-
Notifications
You must be signed in to change notification settings - Fork 0
AP-495: move to Github Actions #1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
a597754
AP-495: move to Github Actions
anarchivist c22a7b8
avoid building arm for now, only because wowza at this version doesn'…
anarchivist 7886867
Address PR feedback
anarchivist 5006471
fix key redaction for CI
anarchivist a3c25a6
Update README.md
anarchivist File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,196 @@ | ||
| name: Build / Test / Push | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - '**' | ||
| workflow_dispatch: | ||
|
|
||
| env: | ||
| BUILD_SUFFIX: -build-${{ github.run_id }}_${{ github.run_attempt }} | ||
| DOCKER_METADATA_SET_OUTPUT_ENV: 'true' | ||
|
|
||
| jobs: | ||
| build: | ||
| runs-on: ${{ matrix.runner }} | ||
| outputs: | ||
| # image-arm64: ${{ steps.gen-output.outputs.image-arm64 }} | ||
| image-x64: ${{ steps.gen-output.outputs.image-x64 }} | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| runner: | ||
| - ubuntu-24.04 | ||
| # - ubuntu-24.04-arm | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
|
|
||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - id: build-meta | ||
| name: Docker meta | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ghcr.io/${{ github.repository }} | ||
| tags: type=sha,suffix=${{ env.BUILD_SUFFIX }} | ||
|
|
||
| # Build cache is shared among all builds of the same architecture | ||
| - id: cache-meta | ||
| name: Docker meta | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ghcr.io/${{ github.repository }} | ||
| tags: type=raw,value=buildcache-${{ runner.arch }} | ||
|
|
||
| - id: get-registry | ||
| name: Get the sanitized registry name | ||
| run: | | ||
| echo "registry=$(echo '${{ steps.build-meta.outputs.tags }}' | cut -f1 -d:)" | tee -a "$GITHUB_OUTPUT" | ||
|
|
||
| - id: build | ||
| name: Build/push the arch-specific image | ||
| uses: docker/build-push-action@v6 | ||
| with: | ||
| cache-from: type=registry,ref=${{ steps.cache-meta.outputs.tags }} | ||
| cache-to: type=registry,ref=${{ steps.cache-meta.outputs.tags }},mode=max | ||
| labels: ${{ steps.build-meta.outputs.labels }} | ||
| provenance: mode=max | ||
| sbom: true | ||
| tags: ${{ steps.get-registry.outputs.registry }} | ||
| outputs: type=image,push-by-digest=true,push=true | ||
|
|
||
| - id: gen-output | ||
| name: Write arch-specific image digest to outputs | ||
| run: | | ||
| echo "image-${RUNNER_ARCH,,}=${{ steps.get-registry.outputs.registry }}@${{ steps.build.outputs.digest }}" | tee -a "$GITHUB_OUTPUT" | ||
|
|
||
| merge: | ||
| runs-on: ubuntu-24.04 | ||
| needs: build | ||
| env: | ||
| # DOCKER_APP_IMAGE_ARM64: ${{ needs.build.outputs.image-arm64 }} | ||
| DOCKER_APP_IMAGE_X64: ${{ needs.build.outputs.image-x64 }} | ||
| outputs: | ||
| image: ${{ steps.meta.outputs.tags }} | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
|
|
||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - id: meta | ||
| name: Generate tag for the app image | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ghcr.io/${{ github.repository }} | ||
| tags: type=sha,suffix=${{ env.BUILD_SUFFIX }} | ||
|
|
||
| - name: Push the multi-platform app image | ||
| run: | | ||
| docker buildx imagetools create \ | ||
| --tag "$DOCKER_METADATA_OUTPUT_TAGS" \ | ||
| "$DOCKER_APP_IMAGE_X64" | ||
|
|
||
| test: | ||
| runs-on: ubuntu-24.04 | ||
| needs: merge | ||
| env: | ||
| COMPOSE_FILE: docker-compose.yml:docker-compose.ci.yml | ||
| DOCKER_APP_IMAGE: ${{ needs.merge.outputs.image }} | ||
| WOWZA_MANAGER_USER: wowza | ||
| WOWZA_MANAGER_PASSWORD: wowza | ||
|
|
||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Set up Docker Compose | ||
