Skip to content

Commit

Permalink
publish container image to GitHub Container Registry
Browse files Browse the repository at this point in the history 
I might consider publishing also to Docker Hub. For now just Container
Registry is fine.
  • Loading branch information
@jackdbd
jackdbd committed Oct 9, 2024
1 parent d478d72 commit b796cf4
Show file tree
Hide file tree
Showing 7 changed files with 136 additions and 106 deletions.
144 changes: 90 additions & 54 deletions .github/workflows/ci-cd.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,25 +8,20 @@ on:
- main

env:
BINARY_NAME: fosdem-dl
APP_NAME: fosdem-dl
GRAALVM_VERSION: 23.0.0
HEAP_SIZE_AT_BUILD_TIME: '-R:MaximumHeapSizePercent=50'
JAVA_VERSION: 21
OPTIMIZATION_LEVEL: '-O2'
UBERJAR_NAME: fosdem-dl

jobs:
shared-outputs:
name: Shared outputs
runs-on: ubuntu-latest

# env:
# POD_JACKDBD_JSOUP_VERSION: 0.4.0
# VERSION: 0.1.0-RC.1

outputs:
app_version: ${{ steps.set_outputs.outputs.app_version }}
is_prerelease: ${{ steps.set_outputs.outputs.is_prerelease }}
version: ${{ steps.set_outputs.outputs.version }}

steps:
- name: 🛎️ Checkout
Expand All @@ -44,29 +39,29 @@ jobs:
- name: Set job outputs
id: set_outputs
run: |
APP_VERSION=$(bb -e '(-> (slurp "deps.edn") edn/read-string :aliases :neil :project :version)' | tr -d '"')
echo "app_version=$APP_VERSION" >> $GITHUB_OUTPUT
if [ "${{ github.ref }}" == "refs/heads/main" ]; then
echo "is_prerelease=false" >> $GITHUB_OUTPUT
else
echo "is_prerelease=true" >> $GITHUB_OUTPUT
fi
VERSION=$(bb -e '(-> (slurp "deps.edn") edn/read-string :aliases :neil :project :version)' | tr -d '"')
echo "version=$VERSION" >> $GITHUB_OUTPUT
- name: Log job outputs
run: |
echo "app_version is ${{ steps.set_outputs.outputs.app_version }}"
echo "is_prerelease is ${{ steps.set_outputs.outputs.is_prerelease }}"
# echo "pod_jackdbd_jsoup_path_linux is ${{ steps.set_outputs.outputs.pod_jackdbd_jsoup_path_linux }}"
# echo "pod_jackdbd_jsoup_path_macos is ${{ steps.set_outputs.outputs.pod_jackdbd_jsoup_path_macos }}"
echo "version is ${{ steps.set_outputs.outputs.version }}"
uberjar:
name: Uberjar
needs: [shared-outputs]
runs-on: ubuntu-latest

env:
VERSION: ${{ needs.shared-outputs.outputs.version }}
APP_VERSION: ${{ needs.shared-outputs.outputs.app_version }}

steps:
- name: 🛎️ Checkout
Expand All @@ -88,25 +83,20 @@ jobs:
# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# run: ./download_pod_jackdbd_jsoup.sh

# Question: will calling `bb tasks` cause Babashka to download the pods declared in bb.edn?
# Answer: yes, it will.
# - run: bb tasks
# - run: ls -1 -R ~/.babashka

- name: 📦 Build a Babashka uberjar
run: bb build:bb-uber

- name: "CLI talks --help"
run: bb target/${{env.UBERJAR_NAME }}-${{ env.VERSION }}.jar talks --help
run: bb target/${{env.APP_NAME }}-${{ env.APP_VERSION }}.jar talks --help

- name: "CLI tracks --help"
run: bb target/${{env.UBERJAR_NAME }}-${{ env.VERSION }}.jar tracks --help
run: bb target/${{env.APP_NAME }}-${{ env.APP_VERSION }}.jar tracks --help

