diff --git a/.github/workflows/build-push-linux.yaml b/.github/workflows/build-push-linux.yaml new file mode 100644 index 0000000..b0a37cc --- /dev/null +++ b/.github/workflows/build-push-linux.yaml @@ -0,0 +1,58 @@ +name: Build and push linux images + +on: + workflow_call: + inputs: + version_number: + required: false + type: string + +defaults: + run: + shell: bash + +jobs: + build-push-linux: + runs-on: [self-hosted, linux] + permissions: + contents: read + packages: write + steps: + - uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: lowercase github.repository + run: | + echo "IMAGE_NAME=`echo ${{github.repository}} | tr '[:upper:]' '[:lower:]'`" >>${GITHUB_ENV} + - name: Docker meta + uses: docker/metadata-action@v5 + id: meta + with: + images: | + ghcr.io/${{ env.IMAGE_NAME }} + tags: | + # always release image under 'dev-ubuntu' tag + type=raw,value=dev-ubuntu + # release under 'latest-ubuntu' tag if set + type=raw,value=latest-ubuntu,enable=${{ github.event.inputs.version_number != '' }} + # release under version tag + type=raw,value=${{ github.event.inputs.version_number }}-ubuntu,enable=${{ github.event.inputs.version_number != '' }} + labels: | + org.opencontainers.image.authors=Ableytner + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: ./linux + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/define-build-linux-image.yaml b/.github/workflows/define-build-linux-image.yaml deleted file mode 100644 index df5e65c..0000000 --- a/.github/workflows/define-build-linux-image.yaml +++ /dev/null @@ -1,28 +0,0 @@ -name: Build linux image - -on: [workflow_call] - -defaults: - run: - shell: bash - -jobs: - build-linux: - runs-on: [self-hosted, linux] - steps: - - uses: actions/checkout@v3 - - name: lowercase github.repository - run: | - echo "IMAGE_NAME=`echo ${{github.repository}} | tr '[:upper:]' '[:lower:]'`" >>${GITHUB_ENV} - - name: Build - run: | - docker build -t ${{ env.IMAGE_NAME }}:latest-ubuntu ./linux - - name: Export - run: | - docker save -o /tmp/image_ubuntu.tar ${{ env.IMAGE_NAME }}:latest-ubuntu - - name: Cache docker image - run: | - curl -X POST -F "file=@/tmp/image_ubuntu.tar" -F "project_id=gha-runner" -F "issue_id=1" http://192.168.0.11:25000/dump - - name: Remove local image - run: | - docker image rm ${{ env.IMAGE_NAME }}:latest-ubuntu diff --git a/.github/workflows/release-tagged-images.yaml b/.github/workflows/release-tagged-images.yaml index c47062e..923245a 100644 --- a/.github/workflows/release-tagged-images.yaml +++ b/.github/workflows/release-tagged-images.yaml @@ -11,66 +11,14 @@ defaults: shell: bash jobs: - build-linux: - uses: ./.github/workflows/define-build-linux-image.yaml + build-push-linux: + uses: ./.github/workflows/build-push-linux.yaml secrets: inherit - - tag: - runs-on: self-hosted - steps: - - uses: mukunku/tag-exists-action@v1.6.0 - id: check-tag - with: - tag: ${{ github.event.inputs.version_number }} - - name: Fail if tag exists - if: steps.check-tag.outputs.exists == 'true' - run: | - echo "Tag ${{ github.event.inputs.version_number }} exists!" - exit 1 - - name: Print tag if it doesn't exist - if: steps.check-tag.outputs.exists == 'false' - run: | - echo "Tag ${{ github.event.inputs.version_number }} doesn't yet exist and can be created" - - push-linux: - needs: [tag, build-linux] - runs-on: [self-hosted, linux] - permissions: - contents: read - packages: write - steps: - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: lowercase github.repository - run: | - echo "IMAGE_NAME=`echo ${{github.repository}} | tr '[:upper:]' '[:lower:]'`" >>${GITHUB_ENV} - - name: Download cached docker image - run: | - curl -X GET http://192.168.0.11:25000/attachments/gha-runner/1/image_ubuntu.tar -o /tmp/image_ubuntu.tar - - name: Load image - run: | - docker load --input /tmp/image_ubuntu.tar - - name: Push - run: | - docker tag ${{ env.IMAGE_NAME }}:latest-ubuntu ghcr.io/${{ env.IMAGE_NAME }}:${{ github.event.inputs.version_number }}-ubuntu - docker push ghcr.io/${{ env.IMAGE_NAME }}:${{ github.event.inputs.version_number }}-ubuntu - docker tag ghcr.io/${{ env.IMAGE_NAME }}:${{ github.event.inputs.version_number }}-ubuntu ghcr.io/${{ env.IMAGE_NAME }}:latest-ubuntu - docker push ghcr.io/${{ env.IMAGE_NAME }}:latest-ubuntu - - name: Remove local image - if: always() - run: | - docker image rm ${{ env.IMAGE_NAME }}:latest-ubuntu - - name: Remove cached docker image - if: always() - run: | - curl -X DELETE http://192.168.0.11:25000/attachments/gha-runner/1/image_ubuntu.tar + with: + version_number: ${{ github.event.inputs.version_number }} release: - needs: [tag, build-linux, push-linux] + needs: [build-push-linux] runs-on: [self-hosted, linux] permissions: contents: write diff --git a/.github/workflows/run-build-images.yaml b/.github/workflows/run-build-images.yaml index a0f20fd..3554bfe 100644 --- a/.github/workflows/run-build-images.yaml +++ b/.github/workflows/run-build-images.yaml @@ -7,41 +7,6 @@ on: workflow_dispatch: jobs: - build-linux: - uses: ./.github/workflows/define-build-linux-image.yaml + build-push-linux: + uses: ./.github/workflows/build-push-linux.yaml secrets: inherit - - push: - needs: [build-linux] - runs-on: [self-hosted, linux] - permissions: - contents: read - packages: write - steps: - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: lowercase github.repository - run: | - echo "IMAGE_NAME=`echo ${{github.repository}} | tr '[:upper:]' '[:lower:]'`" >>${GITHUB_ENV} - - name: Download cached docker image - run: | - curl -X GET http://192.168.0.11:25000/attachments/gha-runner/1/image_ubuntu.tar -o /tmp/image_ubuntu.tar - - name: Load image - run: | - docker load --input /tmp/image_ubuntu.tar - - name: Push - run: | - docker tag ${{ env.IMAGE_NAME }}:latest-ubuntu ghcr.io/${{ env.IMAGE_NAME }}:dev - docker push ghcr.io/${{ env.IMAGE_NAME }}:dev - - name: Remove local image - if: always() - run: | - docker image rm ${{ env.IMAGE_NAME }}:latest-ubuntu - - name: Remove cached docker image - if: always() - run: | - curl -X DELETE http://192.168.0.11:25000/attachments/gha-runner/1/image_ubuntu.tar diff --git a/linux/Dockerfile b/linux/Dockerfile index 391cc82..faec059 100644 --- a/linux/Dockerfile +++ b/linux/Dockerfile @@ -1,14 +1,14 @@ FROM ubuntu:24.04 +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + # NOTE: CONTAINERD_VERSION needs to stay at 1.7.28 due to: # https://github.com/nestybox/sysbox/issues/973 ARG RUNNER_VERSION="2.331.0" \ CONTAINERD_VERSION="1.7.28" \ DOCKER_VERSION="29.1.5" \ BUILDX_VERSION="0.30.1" \ - COMPOSE_VERSION="2.40.3" \ - ARCH="amd64" \ - INSTRUCTION_SET="x64" + COMPOSE_VERSION="2.40.3" ARG DEBIAN_FRONTEND=noninteractive @@ -21,7 +21,8 @@ RUN apt-get update \ && chmod 777 /opt/hostedtoolcache # install github actions runner -RUN mkdir -p /home/runner/actions-runner \ +RUN INSTRUCTION_SET="$(arch | sed s/aarch64/arm64/ | sed s/x86_64/x64/)" \ + && mkdir -p /home/runner/actions-runner \ && curl -L https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-${INSTRUCTION_SET}-${RUNNER_VERSION}.tar.gz -o /home/runner/actions-runner/actions.tar.gz \ && cd /home/runner/actions-runner \ && tar -xzf actions.tar.gz \ @@ -42,7 +43,8 @@ RUN apt-get update \ wget # install gh cli -RUN curl -L -H "Accept: application/vnd.github+json" https://api.github.com/repos/cli/cli/releases/latest \ +RUN ARCH="$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/)" \ + && curl -L -H "Accept: application/vnd.github+json" https://api.github.com/repos/cli/cli/releases/latest \ | jq -r '.tag_name' \ | sed 's/^v//g' \ > /tmp/ghcli_vers.txt \ @@ -55,9 +57,10 @@ RUN curl -L -H "Accept: application/vnd.github+json" https://api.github.com/repo && rm /tmp/ghcli.deb # install docker -RUN mkdir -p /home/runner/tmp \ - && cd /home/runner/tmp \ +RUN ARCH="$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/)" \ && BASE_URL="https://download.docker.com/linux/ubuntu/dists/noble/pool/stable/${ARCH}" \ + && mkdir -p /home/runner/tmp \ + && cd /home/runner/tmp \ && curl -L ${BASE_URL}/containerd.io_${CONTAINERD_VERSION}-1~ubuntu.24.04~noble_${ARCH}.deb -o ./containerd.io.deb \ && curl -L ${BASE_URL}/docker-ce_${DOCKER_VERSION}-1~ubuntu.24.04~noble_${ARCH}.deb -o ./docker-ce.deb \ && curl -L ${BASE_URL}/docker-ce-cli_${DOCKER_VERSION}-1~ubuntu.24.04~noble_${ARCH}.deb -o ./docker-ce-cli.deb \ diff --git a/linux/scripts/entrypoint.sh b/linux/scripts/entrypoint.sh index 0d29111..979e774 100644 --- a/linux/scripts/entrypoint.sh +++ b/linux/scripts/entrypoint.sh @@ -60,6 +60,7 @@ rm token_resp.txt --token "${REG_TOKEN}" \ --name "${RUNNER_NAME:-"runner-ubuntu"}-${HOSTNAME}" \ --unattended \ + --disableupdate \ --labels "${EXTRA_LABELS:-}" cleanup() {