name: Build and push docker images concurrency: group: docker-build-${{ github.event_name }}-${{ github.ref }} cancel-in-progress: true on: workflow_call: inputs: profile: required: true type: string latest: required: true type: string publish: required: true type: boolean otp_vsn: required: true type: string elixir_vsn: required: true type: string builder_vsn: required: true type: string secrets: DOCKER_HUB_USER: required: true DOCKER_HUB_TOKEN: required: true AWS_ACCESS_KEY_ID: required: true AWS_SECRET_ACCESS_KEY: required: true workflow_dispatch: inputs: ref: required: false profile: required: false type: string default: 'emqx' latest: required: false type: boolean default: false publish: required: false type: boolean default: false otp_vsn: required: false type: string default: '26.2.5-2' elixir_vsn: required: false type: string default: '1.15.7' builder_vsn: required: false type: string default: '5.3-8' permissions: contents: read jobs: build: runs-on: ${{ github.repository_owner == 'emqx' && fromJSON(format('["self-hosted","ephemeral","linux","{0}"]', matrix.arch)) || 'ubuntu-22.04' }} container: "ghcr.io/emqx/emqx-builder/${{ inputs.builder_vsn }}:${{ inputs.elixir_vsn }}-${{ inputs.otp_vsn }}-debian12" outputs: PKG_VSN: ${{ steps.build.outputs.PKG_VSN }} strategy: fail-fast: false matrix: profile: - ${{ inputs.profile }} - ${{ inputs.profile }}-elixir arch: - x64 - arm64 steps: - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: ref: ${{ github.event.inputs.ref }} - run: git config --global --add safe.directory "$PWD" - name: build release tarball id: build run: | make ${{ matrix.profile }}-tgz - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: "${{ matrix.profile }}-${{ matrix.arch }}.tar.gz" path: "_packages/emqx*/emqx-*.tar.gz" retention-days: 7 overwrite: true if-no-files-found: error docker: runs-on: ${{ endsWith(github.repository, '/emqx') && 'ubuntu-22.04' || fromJSON('["self-hosted","ephemeral","linux","x64"]') }} needs: - build defaults: run: shell: bash strategy: fail-fast: false matrix: profile: - ["${{ inputs.profile }}", "${{ inputs.profile == 'emqx' && 'docker.io,public.ecr.aws' || 'docker.io' }}"] - ["${{ inputs.profile }}-elixir", "${{ inputs.profile == 'emqx' && 'docker.io,public.ecr.aws' || 'docker.io' }}"] steps: - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: ref: ${{ github.event.inputs.ref }} - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: pattern: "${{ matrix.profile[0] }}-*.tar.gz" path: _packages merge-multiple: true - name: Move artifacts to root directory env: PROFILE: ${{ inputs.profile }} run: | ls -lR _packages/$PROFILE mv _packages/$PROFILE/*.tar.gz ./ - name: Enable containerd image store on Docker Engine run: | echo "$(jq '. += {"features": {"containerd-snapshotter": true}}' /etc/docker/daemon.json)" > daemon.json sudo mv daemon.json /etc/docker/daemon.json sudo systemctl restart docker - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - name: Login to hub.docker.com uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 if: inputs.publish && contains(matrix.profile[1], 'docker.io') with: username: ${{ secrets.DOCKER_HUB_USER }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Login to AWS ECR uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 if: inputs.publish && contains(matrix.profile[1], 'public.ecr.aws') with: registry: public.ecr.aws username: ${{ secrets.AWS_ACCESS_KEY_ID }} password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ecr: true - name: Build docker image for smoke test env: PROFILE: ${{ matrix.profile[0] }} DOCKER_REGISTRY: ${{ matrix.profile[1] }} DOCKER_ORG: ${{ github.repository_owner }} DOCKER_LATEST: ${{ inputs.latest }} DOCKER_PUSH: false DOCKER_BUILD_NOCACHE: true DOCKER_PLATFORMS: linux/amd64 DOCKER_LOAD: true EMQX_RUNNER: 'public.ecr.aws/debian/debian:stable-20240612-slim' EMQX_DOCKERFILE: 'deploy/docker/Dockerfile' PKG_VSN: ${{ needs.build.outputs.PKG_VSN }} EMQX_BUILDER_VERSION: ${{ inputs.builder_vsn }} OTP_VSN: ${{ inputs.otp_vsn }} ELIXIR_VSN: ${{ inputs.elixir_vsn }} EMQX_SOURCE_TYPE: tgz run: | ./build ${PROFILE} docker echo "Built tags:" echo "===========" cat .emqx_docker_image_tags echo "===========" echo "_EMQX_DOCKER_IMAGE_TAG=$(head -n 1 .emqx_docker_image_tags)" >> $GITHUB_ENV - name: smoke test timeout-minutes: 1 run: | for tag in $(cat .emqx_docker_image_tags); do CID=$(docker run -d -p 18083:18083 $tag) HTTP_PORT=$(docker inspect --format='{{(index (index .NetworkSettings.Ports "18083/tcp") 0).HostPort}}' $CID) ./scripts/test/emqx-smoke-test.sh localhost $HTTP_PORT docker rm -f $CID done - name: dashboard tests working-directory: ./scripts/ui-tests timeout-minutes: 5 run: | set -eu docker compose up --abort-on-container-exit --exit-code-from selenium docker compose rm -fsv - name: test node_dump run: | CID=$(docker run -d -P $_EMQX_DOCKER_IMAGE_TAG) docker exec -t -u root -w /root $CID bash -c 'apt-get -y update && apt-get -y install net-tools' docker exec -t -u root $CID node_dump docker rm -f $CID - name: Build and push docker image if: inputs.publish || github.repository_owner != 'emqx' env: PROFILE: ${{ matrix.profile[0] }} DOCKER_REGISTRY: ${{ matrix.profile[1] }} DOCKER_ORG: ${{ github.repository_owner }} DOCKER_LATEST: ${{ inputs.latest }} DOCKER_PUSH: true DOCKER_BUILD_NOCACHE: false DOCKER_PLATFORMS: linux/amd64,linux/arm64 DOCKER_LOAD: false EMQX_RUNNER: 'public.ecr.aws/debian/debian:stable-20240612-slim' EMQX_DOCKERFILE: 'deploy/docker/Dockerfile' PKG_VSN: ${{ needs.build.outputs.PKG_VSN }} EMQX_BUILDER_VERSION: ${{ inputs.builder_vsn }} OTP_VSN: ${{ inputs.otp_vsn }} ELIXIR_VSN: ${{ inputs.elixir_vsn }} EMQX_SOURCE_TYPE: tgz run: | ./build ${PROFILE} docker