- name: ⬆️ Upload Babashka uberjar
uses: actions/upload-artifact@v4
with:
name: bb-uberjar
path: target/${{ env.UBERJAR_NAME }}-${{ env.VERSION }}.jar
path: target/${{ env.APP_NAME }}-${{ env.APP_VERSION }}.jar
if-no-files-found: error

- name: 📦 Build normal uberjar
Expand All @@ -118,7 +108,7 @@ jobs:
uses: actions/upload-artifact@v4
with:
name: uberjar
path: target/${{ env.UBERJAR_NAME }}-${{ env.VERSION }}-standalone.jar
path: target/${{ env.APP_NAME }}-${{ env.APP_VERSION }}-standalone.jar
if-no-files-found: error

test:
Expand Down Expand Up @@ -151,31 +141,80 @@ jobs:
needs: [shared-outputs]
runs-on: ubuntu-latest

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
APP_VERSION: ${{ needs.shared-outputs.outputs.app_version }}

permissions:
contents: read
packages: write
attestations: write
id-token: write

steps:
- name: 🛎️ Checkout
uses: actions/checkout@v4

- name: 🔧 Setup Clojure CLI and Babashka
uses: DeLaGuardo/[email protected]
with:
cli: 'latest'
bb: 'latest'
# - name: 🔧 Setup Clojure CLI and Babashka
# uses: DeLaGuardo/[email protected]
# with:
# cli: 'latest'
# bb: 'latest'

- name: 🐋 Build container image
run: bb container:build
# - name: 🐋 Build container image
# run: bb container:build

# Print a few commands to double check that the CLI is working as expected
- run: bb container:cli help
- run: bb container:cli talks --help
- run: bb container:cli tracks --help
# # Print a few commands to double check that the CLI is working as expected
# - run: bb container:cli help
# - run: bb container:cli talks --help
# - run: bb container:cli tracks --help

# https://github.com/marketplace/actions/docker-login
- name: Log in to the Container registry
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

# https://github.com/marketplace/actions/docker-metadata-action
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/[email protected]
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

# https://github.com/marketplace/actions/build-and-push-docker-images
- name: Build and push Docker image
id: push
uses: docker/[email protected]
with:
context: .
push: true
build-args: |
APP_NAME=${{env.APP_NAME }}
APP_VERSION=${{env.APP_VERSION }}
BB_VERSION=1.4.192
JSOUP_POD_VERSION=0.4.0
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

# https://github.com/marketplace/actions/attest-build-provenance
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true

linux-amd64-binary:
name: Linux amd64 binary
needs: [shared-outputs, uberjar]
runs-on: ubuntu-latest

env:
VERSION: ${{ needs.shared-outputs.outputs.version }}
APP_VERSION: ${{ needs.shared-outputs.outputs.app_version }}

steps:
- name: 🛎️ Checkout
Expand All @@ -197,10 +236,10 @@ jobs:
with:
bb: 'latest'

# We let Babashka download the pod for this OS & architecture.
# Calling `bb tasks` is enough to let Babashka download all pods declared
# in the bb.edn file. Babashka downloads only the pod binary files that
# were compiled for the combination of OS & arch of this GitHub runner.
- run: bb tasks
# - name: 📦 Build Babashka uberjar
# run: bb build:bb-uber

- name: ⬇️ Download uberjar
uses: actions/download-artifact@v4
Expand All @@ -210,7 +249,7 @@ jobs:
- name: Move uberjar to target/
run: |
mkdir target
mv ${{ env.UBERJAR_NAME }}-${{ env.VERSION }}-standalone.jar target/
mv ${{ env.APP_NAME }}-${{ env.APP_VERSION }}-standalone.jar target/
# Troubleshooting: Babashka pods should be somewhere here.
# - run: ls -1 -R ~/.babashka
Expand All @@ -224,7 +263,7 @@ jobs:
uses: actions/upload-artifact@v4
with:
name: linux-amd64-binary
path: ${{ env.BINARY_NAME }}
path: ${{ env.APP_NAME }}
if-no-files-found: error

macos-aarch64-binary:
Expand All @@ -233,7 +272,7 @@ jobs:
runs-on: macos-latest

env:
VERSION: ${{ needs.shared-outputs.outputs.version }}
APP_VERSION: ${{ needs.shared-outputs.outputs.app_version }}

steps:
- name: 🛎️ Checkout
Expand All @@ -256,9 +295,6 @@ jobs:

