-
Notifications
You must be signed in to change notification settings - Fork 336
114 lines (101 loc) · 4.36 KB
/
wave-bundle-docker-build-publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
name: Build and Publish Docker image from generated Dockerfile
on:
workflow_call:
inputs:
build-version:
type: string
description: The version of the application/image to be pushed
required: true
bundle-artifact:
type: string
description: The name of the artifact containing the generated Dockerfiles and the wave bundle
required: true
working-directory:
type: string
description: Path to the working directory, where docker build will be executed
default: .
wave-app-name:
type: string
description: The name of the wave app
required: true
jobs:
docker:
name: Build and Publish App Docker Image
runs-on: ubuntu-latest
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
steps:
- uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Download Wave bundle and Dockerfiles
uses: actions/download-artifact@v4
with:
name: ${{ inputs.bundle-artifact }}
path: ./
- name: Rename Dockerfiles
run: |
mv ./*bundle.Dockerfile ./generated.bundle.Dockerfile
mv ./*runtime.Dockerfile ./generated.runtime.Dockerfile
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::353750902984:role/GitHub-OIDC-Role
role-session-name: GitHub_to_AWS_via_FederatedOIDC
aws-region: us-east-1
- name: "Login to Amazon ECR"
uses: aws-actions/amazon-ecr-login@v1
- name: "Ensure ECR Repository for the bundle"
# Tries to describe the repository and if it fails, creates it
run: |
aws ecr describe-repositories \
--repository-names h2oai/${{ inputs.wave-app-name }}-bundle 2>/dev/null ||
aws ecr create-repository \
--repository-name h2oai/${{ inputs.wave-app-name }}-bundle \
--image-tag-mutability IMMUTABLE \
--tag \
Key=GithubRepo,Value=github.com/h2oai/${{ inputs.wave-app-name }} \
Key=ManagedBy,Value=GitHubActions \
Key=CreatedByWorkflow,Value=${{ github.workflow_ref }}
- name: "Ensure ECR Repository for the runtime"
# Tries to describe the repository and if it fails, creates it
run: |
aws ecr describe-repositories \
--repository-names h2oai/${{ inputs.wave-app-name }} 2>/dev/null ||
aws ecr create-repository \
--repository-name h2oai/${{ inputs.wave-app-name }} \
--image-tag-mutability IMMUTABLE \
--tag \
Key=GithubRepo,Value=github.com/h2oai/${{ inputs.wave-app-name }} \
Key=ManagedBy,Value=GitHubActions \
Key=CreatedByWorkflow,Value=${{ github.workflow_ref }}
- name: Build and Export Bundle Image
uses: docker/build-push-action@v4
id: bundle-build
with:
push: true
context: ${{ inputs.working-directory }}
file: ./generated.bundle.Dockerfile
platforms: linux/amd64
provenance: false
tags: |
353750902984.dkr.ecr.us-east-1.amazonaws.com/h2oai/${{ inputs.wave-app-name }}-bundle:${{ inputs.build-version }}
- name: Build and Export Runtime Image
uses: docker/build-push-action@v4
id: runtime-build
with:
push: true
context: ${{ inputs.working-directory }}
file: ./generated.runtime.Dockerfile
platforms: linux/amd64
provenance: false
tags: |
353750902984.dkr.ecr.us-east-1.amazonaws.com/h2oai/${{ inputs.wave-app-name }}:${{ inputs.build-version }}
- name: Published Images Summary
run: |
echo "#### Image Tags" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
echo "docker image push 353750902984.dkr.ecr.us-east-1.amazonaws.com/h2oai/${{ inputs.wave-app-name }}-bundle:${{ inputs.build-version }}" >> $GITHUB_STEP_SUMMARY
echo "docker image push 353750902984.dkr.ecr.us-east-1.amazonaws.com/h2oai/${{ inputs.wave-app-name }}:${{ inputs.build-version }}" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY