| name: Docker Image Build |
| description: Builds Cobalt build docker images. |
| inputs: |
| docker_service: |
| description: "Docker compose service." |
| required: true |
| docker_image: |
| description: "Docker image name." |
| required: true |
| |
| runs: |
| using: "composite" |
| steps: |
| - name: Rename Limit |
| run: git config diff.renameLimit 999999 |
| shell: bash |
| - name: Get docker file changes |
| id: changed-files |
| uses: tj-actions/changed-files@8953e851a137075e59e84b5c15fbeb3617e82f15 # v32.1.1 |
| with: |
| files_ignore: third_party/** |
| files: | |
| docker-compose.yml |
| docker/linux/** |
| .github/actions/docker/** |
| - name: Retrieve Docker metadata |
| id: meta |
| uses: docker/metadata-action@507c2f2dc502c992ad446e3d7a5dfbe311567a96 # v4.3.0 |
| with: |
| images: ${{env.REGISTRY}}/${{github.repository}}/${{inputs.docker_image}} |
| tags: | |
| type=ref,event=branch |
| type=ref,event=tag |
| type=ref,event=pr |
| - name: Set Docker Tag |
| id: set-docker-tag |
| run: | |
| set -x |
| docker_tag="${{ steps.meta.outputs.tags }}" |
| docker_tag="${docker_tag%.1[+,-]}" |
| echo "DOCKER_TAG=${docker_tag}" >> $GITHUB_ENV |
| shell: bash |
| # We need to set docker tag properly for pull requests. In those scenarios where no docker related files |
| # were changed we need to use an existing image (e.g. main). In cases where docker image is rebuilt we have |
| # to use tag generated by the image build. |
| - name: Set Docker Tag |
| id: set-docker-tag-presubmit-non-fork |
| env: |
| REPO: ${{ github.repository }} |
| if: ${{ (steps.changed-files.outputs.any_changed == 'false') && (github.event_name == 'pull_request') }} |
| run: echo "DOCKER_TAG=ghcr.io/${REPO}/${{inputs.docker_image}}:${GITHUB_BASE_REF%.1+}" >> $GITHUB_ENV |
| shell: bash |
| - name: Set up Cloud SDK |
| if: ${{ (steps.changed-files.outputs.any_changed == 'true') && (github.event_name == 'pull_request') && (github.event.pull_request.head.repo.fork) }} |
| uses: isarkis/setup-gcloud@40dce7857b354839efac498d3632050f568090b6 # v1.1.1 |
| - name: Set Docker Tag |
| id: set-docker-tag-presubmit-fork |
| env: |
| GITHUB_EVENT_NUMBER: ${{ github.event.number }} |
| if: ${{ (steps.changed-files.outputs.any_changed == 'true') && (github.event_name == 'pull_request') && (github.event.pull_request.head.repo.fork) }} |
| run: | |
| # Need to login to GCR to be able to push images created by fork based PR workflows. |
| PROJECT_NAME=$(gcloud config get-value project) |
| METADATA="http://metadata.google.internal./computeMetadata/v1" |
| SVC_ACCT="${METADATA}/instance/service-accounts/default" |
| ACCESS_TOKEN=$(curl -H 'Metadata-Flavor: Google' ${SVC_ACCT}/token | cut -d'"' -f 4) |
| printf ${ACCESS_TOKEN} | docker login -u oauth2accesstoken --password-stdin https://gcr.io |
| echo "DOCKER_TAG=gcr.io/${PROJECT_NAME}/${{inputs.docker_image}}:pr-${GITHUB_EVENT_NUMBER}" >> $GITHUB_ENV |
| shell: bash |
| - name: Process Docker metadata |
| id: process-docker-metadata |
| run: | |
| set -x |
| set +e |
| docker manifest inspect $DOCKER_TAG > /dev/null |
| if [[ $? -ne 0 || ${{ steps.changed-files.outputs.any_changed }} == 'true' ]]; then |
| echo "need_to_build=true" >> $GITHUB_ENV |
| else |
| echo "need_to_build=false" >> $GITHUB_ENV |
| fi |
| shell: bash |
| - name: Build containers with docker-compose |
| id: build-image |
| if: env.need_to_build == 'true' |
| env: |
| SERVICE: ${{inputs.docker_service}} |
| shell: bash |
| run: | |
| set -xue |
| DOCKER_BUILDKIT=0 docker compose -f docker-compose.yml up --build --no-start "${SERVICE}" |
| - name: Tag images |
| id: tag-images |
| if: env.need_to_build == 'true' |
| run: docker tag ${{inputs.docker_image}} $DOCKER_TAG |
| shell: bash |
| - name: Push images |
| id: push-image |
| if: env.need_to_build == 'true' |
| run: docker push ${DOCKER_TAG} |
| shell: bash |