Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: docker build and tag from ci #6949

Merged
merged 15 commits into from
Mar 13, 2020
Merged
73 changes: 72 additions & 1 deletion .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ default_environment: &default_environment
executors:
golang:
docker:
- image: circleci/golang:1.13
- image: circleci/golang:1.14
working_directory: ~/ipfs/go-ipfs
environment:
<<: *default_environment
Expand All @@ -53,6 +53,12 @@ executors:
IPFS_REUSEPORT: false
LIBP2P_ALLOW_WEAK_RSA_KEYS: 1
E2E_IPFSD_TYPE: go
dockerizer:
docker:
- image: circleci/golang:1.14
environment:
IMAGE_NAME: olizilla/test-go-ipfs
WIP_IMAGE_TAG: wip

jobs:
gobuild:
Expand Down Expand Up @@ -295,8 +301,43 @@ jobs:
key: v1-ipfs-webui-{{ checksum "~/ipfs/go-ipfs/ipfs-webui/package-lock.json" }}
paths:
- ~/ipfs/go-ipfs/ipfs-webui/node_modules
docker-build:
executor: dockerizer
steps:
- checkout
- setup_remote_docker
- run:
name: Build Docker image
command: |
docker build -t $IMAGE_NAME:$WIP_IMAGE_TAG .
- run:
name: Archive Docker image
command: docker save -o go-ipfs-image.tar $IMAGE_NAME
- persist_to_workspace:
root: .
paths:
- ./go-ipfs-image.tar
docker-push:
executor: dockerizer
steps:
- checkout
- setup_remote_docker
- attach_workspace:
at: /tmp/workspace
- run:
name: Load archived Docker image
command: docker load -i /tmp/workspace/go-ipfs-image.tar
- run:
name: Publish Docker Image to Docker Hub
command: |
echo "$DOCKERHUB_PASS" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When are these credentials provided?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Every branch, it looks like? That's not a good idea.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I keep running into this same wall. 🤦‍♂

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Resolution: only users in a specific group will get this token. That will also be the group with release permissions.

./bin/push-docker-tags.sh "$CIRCLE_BUILD_NUM" "$CIRCLE_SHA1" "$CIRCLE_BRANCH" "$CIRCLE_TAG" dryrun

workflows:
version: 2

# Runs for all branches, but not on tags
# see: https://circleci.com/docs/2.0/workflows/#executing-workflows-for-a-git-tag
test:
jobs:
- gobuild
Expand All @@ -316,3 +357,33 @@ workflows:
- ipfs-webui:
requires:
- build
- docker-build
- docker-push:
requires:
- docker-build
- golint
- gotest
- sharness
- interop
- go-ipfs-api
- go-ipfs-http-client
- ipfs-webui

# NOTE: You have to opt in to get circleci to trigger builds for a tat. As it is required that you set the tag filter to all dependent jobs, this is pulled out into a seperate workflow.
olizilla marked this conversation as resolved.
Show resolved Hide resolved
# see: https://circleci.com/docs/2.0/workflows/#executing-workflows-for-a-git-tag
docker-on-tag:
jobs:
- docker-build:
filters:
tags:
only: /^v[0-9].*|^cluster.+/
branches:
ignore: /.*/
- docker-push:
requires:
- docker-build
filters:
tags:
only: /^v[0-9].*|^cluster.+/
branches:
ignore: /.*/
Stebalien marked this conversation as resolved.
Show resolved Hide resolved
81 changes: 81 additions & 0 deletions bin/push-docker-tags.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
#!/usr/bin/env bash

# push-docker-tags.sh
#
# Run from ci to tag images based on the current branch or tag name.
# A bit like dockerhub autobuild config, but somewhere we can version control it.
#
# The `docker-build` job in .circleci/config.yml builds the current commit
# in docker and tags it as ipfs/go-ipfs:wip
#
# Then the `docker-publish` job runs this script to decide what tag, if any,
# to publish to dockerhub.
#
# Usage:
# ./push-docker-tags.sh <build number> <git commit sha1> <git branch name> [git tag name] [dry run]
#
# Example:
# # dry run. pass a 5th arg to have it print what it would do rather than do it.
# ./push-docker-tags.sh 1 testingsha mybranch v1.0 dryrun
#
# # push tag for the master branch
# ./push-docker-tags.sh 1 testingsha master
#
# # push tag for a release tag
# ./push-docker-tags.sh 1 testingsha release v0.5.0
#
# # Serving suggestion in circle ci - https://circleci.com/docs/2.0/env-vars/#built-in-environment-variables
# ./push-docker-tags.sh "$CIRCLE_BUILD_NUM" "$CIRCLE_SHA1" "$CIRCLE_BRANCH" "$CIRCLE_TAG"
#
set -euo pipefail

if [[ $# -lt 3 ]] ; then
echo 'At least 3 args required. Pass 5 args for a dry run.'
echo 'Usage:'
echo './push-docker-tags.sh <build number> <git commit sha1> <git branch name> [git tag name] [dry run]'
exit 1
fi

BUILD_NUM=$1
GIT_SHA1=$2
GIT_SHA1_SHORT=$(echo "$GIT_SHA1" | cut -c 1-7)
GIT_BRANCH=$3
GIT_TAG=${4:-""}
DRY_RUN=${5:-false}

WIP_IMAGE_TAG=${WIP_IMAGE_TAG:-wip}
IMAGE_NAME=${IMAGE_NAME:-ipfs/go-ipfs}

pushTag () {
local IMAGE_TAG=$1
if [ "$DRY_RUN" != false ]; then
echo "DRY RUN! I would have tagged and pushed the following..."
echo docker tag "$IMAGE_NAME:$WIP_IMAGE_TAG" "$IMAGE_NAME:$IMAGE_TAG"
echo docker push "$IMAGE_NAME:$IMAGE_TAG"
else
docker tag "$IMAGE_NAME:$WIP_IMAGE_TAG" "$IMAGE_NAME:$IMAGE_TAG"
docker push "$IMAGE_NAME:$IMAGE_TAG"
fi
}

if [[ $GIT_TAG =~ ^v[0-9]+ ]]; then
pushTag "$GIT_TAG"

elif [[ $GIT_BRANCH =~ ^cluster ]]; then
pushTag "$GIT_BRANCH"

elif [ "$GIT_BRANCH" = "feat/stabilize-dht" ]; then
pushTag "bifrost-${BUILD_NUM}-${GIT_SHA1_SHORT}"
pushTag "bifrost-latest"

elif [ "$GIT_BRANCH" = "release" ]; then
pushTag "release"
pushTag "latest"

elif [ "$GIT_BRANCH" = "master" ]; then
pushTag "master"

else
echo "Nothing to do. No docker tag defined for branch: $GIT_BRANCH, tag: $GIT_TAG"

fi