# We let Babashka download the pod for this OS & architecture.
- run: bb tasks
# - name: 📦 Build Babashka uberjar
# run: bb build:bb-uber

# - run: ls -1 -R ~/.babashka

- name: ⬇️ Download uberjar
Expand All @@ -269,7 +305,7 @@ jobs:
# TODO: bundle pod-jackdbd-jsoup when building with GraalVM native-image
- name: 📦 Compile uberjar to AArch64-macOS binary with GraalVM native-image
run: |
native-image -jar ${{ env.UBERJAR_NAME }}-${{ env.VERSION }}-standalone.jar ${{ env.BINARY_NAME }} \
native-image -jar ${{ env.APP_NAME }}-${{ env.APP_VERSION }}-standalone.jar ${{ env.APP_NAME }} \
'-H:ResourceConfigurationFiles=resource-config.json' \
'-H:+UnlockExperimentalVMOptions' \
'--gc=serial' \
Expand All @@ -285,18 +321,18 @@ jobs:
uses: actions/upload-artifact@v4
with:
name: macos-aarch64-binary
path: ${{ env.BINARY_NAME }}
path: ${{ env.APP_NAME }}
if-no-files-found: error

github-release:
name: GitHub release
if: ${{ github.event_name != 'pull_request' }}
needs: [shared-outputs, uberjar, linux-amd64-binary, macos-aarch64-binary, container-image]
needs: [shared-outputs, uberjar, container-image, linux-amd64-binary, macos-aarch64-binary]
runs-on: ubuntu-latest

env:
APP_VERSION: ${{ needs.shared-outputs.outputs.app_version }}
IS_PRERELEASE: ${{ needs.shared-outputs.outputs.is_prerelease }}
VERSION: ${{ needs.shared-outputs.outputs.version }}

permissions:
contents: write
Expand Down Expand Up @@ -329,8 +365,8 @@ jobs:

- name: 📦 Create archives for all assets to be included in the GitHub release
run: |
mv linux-amd64-binary fosdem-dl && zip "${{ env.BINARY_NAME }}-${{ env.VERSION }}-linux-amd64.zip" fosdem-dl && rm fosdem-dl
mv macos-aarch64-binary fosdem-dl && zip "${{ env.BINARY_NAME }}-${{ env.VERSION }}-macos-aarch64.zip" fosdem-dl && rm fosdem-dl
mv linux-amd64-binary fosdem-dl && zip "${{ env.APP_NAME }}-${{ env.APP_VERSION }}-linux-amd64.zip" fosdem-dl && rm fosdem-dl
mv macos-aarch64-binary fosdem-dl && zip "${{ env.APP_NAME }}-${{ env.APP_VERSION }}-macos-aarch64.zip" fosdem-dl && rm fosdem-dl
# Troubleshooting: do we have every assets we want to include in the GitHub release?
- run: ls -la
Expand All @@ -345,14 +381,14 @@ jobs:
fail_on_unmatched_files: true
# TODO: add all binaries compiled with GraalVM native-image
files: |
${{ env.UBERJAR_NAME }}-${{ env.VERSION }}.jar
${{ env.UBERJAR_NAME }}-${{ env.VERSION }}-standalone.jar
${{ env.BINARY_NAME }}-${{ env.VERSION }}-linux-amd64.zip
${{ env.BINARY_NAME }}-${{ env.VERSION }}-macos-aarch64.zip
${{ env.APP_NAME }}-${{ env.APP_VERSION }}.jar
${{ env.APP_NAME }}-${{ env.APP_VERSION }}-standalone.jar
${{ env.APP_NAME }}-${{ env.APP_VERSION }}-linux-amd64.zip
${{ env.APP_NAME }}-${{ env.APP_VERSION }}-macos-aarch64.zip
# body is prepended to these automatically generated release notes.
# See here for how to configure these release notes:
# https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes#configuring-automatically-generated-release-notes
generate_release_notes: true
name: v${{ env.VERSION }}
name: v${{ env.APP_VERSION }}
prerelease: ${{ env.IS_PRERELEASE }}
tag_name: v${{ env.VERSION }}
tag_name: v${{ env.APP_VERSION }}
18 changes: 10 additions & 8 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,19 @@ FROM docker.io/library/clojure:temurin-23-tools-deps-1.12.0.1479-bullseye-slim A
ARG APP_DIR=/usr/src/app
RUN if [ -z "${APP_DIR}" ] ; then echo "APP_DIR not set!" ; exit 1; fi

