Merge pull request #50 from NethermindEth/feature/app-build

Tedlar · Tedlar · commit 338c4af38f0b · 2025-05-04T19:41:52.000+02:00
feat: added acctions: docker-build-and-push-image and jfrog-build-pub…
diff --git a/.github/actions/docker-build-and-push/action.yaml b/.github/actions/docker-build-and-push/action.yaml
@@ -0,0 +1,69 @@
+name: 'Build Docker Image'
+description: ''
+
+inputs:
+  registry_username:
+    description: 'Username for Artifactory'
+    required: true
+  registry_password:
+    description: 'Password for Artifactory'
+    required: true
+  image_reportory:
+    description: 'Repository name'
+    required: true
+  image_name:
+    description: 'Name of the image'
+    required: true
+  image_tag:
+    description: 'Tag of the image'
+    required: true
+  platforms:
+    description: 'Comma-separated list of platforms (e.g., linux/amd64,linux/arm64)'
+    required: true
+  cache_from:
+    description: 'List of external cache sources (e.g., type=local,src=path/to/dir)'
+    default: type=gha
+    required: false
+  cache_to:
+    description: 'List of cache export destinations (e.g., type=local,dest=path/to/dir)'
+    default: type=gha,mode=max
+    required: false
+  add_tag_latest:
+    description: 'Additionally push with latest tag'
+    required: false
+    default: 'false'
+
+runs:
+  using: "composite"
+  steps:
+    - name: Login to Docker Hub
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ vars.JFROG_HOST }}/${{ inputs.image_reportory }}
+        username: ${{ secrets.ARTIFACTORY_ANGKOR_USERNAME }}
+        password: ${{ secrets.ARTIFACTORY_ANGKOR_TOKEN_DEVELOPER }}
+
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v3
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Generate image tags
+      shell: bash
+      run: |
+        BUILD_TAGS="${{ vars.JFROG_HOST }}/${{ inputs.image_reportory }}/${{ inputs.image_name }}:${{ inputs.image_tag }}"
+        if [[ "${{ inputs.add_tag_latest }}" == "true" ]]; then
+          BUILD_TAGS="${BUILD_TAGS}\n${{ vars.JFROG_HOST }}/${{ inputs.image_reportory }}/${{ inputs.image_name }}:latest"
+        fi
+        echo "BUILD_TAGS=${BUILD_TAGS}" >> $GITHUB_ENV
+
+    - name: Build and push
+      id: build
+      uses: docker/build-push-action@v6
+      with:
+        push: true
+        platforms: ${{ inputs.platforms }}
+        tags: ${{ env.BUILD_TAGS }}
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
diff --git a/.github/actions/jfrog-build-publish/action.yaml b/.github/actions/jfrog-build-publish/action.yaml
@@ -0,0 +1,69 @@
+name: 'Publish build-info to JFrog'
+description: 'Collects information about the build and publishes it to JFrog'
+
+inputs:
+  jfrog_project:
+    description: 'Key of the JFrog project'
+    required: true
+  image_reportory:
+    description: 'Repository name'
+    required: true
+  image_name:
+    description: 'Name of the image'
+    required: true
+  image_tag:
+    description: 'Tag of the image'
+    required: true
+  platforms:
+    description: 'Comma-separated list of platforms (e.g., linux/amd64,linux/arm64)'
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: Install JFrog CLI
+      uses: jfrog/setup-jfrog-cli@v4
+      env:
+        JF_URL: ${{ vars.JFROG_URL }}
+        JF_PROJECT: ${{ inputs.jfrog_project }}
+      with:
+        oidc-provider-name: github-nethermindeth
+
+    - name: JFrog build add context
+      env:
+        JFROG_CLI_BUILD_NAME: ${{ inputs.image_name }}
+        JFROG_CLI_BUILD_NUMBER: ${{ inputs.image_tag }}-${{ github.run_number }}
+      shell: bash
+      run: |
+        jf rt build-collect-env
+        jf rt build-add-git        
+
+    - name: JFrog build add images
+      env:
+        JFROG_CLI_BUILD_NAME: ${{ inputs.image_name }}
+        JFROG_CLI_BUILD_NUMBER: ${{ inputs.image_tag }}-${{ github.run_number }}
+      shell: bash
+      run: |
+        # Pull image manifest
+        docker manifest inspect ${{ vars.JFROG_HOST }}/${{ inputs.image_reportory }}/${{ inputs.image_name }}:${{ inputs.image_tag }} > manifest.json
+        
+        # Iterate over platforms
+        platforms=$(echo ${{ inputs.platforms }} | tr ',' ' ')
+        for platform in $platforms; do
+          os=$(echo $platform | cut -d'/' -f1)
+          arch=$(echo $platform | cut -d'/' -f2)
+          digest=$(jq -r \
+            --arg os "${os}" \
+            --arg arch "${arch}" \
+            '.manifests[] | select(.platform.os==$os and .platform.architecture==$arch) | .digest' manifest.json)
+          echo "${{ vars.JFROG_HOST }}/${{ inputs.image_reportory }}/${{ inputs.image_name }}:${{ inputs.image_tag }}@${digest}" > image-file
+          jf rt build-docker-create --image-file=image-file ${{ inputs.image_reportory }}
+        done
+
+    - name: JFrog build publish
+      env:
+        JFROG_CLI_BUILD_NAME: ${{ inputs.image_name }}
+        JFROG_CLI_BUILD_NUMBER: ${{ inputs.image_tag }}-${{ github.run_number }}
+      shell: bash
+      run: |
+        jf rt build-publish
diff --git a/.github/workflows/pipeline-ci-pull-request.yaml b/.github/workflows/pipeline-ci-pull-request.yaml
@@ -0,0 +1,75 @@
+name: CI pull request
+
+on:
+  workflow_call:
+    inputs:
+      jfrog_project:
+        description: 'Key of the JFrog project'
+        type: string
+        required: true
+      image_reportory:
+        description: 'Repository name'
+        type: string
+        required: true
+      platforms:
+        description: 'Comma-separated list of platforms (e.g., linux/amd64,linux/arm64)'
+        type: string
+        required: true
+
+    secrets:
+      registry_username:
+        description: 'Username for Artifactory'
+        required: true
+      registry_password:
+        description: 'Password for Artifactory'
+        required: true
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  pipeline:
+    runs-on: ubuntu-latest
+    steps:
+#      - name: Checkout
+#        uses: actions/checkout@v4
+#        with:
+#          fetch-depth: 0
+#          ref: ${{ github.head_ref }}
+#
+#      - name: Run pre-commit
+#        uses: pre-commit/action@v3.0.1
+
+      - name: Define image tag
+        id: set_tag
+        run: |
+          GITHUB_REPOSITORY=${{ github.repository }}
+          IMAGE_NAME=${GITHUB_REPOSITORY#*/}
+          HEAD_REF=${{ github.head_ref }}
+          HEAD_SLUG=${HEAD_REF//\//-}
+          SHORT_SHA=$(git rev-parse --short HEAD)
+          IMAGE_TAG=${HEAD_SLUG}-${{ github.sha }}
+          echo "HEAD_SLUG=${HEAD_SLUG}" >> $GITHUB_ENV
+          echo "IMAGE_NAME=${IMAGE_NAME}" >> $GITHUB_ENV
+          echo "IMAGE_TAG=${IMAGE_TAG}" >> $GITHUB_ENV
+
+      - name: Build and push image
+        uses: ./.github/actions/docker-build-and-push
+        with:
+          registry_username: ${{ secrets.registry_username }}
+          registry_password: ${{ secrets.registry_password }}
+          image_reportory: ${{ inputs.image_reportory }}
+          image_name: ${{ env.IMAGE_NAME }}
+          image_tag: ${{ env.IMAGE_TAG }}
+          platforms: ${{ inputs.platforms }}
+          add_tag_latest: true
+
+      - name: Publish Build Info to JFrog
+        uses: ./.github/actions/jfrog-build-publish
+        with:
+          jfrog_project: ${{ inputs.jfrog_project }}
+          image_reportory: ${{ inputs.image_reportory }}
+          image_name: ${{ env.IMAGE_NAME }}
+          image_tag: ${{ env.IMAGE_TAG }}
+          platforms: ${{ inputs.platforms }}
