diff --git a/.github/workflows/images_build_rhel.yml b/.github/workflows/images_build_rhel.yml index 80fe074cf..fbc964325 100644 --- a/.github/workflows/images_build_rhel.yml +++ b/.github/workflows/images_build_rhel.yml @@ -271,211 +271,3 @@ jobs: run: | echo "${{ steps.meta.outputs.tags }}" | while IFS= read -r image_name ; do podman rmi -i -f $image_name; done rm -rf ${{ env.PFLT_ARTIFACTS }} - - build_base_arm: - timeout-minutes: 30 - name: Build ${{ matrix.build }} base on RHEL (ARM64) - needs: ["init_build"] - strategy: - fail-fast: false - matrix: - build: ["build-base"] - - runs-on: [self-hosted, linux, ARM64] - outputs: - image: ${{ steps.build_image.outputs.image-with-tag }} - steps: - - name: Checkout repository - uses: actions/checkout@v3 - with: - fetch-depth: 1 - - - name: Generate tags - id: meta - uses: docker/metadata-action@v4 - with: - images: zabbix-${{ matrix.build }} - tags: | - type=sha - flavor: | - latest=false - suffix=-arm64 - - - name: Build Zabbix Build Base - id: build_image - uses: redhat-actions/buildah-build@v2 - with: - context: ./Dockerfiles/${{ matrix.build }}/rhel - layers: false - tags: ${{ steps.meta.outputs.tags }} - containerfiles: | - ./Dockerfiles/${{ matrix.build }}/rhel/Dockerfile - extra-args: | - --pull - - build_base_database_arm: - timeout-minutes: 180 - needs: [ "build_base_arm", "init_build"] - name: Build ${{ matrix.build }} base on RHEL (ARM64) - strategy: - fail-fast: false - matrix: - build: ["mysql", "sqlite3"] - - runs-on: [self-hosted, linux, ARM64] - steps: - - name: Checkout repository - uses: actions/checkout@v3 - with: - fetch-depth: 1 - - - name: Generate tags - id: meta - uses: docker/metadata-action@v4 - with: - images: zabbix-build-${{ matrix.build }} - tags: | - type=sha - flavor: | - latest=false - suffix=-arm64 - - - name: Build ${{ matrix.build }} image - id: build_image - uses: redhat-actions/buildah-build@v2 - with: - context: ./Dockerfiles/build-${{ matrix.build }}/rhel - layers: false - tags: ${{ steps.meta.outputs.tags }} - containerfiles: | - ./Dockerfiles/build-${{ matrix.build }}/rhel/Dockerfile - build-args: BUILD_BASE_IMAGE=${{ needs.build_base_arm.outputs.image }} - - build_images_arm: - timeout-minutes: 90 - needs: [ "build_base_database_arm", "init_build"] - name: Build ${{ matrix.build }} image (ARM64) - strategy: - fail-fast: false - matrix: - build: ${{ fromJson(needs.init_build.outputs.components) }} - - runs-on: [self-hosted, linux, ARM64] - steps: - - uses: actions/checkout@v3 - - - name: Detect Build Base Image - id: build_base_image - env: - REDHAT_CERTIFY_CREDENTIALS: ${{ secrets.REDHAT_CERTIFY_CREDENTIALS }} - run: | - BUILD_BASE=$(jq --raw-output --argjson data "$REDHAT_CERTIFY_CREDENTIALS" -n '$data."${{ needs.init_build.outputs.current_branch }}".components."${{ matrix.build }}".build_base') - - echo "build_base=$BUILD_BASE" >> $GITHUB_OUTPUT - - - name: Genarate image name - id: image_name - env: - REDHAT_CERTIFY_CREDENTIALS: ${{ secrets.REDHAT_CERTIFY_CREDENTIALS }} - run: | - IMAGE_NAME=$(jq --raw-output --argjson data "$REDHAT_CERTIFY_CREDENTIALS" -n '$data."${{ needs.init_build.outputs.current_branch }}".components."${{ matrix.build }}".login') - - echo "::add-mask::$IMAGE_NAME" - echo "image_name=$IMAGE_NAME" >> $GITHUB_OUTPUT - - - name: Generate credentials - id: login_credentials - env: - REDHAT_CERTIFY_CREDENTIALS: ${{ secrets.REDHAT_CERTIFY_CREDENTIALS }} - run: | - IMAGE_NAME=$(jq --raw-output --argjson data "$REDHAT_CERTIFY_CREDENTIALS" -n '$data."