${{ strategy.job-index }}
TEST_ADMIN_USER_PASSWORD: ${{ secrets.TEST_ADMIN_USER_PASSWORD }}
TEST_USER_PASSWORD: ${{ secrets.TEST_USER_PASSWORD }}
- name: E2E test collect artifact
id: test_artifact
if: always()
uses: actions/upload-artifact@v4
with:
name: cypress-artifacts-${{ matrix.containers }}
path: cypress-artifacts/
unit-tests:
name: Unit Tests
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install dependencies
run: yarn install
- name: Run unit tests
id: test_units
run: npx jest
# Target for PR Merge Check
ci-success:
name: Successful build and tests
runs-on: ubuntu-latest
needs: [ 'unit-tests', 'e2e-tests' ]
steps:
- name: Success
run: echo "Success"
# It takes 22 minutes to build the arm64 image in amd64-QEMU so we build a cache on the arm64 runner
# Github Issues point to a yarn problem
# https://github.com/docker/build-push-action/issues/471
# https://github.com/nodejs/docker-node/issues/1335
build-arm-cache:
name: Build arm image cache
runs-on: ubuntu-24.04-arm
permissions:
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build
uses: docker/build-push-action@v6
with:
platforms: linux/arm64
context: "."
cache-to: type=gha,scope=arm64,mode=max
cache-from: type=gha,scope=arm64
target: production
push: false
push-image:
name: Push image to registry
needs: [ 'ci-success', 'build-arm-cache' ]
runs-on: ubuntu-latest
if: github.event_name != 'pull_request' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/staging' || github.ref == 'refs/heads/dev')
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Extract branch name
id: extract_branch
run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
- name: Build and push docker images
id: push-prod
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
context: "."
cache-from: |
type=gha,scope=amd64
type=gha,scope=arm64
target: production
push: true
tags: |
${{ github.ref == 'refs/heads/main' && format('mnestix/{0}:{1}', env.IMAGE_NAME, env.IMAGE_TAG_VERSION) || '' }}
${{ github.ref == 'refs/heads/main' && format('mnestix/{0}:latest', env.IMAGE_NAME) || '' }}
${{ github.ref != 'refs/heads/main' && format('mnestix/{0}:{1}', env.IMAGE_NAME, steps.extract_branch.outputs.branch) || '' }}