ci(docker): parallelize docker builds and push (#1421)

## Summary by CodeRabbit - **New Features** - Introduced multi-platform Docker image builds for `linux/amd64` and `linux/arm64`. - Added a new job for creating a manifest list of built images. - Implemented a separate deployment job for preproduction updates. - **Improvements** - Streamlined the deployment process with new job dependencies. - Enhanced consistency in Docker image tagging using an environment variable.
antoinezanardi · Nov 12, 2024 · eb9e37f · eb9e37f
1 parent 14bebb3
commit eb9e37f
Show file tree

Hide file tree

Showing 2 changed files with 143 additions and 21 deletions.
diff --git a/.github/workflows/deploy-to-production.yml b/.github/workflows/deploy-to-production.yml
@@ -2,14 +2,20 @@ name: 🚀 Deploy To Production Workflow
 
 on:
   release:
-    types: [ created ]
+    types: [created]
+
+env:
+  REGISTRY_IMAGE: antoinezanardi/werewolves-assistant-api
 
 jobs:
   upload-to-docker-hub:
     name: Upload image with tag version to Docker Hub 🐳
     runs-on: ubuntu-latest
     strategy:
       matrix:
+        platform:
+          - linux/amd64
+          - linux/arm64
         tag:
           - ${{ github.event.release.tag_name }}
           - latest
@@ -35,27 +41,81 @@ jobs:
 
       - name: Build and push Docker image 🐳
         uses: docker/build-push-action@v6
+        id: build
         with:
           context: .
           file: ./Dockerfile
           push: true
-          platforms: linux/amd64,linux/arm64
-          tags: antoinezanardi/werewolves-assistant-api:${{ matrix.tag }}
+          platforms: ${{ matrix.platform }}
+          tags: ${{ env.REGISTRY_IMAGE }}:${{ matrix.tag }}
+
+      - name: Export digest 📦
+        run: |
+          mkdir -p /tmp/digests
+          echo "${{ matrix.platform }}=${{ steps.build.outputs.digest }}" > "/tmp/digests/${{ matrix.tag }}-${{ matrix.platform }}-digest.txt"
+
+      - name: Upload digest 📦
+        uses: actions/upload-artifact@v4
+        with:
+          name: digests-${{ matrix.tag }}
+          path: /tmp/digests/${{ matrix.tag }}-${{ matrix.platform }}-digest.txt
+
+  merge-images-into-manifest-list:
+    name: Merge images into a manifest list 🗂️
+    runs-on: ubuntu-latest
+    needs: upload-to-docker-hub
+    steps:
+      - name: Download digests 📩
+        uses: actions/download-artifact@v4
+        with:
+          name: digests
+          path: /tmp/digests
+          merge-multiple: true
+
+      - name: Set up Docker Buildx 🏗️
+        uses: docker/setup-buildx-action@v3
+
+      - name: Docker meta 📦
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY_IMAGE }}
+
+      - name: Log in to Docker Hub 🔐
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+
+      - name: Create and push manifest list 📦
+        run: |
+          for tag in "${{ github.event.release.tag_name }}" "latest"; do
+            docker buildx imagetools create --tag "${{ env.REGISTRY_IMAGE }}:$tag" \
+              "$(cat "/tmp/digests/${tag}-linux/amd64-digest.txt")" \
+              "$(cat "/tmp/digests/${tag}-linux/arm64-digest.txt")"
+          done
+
+      - name: Inspect manifest lists 🕵️
+        run: |
+          for tag in "${{ github.event.release.tag_name }}" "latest"; do
+            docker buildx imagetools inspect "${{ env.REGISTRY_IMAGE }}:$tag"
+          done
 
