diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e28ce89..8e19750 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,15 +19,14 @@ defaults: run: shell: bash -env: - CI: true - DOCKER_BUILDKIT: 1 - jobs: build: runs-on: ubuntu-latest env: - BUILDKIT_INLINE_CACHE: 1 + CACHE_IMAGE: "ghcr.io/ibm/text-gen-router:build-cache" + CACHE_REGISTRY: "ghcr.io" + QUAY_REPOSITORY: "quay.io/wxpe/text-gen-router" + permissions: packages: write contents: read @@ -46,9 +45,43 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: "Docker build" - run: make build-router + - name: "Log in to quay" + uses: docker/login-action@v3 + with: + registry: quay.io + username: wxpe+github_pusher_bot + password: ${{ secrets.WXPE_QUAY_TOKEN }} - - name: "Docker push" - if: github.ref == 'refs/heads/main' - run: make push-router-image + - name: "Set build cache target" + run: | + # For push to `main` (PR merged), push a new cache image with all layers (cache-mode=max). + # For PR builds, use GitHub action cache which isolates cached layers by PR/branch. + # to optimize builds for subsequent pushes to the same PR/branch. + # Do not set a cache-to image for PR builds to not overwrite the `main` cache image and + # to not ping-pong cache images for two or more different PRs. + # Do not push cache images for each PR or multiple branches to not exceed GitHub package + # usage and traffic limitations. + # UPDATE 2024/02/26: GHA cache appears to have issues, cannot use `cache-to: gha,mode=min` + # if `cache-from: reg...,mode=max` but `cache-to: gha,mode=max` takes longer than uncached + # build and exhausts GHA cache size limits, so use cache `type=inline` (no external cache). + if [ "${{ github.event_name }}" == "pull_request" ] + then + #CACHE_TO="type=gha,mode=min" + CACHE_TO="type=inline" + else + CACHE_TO="type=registry,ref=${{ env.CACHE_IMAGE }},mode=max" + fi + echo "CACHE_TO=$CACHE_TO" >> $GITHUB_ENV + + - name: "push tags" + run: echo "PUSH_TAGS=$(scripts/get_image_tags.sh ${QUAY_REPOSITORY})" >> $GITHUB_ENV + + - name: "Build and push" + uses: docker/build-push-action@v5 + with: + context: . + target: router-release + tags: ${{ env.PUSH_TAGS }} + cache-from: type=registry,ref=${{ env.CACHE_IMAGE }} + cache-to: ${{ env.CACHE_TO }} + push: ${{ github.event_name != 'pull_request' }} diff --git a/scripts/get_image_tags.sh b/scripts/get_image_tags.sh index cd5db72..9f7609a 100755 --- a/scripts/get_image_tags.sh +++ b/scripts/get_image_tags.sh @@ -2,26 +2,36 @@ # Returns a space separated list of container image tags to be pushed to the # registry +# If a repository is supplied as the first arg, (e.g. quay.io/foo/bar") then the tags will be fully qualified tags_to_push="" +if [[ -n $1 ]]; then + repo_bit="${1}:" +else + repo_bit="" +fi + # if running locally, i.e. CI is unset if [[ -z "${CI+x}" ]]; then commit="$(git rev-parse --short HEAD)" branch="$(git rev-parse --abbrev-ref HEAD)" - tags_to_push+="${commit}" - tags_to_push+=" ${branch}" - tags_to_push+=" ${branch}.${commit}" + tags_to_push+="${repo_bit}${commit}" + tags_to_push+=" ${repo_bit}${branch}" + tags_to_push+=" ${repo_bit}${branch}.${commit}" else # In CI, pull info from github env vars commit="${GITHUB_SHA:0:7}" build_ref="${GITHUB_REF_NAME}" - tags_to_push+="${commit}" - tags_to_push+=" ${build_ref}" - tags_to_push+=" ${build_ref}.${commit}" + tags_to_push+="${repo_bit}${commit}" + if [[ ! ${build_ref} =~ "merge" ]]; + then + tags_to_push+=" ${repo_bit}${build_ref}" + tags_to_push+=" ${repo_bit}${build_ref}.${commit}" + fi fi echo "${tags_to_push}"