From 65b4d251dc5a902e7c216a50c8977a48223d7b70 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Tue, 11 Apr 2023 18:48:32 +0900 Subject: [PATCH] Added ARM build --- .github/workflows/images_build_rhel.yml | 218 +++++++++++++++++++++++- 1 file changed, 213 insertions(+), 5 deletions(-) diff --git a/.github/workflows/images_build_rhel.yml b/.github/workflows/images_build_rhel.yml index 69b3e4fde..80fe074cf 100644 --- a/.github/workflows/images_build_rhel.yml +++ b/.github/workflows/images_build_rhel.yml @@ -8,7 +8,7 @@ on: branches: - '5.0' - '6.0' - - '6.2' + - '6.4' paths: - '!**/README.md' - 'Dockerfiles/*/rhel/*' @@ -29,7 +29,7 @@ env: jobs: init_build: name: Initialize build - runs-on: self-hosted + runs-on: [self-hosted, linux, X64] outputs: components: ${{ steps.components.outputs.list }} is_default_branch: ${{ steps.branch_info.outputs.is_default_branch }} @@ -80,7 +80,7 @@ jobs: matrix: build: ["build-base"] - runs-on: self-hosted + runs-on: [self-hosted, linux, X64] outputs: image: ${{ steps.build_image.outputs.image-with-tag }} steps: @@ -118,7 +118,7 @@ jobs: matrix: build: ["mysql", "sqlite3"] - runs-on: self-hosted + runs-on: [self-hosted, linux, X64] steps: - name: Checkout repository uses: actions/checkout@v3 @@ -153,7 +153,7 @@ jobs: matrix: build: ${{ fromJson(needs.init_build.outputs.components) }} - runs-on: self-hosted + runs-on: [self-hosted, linux, X64] steps: - uses: actions/checkout@v3 @@ -271,3 +271,211 @@ jobs: run: | echo "${{ steps.meta.outputs.tags }}" | while IFS= read -r image_name ; do podman rmi -i -f $image_name; done rm -rf ${{ env.PFLT_ARTIFACTS }} + + build_base_arm: + timeout-minutes: 30 + name: Build ${{ matrix.build }} base on RHEL (ARM64) + needs: ["init_build"] + strategy: + fail-fast: false + matrix: + build: ["build-base"] + + runs-on: [self-hosted, linux, ARM64] + outputs: + image: ${{ steps.build_image.outputs.image-with-tag }} + steps: + - name: Checkout repository + uses: actions/checkout@v3 + with: + fetch-depth: 1 + + - name: Generate tags + id: meta + uses: docker/metadata-action@v4 + with: + images: zabbix-${{ matrix.build }} + tags: | + type=sha + flavor: | + latest=false + suffix=-arm64 + + - name: Build Zabbix Build Base + id: build_image + uses: redhat-actions/buildah-build@v2 + with: + context: ./Dockerfiles/${{ matrix.build }}/rhel + layers: false + tags: ${{ steps.meta.outputs.tags }} + containerfiles: | + ./Dockerfiles/${{ matrix.build }}/rhel/Dockerfile + extra-args: | + --pull + + build_base_database_arm: + timeout-minutes: 180 + needs: [ "build_base_arm", "init_build"] + name: Build ${{ matrix.build }} base on RHEL (ARM64) + strategy: + fail-fast: false + matrix: + build: ["mysql", "sqlite3"] + + runs-on: [self-hosted, linux, ARM64] + steps: + - name: Checkout repository + uses: actions/checkout@v3 + with: + fetch-depth: 1 + + - name: Generate tags + id: meta + uses: docker/metadata-action@v4 + with: + images: zabbix-build-${{ matrix.build }} + tags: | + type=sha + flavor: | + latest=false + suffix=-arm64 + + - name: Build ${{ matrix.build }} image + id: build_image + uses: redhat-actions/buildah-build@v2 + with: + context: ./Dockerfiles/build-${{ matrix.build }}/rhel + layers: false + tags: ${{ steps.meta.outputs.tags }} + containerfiles: | + ./Dockerfiles/build-${{ matrix.build }}/rhel/Dockerfile + build-args: BUILD_BASE_IMAGE=${{ needs.build_base_arm.outputs.image }} + + build_images_arm: + timeout-minutes: 90 + needs: [ "build_base_database_arm", "init_build"] + name: Build ${{ matrix.build }} image (ARM64) + strategy: + fail-fast: false + matrix: + build: ${{ fromJson(needs.init_build.outputs.components) }} + + runs-on: [self-hosted, linux, ARM64] + steps: + - uses: actions/checkout@v3 + + - name: Detect Build Base Image + id: build_base_image + env: + REDHAT_CERTIFY_CREDENTIALS: ${{ secrets.REDHAT_CERTIFY_CREDENTIALS }} + run: | + BUILD_BASE=$(jq --raw-output --argjson data "$REDHAT_CERTIFY_CREDENTIALS" -n '$data."${{ needs.init_build.outputs.current_branch }}".components."