From 85fa84a52e64381ac75cd792837301b3920e6eb5 Mon Sep 17 00:00:00 2001 From: moreal Date: Thu, 27 Jul 2023 18:34:11 +0900 Subject: [PATCH] ci(gh-actions): build Docker image --- .github/workflows/push_docker_image.yaml | 100 +++++++++++++++++++++++ Dockerfile.amd64 | 32 ++++++++ Dockerfile.arm64v8 | 32 ++++++++ 3 files changed, 164 insertions(+) create mode 100644 .github/workflows/push_docker_image.yaml create mode 100644 Dockerfile.amd64 create mode 100644 Dockerfile.arm64v8 diff --git a/.github/workflows/push_docker_image.yaml b/.github/workflows/push_docker_image.yaml new file mode 100644 index 000000000..632139460 --- /dev/null +++ b/.github/workflows/push_docker_image.yaml @@ -0,0 +1,100 @@ +name: push docker image + +on: + push: + branches: + - main + - rc-* + - development + - previewnet + - release/* + tags: + - "*" + workflow_dispatch: + inputs: + imageTag: + description: 'Custom docker image tag if needed' + default: '' + +jobs: + build_and_push: + name: build_and_push (${{ matrix.docker.repo }}) + strategy: + matrix: + docker: + - repo: planetariumhq/lib9c-stateservice + dockerfile: Dockerfile + if: github.ref_type == 'branch' + runs-on: ubuntu-latest + steps: + - name: checkout + uses: actions/checkout@v3 + with: + submodules: recursive + - name: login + run: | + docker login \ + --username '${{ secrets.DOCKER_USERNAME }}' \ + --password '${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}' + - name: setup-qemu + run: | + docker run --rm --privileged multiarch/qemu-user-static \ + --reset \ + -p yes + - name: build-and-push-amd64 + run: | + docker build . \ + -f ${{ matrix.docker.dockerfile }}.amd64 \ + -t ${{ matrix.docker.repo }}:git-${{ github.sha }}-amd64 \ + --build-arg COMMIT=git-${{ github.sha }} + docker push ${{ matrix.docker.repo }}:git-${{ github.sha }}-amd64 + - name: build-and-push-arm64v8 + run: | + docker build . \ + -f ${{ matrix.docker.dockerfile }}.arm64v8 \ + -t ${{ matrix.docker.repo }}:git-${{ github.sha }}-arm64v8 \ + --build-arg COMMIT=git-${{ github.sha }} + docker push ${{ matrix.docker.repo }}:git-${{ github.sha }}-arm64v8 + - name: merge-manifest-and-push + run: | + docker manifest create ${{ matrix.docker.repo }}:git-${{ github.sha }} \ + --amend ${{ matrix.docker.repo }}:git-${{ github.sha }}-amd64 \ + --amend ${{ matrix.docker.repo }}:git-${{ github.sha }}-arm64v8 + docker manifest push ${{ matrix.docker.repo }}:git-${{ github.sha }} + + tag: + name: tag (${{ matrix.docker.repo }}) + strategy: + matrix: + docker: + - repo: planetariumhq/lib9c-stateservice + if: github.ref_type == 'tag' || github.event.inputs.imageTag != '' + runs-on: ubuntu-latest + steps: + - name: login + run: | + docker login \ + --username '${{ secrets.DOCKER_USERNAME }}' \ + --password '${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}' + - name: push git tagged version + run: | + docker pull ${{ matrix.docker.repo }}:git-${{ github.sha }}-amd64 + if [[ -z "${{ github.event.inputs.imageTag }}" ]]; then + export IMAGE_TAG=${{ github.ref_name }} + else + export IMAGE_TAG=${{ github.event.inputs.imageTag }} + fi + + docker tag \ + ${{ matrix.docker.repo }}:git-${{ github.sha }}-amd64 \ + ${{ matrix.docker.repo }}:$IMAGE_TAG-amd64 + docker push ${{ matrix.docker.repo }}:$IMAGE_TAG-amd64 + docker pull ${{ matrix.docker.repo }}:git-${{ github.sha }}-arm64v8 + docker tag \ + ${{ matrix.docker.repo }}:git-${{ github.sha }}-arm64v8 \ + ${{ matrix.docker.repo }}:$IMAGE_TAG-arm64v8 + docker push ${{ matrix.docker.repo }}:$IMAGE_TAG-arm64v8 + docker manifest create ${{ matrix.docker.repo }}:$IMAGE_TAG \ + --amend ${{ matrix.docker.repo }}:$IMAGE_TAG-amd64 \ + --amend ${{ matrix.docker.repo }}:$IMAGE_TAG-arm64v8 + docker manifest push ${{ matrix.docker.repo }}:$IMAGE_TAG diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 new file mode 100644 index 000000000..3dbce3ebd --- /dev/null +++ b/Dockerfile.amd64 @@ -0,0 +1,32 @@ +FROM mcr.microsoft.com/dotnet/sdk:6.0-jammy AS build-env +WORKDIR /app + +# Copy csproj and restore as distinct layers +COPY ./Lib9c/Lib9c.csproj ./Lib9c/ +COPY ./.Libplanet.Extensions.RemoteActionEvaluator/Libplanet.Extensions.RemoteActionEvaluator.csproj ./Libplanet.Extensions.RemoteActionEvaluator/ +RUN dotnet restore Lib9c +RUN dotnet restore Libplanet.Extensions.RemoteActionEvaluator + +# Copy everything else and build +COPY . ./ +RUN dotnet publish .Lib9c.StateService/Lib9c.StateService.csproj \ + -c Release \ + -r linux-x64 \ + -o out \ + --self-contained + +# Build runtime image +FROM mcr.microsoft.com/dotnet/aspnet:6.0 +WORKDIR /app +RUN apt-get update && apt-get install -y libc6-dev +COPY --from=build-env /app/out . + +# Install native deps & utilities for production +RUN apt-get update \ + && apt-get install -y --allow-unauthenticated \ + libc6-dev jq curl \ + && rm -rf /var/lib/apt/lists/* + +VOLUME /data + +ENTRYPOINT ["dotnet", "Lib9c.StateService.dll"] diff --git a/Dockerfile.arm64v8 b/Dockerfile.arm64v8 new file mode 100644 index 000000000..32223cc5d --- /dev/null +++ b/Dockerfile.arm64v8 @@ -0,0 +1,32 @@ +FROM mcr.microsoft.com/dotnet/sdk:6.0-jammy AS build-env +WORKDIR /app + +# Copy csproj and restore as distinct layers +COPY ./Lib9c/Lib9c.csproj ./Lib9c/ +COPY ./.Libplanet.Extensions.RemoteActionEvaluator/Libplanet.Extensions.RemoteActionEvaluator.csproj ./Libplanet.Extensions.RemoteActionEvaluator/ +RUN dotnet restore Lib9c +RUN dotnet restore Libplanet.Extensions.RemoteActionEvaluator + +# Copy everything else and build +COPY . ./ +RUN dotnet publish .Lib9c.StateService/Lib9c.StateService.csproj \ + -c Release \ + -r linux-arm64 \ + -o out \ + --self-contained + +# Build runtime image +FROM mcr.microsoft.com/dotnet/aspnet:6.0-bullseye-slim-arm64v8 +WORKDIR /app +RUN apt-get update && apt-get install -y libc6-dev +COPY --from=build-env /app/out . + +# Install native deps & utilities for production +RUN apt-get update \ + && apt-get install -y --allow-unauthenticated \ + libc6-dev jq curl \ + && rm -rf /var/lib/apt/lists/* + +VOLUME /data + +ENTRYPOINT ["dotnet", "Lib9c.StateService.dll"]