Skip to content

Commit

Permalink
[stable2407] Backport docker fix to 2407 (#6017)
Browse files Browse the repository at this point in the history
This PR backports fixes for the docker publishing flow from master:
- #5896
- #5387
  • Loading branch information
EgorPopelyaev authored Oct 11, 2024
1 parent f72fe54 commit 88c3250
Show file tree
Hide file tree
Showing 5 changed files with 110 additions and 22 deletions.
3 changes: 2 additions & 1 deletion .github/scripts/common/lib.sh
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,7 @@ fetch_release_artifacts() {
# - GITHUB_TOKEN
# - REPO in the form paritytech/polkadot
fetch_release_artifacts_from_s3() {
BINARY=$1
echo "Version : $VERSION"
echo "Repo : $REPO"
echo "Binary : $BINARY"
Expand Down Expand Up @@ -461,7 +462,7 @@ function get_polkadot_node_version_from_code() {

validate_stable_tag() {
tag="$1"
pattern='^stable[0-9]+(-[0-9]+)?$'
pattern="^stable[0-9]{4}(-[0-9]+)?(-rc[0-9]+)?$"

if [[ $tag =~ $pattern ]]; then
echo $tag
Expand Down
74 changes: 54 additions & 20 deletions .github/workflows/release-50_publish-docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -75,39 +75,43 @@ env:
# EVENT_ACTION: ${{ github.event.action }}
EVENT_NAME: ${{ github.event_name }}
IMAGE_TYPE: ${{ inputs.image_type }}
VERSION: ${{ inputs.version }}

jobs:
validate-inputs:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.validate_inputs.outputs.VERSION }}
release_id: ${{ steps.validate_inputs.outputs.RELEASE_ID }}
stable_tag: ${{ steps.validate_inputs.outputs.stable_tag }}

steps:
- name: Checkout sources
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

- name: Validate inputs
id: validate_inputs
run: |
. ./.github/scripts/common/lib.sh
VERSION=$(filter_version_from_input "${{ inputs.version }}")
echo "VERSION=${VERSION}" >> $GITHUB_ENV
echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
RELEASE_ID=$(check_release_id "${{ inputs.release_id }}")
echo "RELEASE_ID=${RELEASE_ID}" >> $GITHUB_ENV
echo "RELEASE_ID=${RELEASE_ID}" >> $GITHUB_OUTPUT
echo "Release ID: $RELEASE_ID"
STABLE_TAG=$(validate_stable_tag ${{ inputs.stable_tag }})
echo "stable_tag=${STABLE_TAG}" >> $GITHUB_OUTPUT
fetch-artifacts: # this job will be triggered for the polkadot-parachain rc and release or polkadot rc image build
if: ${{ inputs.binary == 'polkadot-parachain' || inputs.binary == 'chain-spec-builder' || inputs.image_type == 'rc' }}
runs-on: ubuntu-latest
needs: [validate-inputs]

steps:
- name: Checkout sources
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

#TODO: this step will be needed when automated triggering will work
#this step runs only if the workflow is triggered automatically when new release is published
Expand All @@ -129,14 +133,23 @@ jobs:
run: |
. ./.github/scripts/common/lib.sh
fetch_release_artifacts_from_s3
VERSION="${{ needs.validate-inputs.outputs.VERSION }}"
if [[ ${{ inputs.binary }} == 'polkadot' ]]; then
bins=(polkadot polkadot-prepare-worker polkadot-execute-worker)
for bin in "${bins[@]}"; do
fetch_release_artifacts_from_s3 $bin
done
else
fetch_release_artifacts_from_s3 $BINARY
fi
- name: Fetch chain-spec-builder rc artifacts or release artifacts based on release id
#this step runs only if the workflow is triggered manually and only for chain-spec-builder
if: ${{ env.EVENT_NAME == 'workflow_dispatch' && inputs.binary == 'chain-spec-builder' }}
run: |
. ./.github/scripts/common/lib.sh
RELEASE_ID="${{ needs.validate-inputs.outputs.RELEASE_ID }}"
fetch_release_artifacts
- name: Upload artifacts
Expand All @@ -153,7 +166,7 @@ jobs:

steps:
- name: Checkout sources
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

