name: Build and push docker images concurrency: group: docker-build-${{ github.event_name }}-${{ github.ref }} cancel-in-progress: true on: workflow_call: inputs: profile: required: true type: string latest: required: true type: string publish: required: true type: boolean build_from: required: true type: string run_from: required: true type: string secrets: DOCKER_HUB_USER: required: true DOCKER_HUB_TOKEN: required: true AWS_ACCESS_KEY_ID: required: true AWS_SECRET_ACCESS_KEY: required: true workflow_dispatch: inputs: ref: required: false profile: required: false type: string default: 'emqx' latest: required: false type: boolean default: false publish: required: false type: boolean default: false build_from: required: false type: string default: ghcr.io/emqx/emqx-builder/5.3-9:1.15.7-26.2.5-3-debian12 run_from: default: public.ecr.aws/debian/debian:stable-20240612-slim permissions: contents: read jobs: build: runs-on: ${{ github.repository_owner == 'emqx' && fromJSON(format('["self-hosted","ephemeral","linux","{0}"]', matrix.arch)) || 'ubuntu-22.04' }} container: ${{ inputs.build_from }} outputs: PKG_VSN: ${{ steps.build.outputs.PKG_VSN }} strategy: fail-fast: false matrix: profile: - ${{ inputs.profile }} - ${{ inputs.profile }}-elixir arch: - x64 - arm64 steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: ref: ${{ github.event.inputs.ref }} - run: git config --global --add safe.directory "$PWD" - name: build release tarball id: build run: | make ${{ matrix.profile }}-tgz - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 with: name: "${{ matrix.profile }}-${{ matrix.arch }}.tar.gz" path: "_packages/emqx*/emqx-*.tar.gz" retention-days: 7 overwrite: true if-no-files-found: error docker: runs-on: ${{ endsWith(github.repository, '/emqx') && 'ubuntu-22.04' || fromJSON('["self-hosted","ephemeral","linux","x64"]') }} needs: - build defaults: run: shell: bash strategy: fail-fast: false matrix: profile: - ["${{ inputs.profile }}", "${{ inputs.profile == 'emqx' && 'docker.io,public.ecr.aws' || 'docker.io' }}"] - ["${{ inputs.profile }}-elixir", "${{ inputs.profile == 'emqx' && 'docker.io,public.ecr.aws' || 'docker.io' }}"] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: ref: ${{ github.event.inputs.ref }} - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: pattern: "${{ matrix.profile[0] }}-*.tar.gz" path: _packages merge-multiple: true - name: Move artifacts to root directory env: PROFILE: ${{ inputs.profile }} run: | ls -lR _packages/$PROFILE mv _packages/$PROFILE/*.tar.gz ./ - name: Enable containerd image store on Docker Engine run: | echo "$(sudo cat /etc/docker/daemon.json | jq '. += {"features": {"containerd-snapshotter": true}}')" > daemon.json sudo mv daemon.json /etc/docker/daemon.json sudo systemctl restart docker - uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 - name: Login to hub.docker.com uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 if: inputs.publish && contains(matrix.profile[1], 'docker.io') with: username: ${{ secrets.DOCKER_HUB_USER }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Login to AWS ECR uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 if: inputs.publish && contains(matrix.profile[1], 'public.ecr.aws') with: registry: public.ecr.aws username: ${{ secrets.AWS_ACCESS_KEY_ID }} password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} ecr: true - name: Build docker image for smoke test env: PROFILE: ${{ matrix.profile[0] }} DOCKER_REGISTRY: ${{ matrix.profile[1] }} DOCKER_ORG: ${{ github.repository_owner }} DOCKER_LATEST: ${{ inputs.latest }} DOCKER_PUSH: false DOCKER_BUILD_NOCACHE: true BUILD_FROM: ${{ inputs.build_from }} RUN_FROM: ${{ inputs.run_from }} PKG_VSN: ${{ needs.build.outputs.PKG_VSN }} EMQX_SOURCE_TYPE: tgz run: | ./build ${PROFILE} docker echo "Built tags:" echo "===========" cat .emqx_docker_image_tags echo "===========" echo "_EMQX_DOCKER_IMAGE_TAG=$(head -n 1 .emqx_docker_image_tags)" >> $GITHUB_ENV - name: smoke test timeout-minutes: 1 run: | for tag in $(cat .emqx_docker_image_tags); do CID=$(docker run -d -p 18083:18083 $tag) HTTP_PORT=$(docker inspect --format='{{(index (index .NetworkSettings.Ports "18083/tcp") 0).HostPort}}' $CID) ./scripts/test/emqx-smoke-test.sh localhost $HTTP_PORT docker rm -f $CID done - name: dashboard tests working-directory: ./scripts/ui-tests timeout-minutes: 5 run: | set -eu docker compose up --abort-on-container-exit --exit-code-from selenium docker compose rm -fsv - name: test node_dump run: | CID=$(docker run -d -P $_EMQX_DOCKER_IMAGE_TAG) docker exec -t -u root -w /root $CID bash -c 'apt-get -y update && apt-get -y install net-tools' docker exec -t -u root $CID node_dump docker rm -f $CID - name: Build and push docker image if: inputs.publish || github.repository_owner != 'emqx' env: PROFILE: ${{ matrix.profile[0] }} DOCKER_REGISTRY: ${{ matrix.profile[1] }} DOCKER_ORG: ${{ github.repository_owner }} DOCKER_LATEST: ${{ inputs.latest }} DOCKER_PUSH: true DOCKER_BUILD_NOCACHE: false DOCKER_PLATFORMS: linux/amd64,linux/arm64 DOCKER_LOAD: false BUILD_FROM: ${{ inputs.build_from }} RUN_FROM: ${{ inputs.run_from }} PKG_VSN: ${{ needs.build.outputs.PKG_VSN }} EMQX_SOURCE_TYPE: tgz run: | ./build ${PROFILE} docker