ARG ARTIFACT_NAME
RUN if [ -z "${ARTIFACT_NAME}" ] ; then echo "ARTIFACT_NAME not set!" ; exit 1; fi
ARG APP_NAME
RUN if [ -z "${APP_NAME}" ] ; then echo "APP_NAME not set!" ; exit 1; fi

ARG ARTIFACT_VERSION
RUN if [ -z "${ARTIFACT_VERSION}" ] ; then echo "ARTIFACT_VERSION not set!" ; exit 1; fi

ARG ARTIFACT_NAME
RUN if [ -z "${ARTIFACT_NAME}" ] ; then echo "ARTIFACT_NAME not set!" ; exit 1; fi
ARG APP_VERSION
RUN if [ -z "${APP_VERSION}" ] ; then echo "APP_VERSION not set!" ; exit 1; fi

# If you need to use a version of pod-jackdbd-jsoup not available on the pod
# registry, you will need to download it and place it where bb.edn declares it
# (it would be {:pods {some-pod {:path "some-path"}}}).
# ARG JSOUP_POD_PATH="resources/pod/pod-jackdbd-jsoup"

ARG CREATED_DATE

# https://github.com/babashka/babashka/releases
ARG BB_VERSION="1.4.192"

Expand All @@ -45,7 +44,7 @@ COPY bb ${APP_DIR}/bb
COPY src ${APP_DIR}/src

RUN bb run build:bb-uber
RUN mv target/${ARTIFACT_NAME}-${ARTIFACT_VERSION}.jar "${ARTIFACT_NAME}.jar"
RUN mv target/${APP_NAME}-${APP_VERSION}.jar "${APP_NAME}.jar"

# === STAGE 2 ================================================================ #
# Run the uberjar
Expand All @@ -61,6 +60,7 @@ RUN groupadd --gid 1234 $NON_ROOT_USER && \
ARG APP_DIR=/usr/src/app
ARG JSOUP_POD_VERSION
RUN if [ -z "${JSOUP_POD_VERSION}" ] ; then echo "JSOUP_POD_VERSION not set!" ; exit 1; fi
ARG CREATED_DATE

USER $NON_ROOT_USER
WORKDIR "/home/$NON_ROOT_USER"
Expand Down Expand Up @@ -93,6 +93,8 @@ RUN bb -e "(require '[babashka.pods :as pods]) \
# mv $JSOUP_POD_BB_PATH $JSOUP_POD_PATH && \
# rm -rf "/home/${NON_ROOT_USER}/.babashka"

LABEL org.opencontainers.image.created=${CREATED_DATE}
LABEL org.opencontainers.image.source=https://github.com/jackdbd/fosdem-dl
ENTRYPOINT ["bb", "fosdem-dl.jar"]
CMD ["help"]
# CMD ["talks", "--help"]
Expand Down
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ Download all talks from a [FOSDEM](https://fosdem.org/) conference track in a sp

## Installation

This project is available on [GitHub Releases](https://github.com/jackdbd/fosdem-dl/releases) as an uberjar and a [Babashka uberjar](https://book.babashka.org/#_uberjar).
This project is available on [GitHub Releases](https://github.com/jackdbd/fosdem-dl/releases) and [GitHub Packages](https://github.com/jackdbd/fosdem-dl/pkgs/container/fosdem-dl) as an uberjar, a [Babashka uberjar](https://book.babashka.org/#_uberjar) and a container image.

## Usage

Expand Down
Loading

0 comments on commit b796cf4

Please sign in to comment.