${{ matrix.build }}".build_base') + + echo "build_base=$BUILD_BASE" >> $GITHUB_OUTPUT + + - name: Genarate image name + id: image_name + env: + REDHAT_CERTIFY_CREDENTIALS: ${{ secrets.REDHAT_CERTIFY_CREDENTIALS }} + run: | + IMAGE_NAME=$(jq --raw-output --argjson data "$REDHAT_CERTIFY_CREDENTIALS" -n '$data."${{ needs.init_build.outputs.current_branch }}".components."${{ matrix.build }}".login') + + echo "::add-mask::$IMAGE_NAME" + echo "image_name=$IMAGE_NAME" >> $GITHUB_OUTPUT + + - name: Generate credentials + id: login_credentials + env: + REDHAT_CERTIFY_CREDENTIALS: ${{ secrets.REDHAT_CERTIFY_CREDENTIALS }} + run: | + IMAGE_NAME=$(jq --raw-output --argjson data "$REDHAT_CERTIFY_CREDENTIALS" -n '$data."${{ needs.init_build.outputs.current_branch }}".components."${{ matrix.build }}".login') + REGISTRY_PASSWORD=$(jq --raw-output --argjson data "$REDHAT_CERTIFY_CREDENTIALS" -n '$data."${{ needs.init_build.outputs.current_branch }}".components."${{ matrix.build }}".secret') + + echo "::add-mask::$IMAGE_NAME" + echo "::add-mask::redhat-isv-containers+$IMAGE_NAME-robot" + echo "::add-mask::$REGISTRY_PASSWORD" + + echo "username=$IMAGE_NAME" >> $GITHUB_OUTPUT + echo "password=$REGISTRY_PASSWORD" >> $GITHUB_OUTPUT + + - name: Log in to Quay.io + uses: redhat-actions/podman-login@v1.5 + env: + LOGIN: ${{ steps.login_credentials.outputs.username }} + PASSWORD: ${{ steps.login_credentials.outputs.password }} + with: + username: redhat-isv-containers+${{ env.LOGIN }}-robot + password: ${{ env.PASSWORD }} + registry: ${{ env.REGISTRY }} + auth_file_path: /tmp/.docker_${{ matrix.build }}_${{ needs.init_build.outputs.sha_short }} + + - name: Remove smartmontools + if: ${{ matrix.build == 'agent2' }} + run: | + sed -i '/smartmontools/d' Dockerfiles/agent2/rhel/Dockerfile + + - name: Generate tags + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.REGISTRY }}/${{ env.REGISTRY_NAMESPACE }}/${{ steps.image_name.outputs.image_name }} + tags: | + type=semver,pattern={{version}} + type=sha + flavor: | + latest=${{ ( github.event_name == 'release' ) }} + suffix=-arm64,onlatest=true + + - name: Build ${{ matrix.build }} and push + id: build_image + uses: redhat-actions/buildah-build@v2 + with: + context: ./Dockerfiles/${{ matrix.build }}/rhel + layers: false + tags: ${{ steps.meta.outputs.tags }} + labels: | + org.opencontainers.image.revision=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} + org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + containerfiles: | + ./Dockerfiles/${{ matrix.build }}/rhel/Dockerfile + build-args: BUILD_BASE_IMAGE=zabbix-${{ steps.build_base_image.outputs.build_base }}:sha-${{ needs.init_build.outputs.sha_short }}-arm64 + + - name: Push to RedHat certification procedure + id: push_to_registry + uses: redhat-actions/push-to-registry@v2 + with: + tags: ${{ steps.meta.outputs.tags }} + + - name: Preflight + env: + PFLT_DOCKERCONFIG: /tmp/.docker_${{ matrix.build }}_${{ needs.init_build.outputs.sha_short }} + PFLT_CERTIFICATION_PROJECT_ID: ${{ steps.login_credentials.outputs.username }} + PFLT_PYXIS_API_TOKEN: ${{ secrets.REDHAT_API_TOKEN }} + PFLT_ARTIFACTS: ${{ env.PFLT_ARTIFACTS }} + PFLT_LOGLEVEL: ${{ env.PFLT_LOGLEVEL }} + run: | + mkdir -p $PFLT_ARTIFACTS + podman run \ + -it \ + --rm \ + --security-opt=label=disable \ + --env PFLT_LOGLEVEL=$PFLT_LOGLEVEL \ + --env PFLT_ARTIFACTS=/artifacts \ + --env PFLT_LOGFILE=/artifacts/preflight.log \ + --env PFLT_CERTIFICATION_PROJECT_ID=$PFLT_CERTIFICATION_PROJECT_ID \ + --env PFLT_PYXIS_API_TOKEN=$PFLT_PYXIS_API_TOKEN \ + --env PFLT_DOCKERCONFIG=/temp-authfile.json \ + -v $PFLT_ARTIFACTS:/artifacts \ + -v $PFLT_DOCKERCONFIG:/temp-authfile.json:ro \ + quay.io/opdev/preflight:1.5.1 check container ${{ steps.build_image.outputs.image-with-tag }} --submit + + - name: Push to RedHat certification procedure + id: push_to_registry_all_tags + uses: redhat-actions/push-to-registry@v2 + with: + tags: ${{ steps.meta.outputs.tags }} + + - name: Cleanup + run: | + echo "${{ steps.meta.outputs.tags }}" | while IFS= read -r image_name ; do podman rmi -i -f $image_name; done + rm -rf ${{ env.PFLT_ARTIFACTS }}