| uses: docker/setup-compose-action@v1 | ||
|
|
||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Setup the stack | ||
| run: | | ||
| docker compose build --quiet | ||
| docker compose pull --quiet | ||
| docker compose up --wait | ||
| docker compose exec -u root app chown -R wowza:wowza artifacts | ||
| env: | ||
| WOWZA_LICENSE_KEY: ${{ secrets.WOWZA_LICENSE_KEY }} | ||
|
|
||
| - name: Run tests | ||
| if: ${{ always() }} | ||
| run: | | ||
| docker compose run app /opt/app/test/run_tests.py | ||
| env: | ||
| WOWZA_LICENSE_KEY: ${{ secrets.WOWZA_LICENSE_KEY }} | ||
|
|
||
| - name: Copy out artifacts | ||
| if: ${{ always() }} | ||
| run: | | ||
| docker compose cp app:/opt/app/artifacts ./ | ||
| docker compose logs > artifacts/docker-compose-services.log | ||
| docker compose config > artifacts/docker-compose.merged.yml | ||
|
|
||
| - name: Upload the test report | ||
| if: ${{ always() }} | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: Wowza Build Report (${{ github.run_id }}_${{ github.run_attempt }}) | ||
| path: artifacts/* | ||
| if-no-files-found: error | ||
|
|
||
| push: | ||
| runs-on: ubuntu-24.04 | ||
| needs: | ||
| - merge | ||
| - test | ||
| env: | ||
| DOCKER_APP_IMAGE: ${{ needs.merge.outputs.image }} | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Produce permanent image tags | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ghcr.io/${{ github.repository }} | ||
| tags: | | ||
| type=sha | ||
| type=ref,event=branch | ||
| type=raw,value=latest,enable={{is_default_branch}} | ||
|
|
||
| - name: Retag and push the image | ||
| run: | | ||
| docker pull "$DOCKER_APP_IMAGE" | ||
| echo "$DOCKER_METADATA_OUTPUT_TAGS" | tr ' ' '\n' | xargs -n1 docker tag "$DOCKER_APP_IMAGE" | ||
| docker push --all-tags "$(echo "$DOCKER_APP_IMAGE" | cut -f1 -d:)" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| name: Push Release Tags | ||
|
|
||
| on: | ||
| push: | ||
| tags: | ||
| - '**' | ||
| workflow_dispatch: | ||
|
|
||
| env: | ||
| DOCKER_METADATA_SET_OUTPUT_ENV: 'true' | ||
|
|
||
| jobs: | ||
| retag: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
|
|
||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Determine the sha-based image tag to retag | ||
| id: get-base-image | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ghcr.io/${{ github.repository }} | ||
| tags: type=sha | ||
|
|
||
| - name: Verify that the image was previously built | ||
| env: | ||
| BASE_IMAGE: ${{ steps.get-base-image.outputs.tags }} | ||
| run: | | ||
| docker pull "$BASE_IMAGE" | ||
|
|
||
| - name: Produce release tags | ||
| id: tag-meta | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ghcr.io/${{ github.repository }} | ||
| flavor: latest=false | ||
| tags: | | ||
| type=ref,event=tag | ||
| type=semver,pattern={{major}} | ||
| type=semver,pattern={{major}}.{{minor}} | ||
| type=semver,pattern={{version}} | ||
|
|
||
| - name: Retag the pulled image | ||
| env: | ||
| BASE_IMAGE: ${{ steps.get-base-image.outputs.tags }} | ||
| run: | | ||
| echo "$DOCKER_METADATA_OUTPUT_TAGS" | tr ' ' '\n' | xargs -n1 docker tag "$BASE_IMAGE" | ||
| docker push --all-tags "$(echo "$BASE_IMAGE" | cut -f1 -d:)" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| --- | ||
|
|
||
| services: | ||
| app: | ||
| build: !reset | ||
| image: ${DOCKER_APP_IMAGE} | ||
| volumes: !override | ||
| - artifacts:/opt/app/artifacts | ||
|
|
||
| volumes: | ||
| artifacts: | ||
|
anarchivist marked this conversation as resolved.
Outdated
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| WOWZA_LICENSE_KEY=abcd1234325 | ||
| WOWZA_MANAGER_USER=wowza | ||
| WOWZA_MANAGER_PASSWORD=wowza |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.