   deploy-to-production:
-      name: Deploy to production server 🚀
-      runs-on: ubuntu-latest
-      needs: upload-to-docker-hub
-      steps:
-        - name: Deploy to production server 🚀
-          env:
-            SSH_PRIVATE_KEY: ${{ secrets.PRODUCTION_SERVER_SSH_PRIVATE_KEY }}
-            SSH_USER: ${{ secrets.PRODUCTION_SERVER_SSH_USER }}
-            SSH_SERVER_IP: ${{ secrets.PRODUCTION_SERVER_SSH_ADDRESS }}
-            UPDATE_SCRIPT_FULL_PATH: ${{ secrets.PRODUCTION_UPDATE_SCRIPT_FULL_PATH }}
-          run: |
-            eval $(ssh-agent -s)
-            echo "$SSH_PRIVATE_KEY" | ssh-add -
-            ssh -o StrictHostKeyChecking=no $SSH_USER@$SSH_SERVER_IP << EOF
-              $UPDATE_SCRIPT_FULL_PATH
-            EOF
+    name: Deploy to production server 🚀
+    runs-on: ubuntu-latest
+    needs: merge-images-into-manifest-list
+    timeout-minutes: 10
+    steps:
+      - name: Deploy to production server 🚀
+        env:
+          SSH_PRIVATE_KEY: ${{ secrets.PRODUCTION_SERVER_SSH_PRIVATE_KEY }}
+          SSH_USER: ${{ secrets.PRODUCTION_SERVER_SSH_USER }}
+          SSH_SERVER_IP: ${{ secrets.PRODUCTION_SERVER_SSH_ADDRESS }}
+          UPDATE_SCRIPT_FULL_PATH: ${{ secrets.PRODUCTION_UPDATE_SCRIPT_FULL_PATH }}
+        run: |
+          eval $(ssh-agent -s)
+          echo "$SSH_PRIVATE_KEY" | ssh-add -
+          ssh -o StrictHostKeyChecking=no $SSH_USER@$SSH_SERVER_IP << EOF
+            $UPDATE_SCRIPT_FULL_PATH
+          EOF
diff --git a/.github/workflows/push-on-develop.yml b/.github/workflows/push-on-develop.yml
@@ -9,10 +9,19 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
   cancel-in-progress: true
 
+env:
+  REGISTRY_IMAGE: antoinezanardi/werewolves-assistant-api
+
 jobs:
   upload-to-docker-hub:
     name: Upload image with develop tag to Docker Hub 🐳
     runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        platform:
+          - linux/amd64
+          - linux/arm64
     steps:
       - name: Checkout GitHub repository 📡
         uses: actions/checkout@v4
@@ -31,13 +40,66 @@ jobs:
 
       - name: Build and push Docker image 🐳
         uses: docker/build-push-action@v6
+        id: build
         with:
           context: .
           file: ./Dockerfile
           push: true
-          platforms: linux/amd64,linux/arm64
-          tags: antoinezanardi/werewolves-assistant-api:develop
+          platforms: ${{ matrix.platform }}
+          tags: ${{ env.REGISTRY_IMAGE }}:${{ matrix.platform }}-develop
+
+      - name: Export digest
+        run: |
+          mkdir -p /tmp/digests
+          echo "${{ matrix.platform }}=${{ steps.build.outputs.digest }}" > "/tmp/digests/${{ matrix.platform }}-digest.txt"
+
+      - name: Upload digest
+        uses: actions/upload-artifact@v4
+        with:
+          name: digests-${{ matrix.platform }}
+          path: /tmp/digests/${{ matrix.platform }}-digest.txt
+
+  merge-images-into-manifest-list:
+    name: Merge images into a manifest list 🗂️
+    runs-on: ubuntu-latest
+    needs: upload-to-docker-hub
+    steps:
+      - name: Download digests 📩
+        uses: actions/download-artifact@v4
+        with:
+          name: digests
+          path: /tmp/digests
+          merge-multiple: true
+
+      - name: Set up Docker Buildx 🏗️
+        uses: docker/setup-buildx-action@v3
+
+      - name: Docker meta 📦
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY_IMAGE }}
+
+      - name: Log in to Docker Hub 🔐
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
 
+      - name: Create and push manifest list 📦
+        run: |
+          docker buildx imagetools create --tag "${{ env.REGISTRY_IMAGE }}:develop" \
+            "$(for digest in /tmp/digests/*-digest.txt; do cat "$digest"; done | tr '\n' ' ')"
+
+      - name: Inspect manifest list 🕵️
+        run: |
+          docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:develop
+
+  deploy-to-preproduction:
+    name: Deploy to preproduction server 🚀
+    runs-on: ubuntu-latest
+    needs: merge-images-into-manifest-list
+    steps:
       - name: Deploy to preproduction server 🚀
         env:
           SSH_PRIVATE_KEY: ${{ secrets.PREPRODUCTION_SERVER_SSH_PRIVATE_KEY }}