${{ needs.init_build.outputs.current_branch }}".components."${{ matrix.build }}".login') - REGISTRY_PASSWORD=$(jq --raw-output --argjson data "$REDHAT_CERTIFY_CREDENTIALS" -n '$data."${{ needs.init_build.outputs.current_branch }}".components."${{ matrix.build }}".secret') - - echo "::add-mask::$IMAGE_NAME" - echo "::add-mask::redhat-isv-containers+$IMAGE_NAME-robot" - echo "::add-mask::$REGISTRY_PASSWORD" - - echo "username=$IMAGE_NAME" >> $GITHUB_OUTPUT - echo "password=$REGISTRY_PASSWORD" >> $GITHUB_OUTPUT - - - name: Log in to Quay.io - uses: redhat-actions/podman-login@v1.5 - env: - LOGIN: ${{ steps.login_credentials.outputs.username }} - PASSWORD: ${{ steps.login_credentials.outputs.password }} - with: - username: redhat-isv-containers+${{ env.LOGIN }}-robot - password: ${{ env.PASSWORD }} - registry: ${{ env.REGISTRY }} - auth_file_path: /tmp/.docker_${{ matrix.build }}_${{ needs.init_build.outputs.sha_short }} - - - name: Remove smartmontools - if: ${{ matrix.build == 'agent2' }} - run: | - sed -i '/smartmontools/d' Dockerfiles/agent2/rhel/Dockerfile - - - name: Generate tags - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY }}/${{ env.REGISTRY_NAMESPACE }}/${{ steps.image_name.outputs.image_name }} - tags: | - type=semver,pattern={{version}} - type=sha - flavor: | - latest=${{ ( github.event_name == 'release' ) }} - suffix=-arm64,onlatest=true - - - name: Build ${{ matrix.build }} and push - id: build_image - uses: redhat-actions/buildah-build@v2 - with: - context: ./Dockerfiles/${{ matrix.build }}/rhel - layers: false - tags: ${{ steps.meta.outputs.tags }} - labels: | - org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} - org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} - containerfiles: | - ./Dockerfiles/${{ matrix.build }}/rhel/Dockerfile - build-args: BUILD_BASE_IMAGE=zabbix-${{ steps.build_base_image.outputs.build_base }}:sha-${{ needs.init_build.outputs.sha_short }}-arm64 - - - name: Push to RedHat certification procedure - id: push_to_registry - uses: redhat-actions/push-to-registry@v2 - with: - tags: ${{ steps.meta.outputs.tags }} - - - name: Preflight - env: - PFLT_DOCKERCONFIG: /tmp/.docker_${{ matrix.build }}_${{ needs.init_build.outputs.sha_short }} - PFLT_CERTIFICATION_PROJECT_ID: ${{ steps.login_credentials.outputs.username }} - PFLT_PYXIS_API_TOKEN: ${{ secrets.REDHAT_API_TOKEN }} - PFLT_ARTIFACTS: ${{ env.PFLT_ARTIFACTS }} - PFLT_LOGLEVEL: ${{ env.PFLT_LOGLEVEL }} - run: | - mkdir -p $PFLT_ARTIFACTS - podman run \ - -it \ - --rm \ - --security-opt=label=disable \ - --env PFLT_LOGLEVEL=$PFLT_LOGLEVEL \ - --env PFLT_ARTIFACTS=/artifacts \ - --env PFLT_LOGFILE=/artifacts/preflight.log \ - --env PFLT_CERTIFICATION_PROJECT_ID=$PFLT_CERTIFICATION_PROJECT_ID \ - --env PFLT_PYXIS_API_TOKEN=$PFLT_PYXIS_API_TOKEN \ - --env PFLT_DOCKERCONFIG=/temp-authfile.json \ - -v $PFLT_ARTIFACTS:/artifacts \ - -v $PFLT_DOCKERCONFIG:/temp-authfile.json:ro \ - quay.io/opdev/preflight:1.5.1 check container ${{ steps.build_image.outputs.image-with-tag }} --submit - - - name: Push to RedHat certification procedure - id: push_to_registry_all_tags - uses: redhat-actions/push-to-registry@v2 - with: - tags: ${{ steps.meta.outputs.tags }} - - - name: Cleanup - run: | - echo "${{ steps.meta.outputs.tags }}" | while IFS= read -r image_name ; do podman rmi -i -f $image_name; done - rm -rf ${{ env.PFLT_ARTIFACTS }}