- name: Download artifacts
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
Expand Down Expand Up @@ -181,32 +194,45 @@ jobs:
run: |
. ./.github/scripts/common/lib.sh
RELEASE_ID=$(check_release_id "${{ inputs.release_id }}")
release=release-$RELEASE_ID && \
echo "release=${release}" >> $GITHUB_OUTPUT
echo "release=${{ needs.validate-inputs.outputs.stable_tag }}" >> $GITHUB_OUTPUT
commit=$(git rev-parse --short HEAD) && \
echo "commit=${commit}" >> $GITHUB_OUTPUT
tag=$(git name-rev --tags --name-only $(git rev-parse HEAD)) && \
[ "${tag}" != "undefined" ] && echo "tag=${tag}" >> $GITHUB_OUTPUT || \
echo "No tag, doing without"
echo "tag=${{ needs.validate-inputs.outputs.version }}" >> $GITHUB_OUTPUT
- name: Fetch release tags
working-directory: release-artifacts
if: ${{ env.IMAGE_TYPE == 'release'}}
id: fetch_release_refs
run: |
chmod a+rx $BINARY
[[ $BINARY != 'chain-spec-builder' ]] && VERSION=$(./$BINARY --version | awk '{ print $2 }' )
release=$( echo $VERSION | cut -f1 -d- )
if [[ $BINARY != 'chain-spec-builder' ]]; then
VERSION=$(./$BINARY --version | awk '{ print $2 }' )
release=$( echo $VERSION | cut -f1 -d- )
else
release=$(echo ${{ needs.validate-inputs.outputs.VERSION }} | sed 's/^v//')
fi
echo "tag=latest" >> $GITHUB_OUTPUT
echo "release=${release}" >> $GITHUB_OUTPUT
echo "stable=${{ needs.validate-inputs.outputs.stable_tag }}" >> $GITHUB_OUTPUT
- name: Build Injected Container image for polkadot rc or chain-spec-builder
if: ${{ env.BINARY == 'polkadot' || env.BINARY == 'chain-spec-builder' }}
- name: Build Injected Container image for polkadot rc
if: ${{ env.BINARY == 'polkadot' }}
env:
ARTIFACTS_FOLDER: release-artifacts
IMAGE_NAME: ${{ env.BINARY }}
OWNER: ${{ env.DOCKER_OWNER }}
TAGS: ${{ join(steps.fetch_rc_refs.outputs.*, ',') || join(steps.fetch_release_refs.outputs.*, ',') }}
run: |
ls -al
echo "Building container for $BINARY"
./docker/scripts/polkadot/build-injected.sh $ARTIFACTS_FOLDER
- name: Build Injected Container image chain-spec-builder
if: ${{ env.BINARY == 'chain-spec-builder' }}
env:
ARTIFACTS_FOLDER: release-artifacts
IMAGE_NAME: ${{ env.BINARY }}
Expand All @@ -233,8 +259,16 @@ jobs:
echo "Building container for $BINARY"
./docker/scripts/build-injected.sh
- name: Login to Dockerhub
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
- name: Login to Dockerhub to publish polkadot
if: ${{ env.BINARY == 'polkadot' }}
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.POLKADOT_DOCKERHUB_USERNAME }}
password: ${{ secrets.POLKADOT_DOCKERHUB_TOKEN }}

- name: Login to Dockerhub to puiblish polkadot-parachain/chain-spec-builder
if: ${{ env.BINARY == 'polkadot-parachain' || env.BINARY == 'chain-spec-builder' }}
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.CUMULUS_DOCKERHUB_USERNAME }}
password: ${{ secrets.CUMULUS_DOCKERHUB_TOKEN }}
Expand Down Expand Up @@ -285,7 +319,7 @@ jobs:
environment: release
steps:
- name: Checkout sources
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
Expand Down
52 changes: 52 additions & 0 deletions docker/dockerfiles/polkadot/polkadot_injected.Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
FROM docker.io/parity/base-bin

# metadata
ARG VCS_REF
ARG BUILD_DATE
ARG IMAGE_NAME
# That can be a single one or a comma separated list
ARG BINARY=polkadot

LABEL io.parity.image.authors="[email protected]" \
io.parity.image.vendor="Parity Technologies" \
io.parity.image.title="parity/polkadot" \
io.parity.image.description="Polkadot: a platform for web3. This is the official Parity image with an injected binary." \
io.parity.image.source="https://github.com/paritytech/polkadot-sdk/blob/${VCS_REF}/docker/dockerfiles/polkadot/polkadot_injected.Dockerfile" \
io.parity.image.revision="${VCS_REF}" \
io.parity.image.created="${BUILD_DATE}" \
io.parity.image.documentation="https://github.com/paritytech/polkadot-sdk/"

# show backtraces
ENV RUST_BACKTRACE 1

USER root
WORKDIR /app

# add polkadot and polkadot-*-worker binaries to the docker image
COPY bin/* /usr/local/bin/
COPY entrypoint.sh .


RUN chmod -R a+rx "/usr/local/bin"; \
mkdir -p /data /polkadot/.local/share && \
chown -R parity:parity /data && \
ln -s /data /polkadot/.local/share/polkadot

USER parity

# check if executable works in this container
RUN /usr/local/bin/polkadot --version
RUN /usr/local/bin/polkadot-prepare-worker --version
RUN /usr/local/bin/polkadot-execute-worker --version


EXPOSE 30333 9933 9944 9615
VOLUME ["/polkadot"]

ENV BINARY=${BINARY}

# ENTRYPOINT
ENTRYPOINT ["/app/entrypoint.sh"]

# We call the help by default
CMD ["--help"]
2 changes: 1 addition & 1 deletion docker/scripts/build-injected.sh
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ VCS_REF=${VCS_REF:-01234567}
echo "Using engine: $ENGINE"
echo "Using Dockerfile: $DOCKERFILE"
echo "Using context: $CONTEXT"
echo "Building ${IMAGE}:latest container image for ${BINARY} v${VERSION} from ${ARTIFACTS_FOLDER} hang on!"
echo "Building ${IMAGE}:latest container image for ${BINARY} ${VERSION} from ${ARTIFACTS_FOLDER} hang on!"
echo "ARTIFACTS_FOLDER=$ARTIFACTS_FOLDER"
echo "CONTEXT=$CONTEXT"

Expand Down
1 change: 1 addition & 0 deletions docker/scripts/polkadot/build-injected.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,6 @@ PROJECT_ROOT=`git rev-parse --show-toplevel`

export BINARY=polkadot,polkadot-execute-worker,polkadot-prepare-worker
export ARTIFACTS_FOLDER=$1
export DOCKERFILE="docker/dockerfiles/polkadot/polkadot_injected.Dockerfile"

$PROJECT_ROOT/docker/scripts/build-injected.sh

0 comments on commit 88c3250

Please sign in to comment.