From 3266d6d03b4bbddbb7f51bb4c685f4613ce56113 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Fri, 9 Sep 2022 16:51:48 -0400 Subject: [PATCH 01/13] feat(release): create Docker hub binaries when tagging --- .github/workflows/build-docker-image.yml | 7 +++++++ .github/workflows/continous-delivery.yml | 2 ++ 2 files changed, 9 insertions(+) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index eeedb08c06d..9c2759ac2b1 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -107,6 +107,13 @@ jobs: password: ${{ steps.auth.outputs.access_token }} logout: false + - name: Login to DockerHub + if: github.event_name == 'tag' + uses: docker/login-action@v2.0.0 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + # Build and push image to Google Artifact Registry - name: Build & push id: docker_build diff --git a/.github/workflows/continous-delivery.yml b/.github/workflows/continous-delivery.yml index cb9498831c4..e7e13f738a2 100644 --- a/.github/workflows/continous-delivery.yml +++ b/.github/workflows/continous-delivery.yml @@ -21,6 +21,8 @@ on: push: branches: - main + tags: + - 'v*' release: types: - published From a4d0058317a345f45e0bb23c7bd123520af64d02 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Mon, 12 Sep 2022 16:56:17 -0400 Subject: [PATCH 02/13] fix(release): add a release workflow for binaries --- .github/workflows/build-docker-image.yml | 2 +- .github/workflows/continous-delivery.yml | 2 -- .github/workflows/release-binaries.yml | 29 ++++++++++++++++++++++++ 3 files changed, 30 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/release-binaries.yml diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 9c2759ac2b1..43bb5e1592a 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -108,7 +108,7 @@ jobs: logout: false - name: Login to DockerHub - if: github.event_name == 'tag' + if: ${{ github.event_name == 'tag' }} uses: docker/login-action@v2.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} diff --git a/.github/workflows/continous-delivery.yml b/.github/workflows/continous-delivery.yml index e7e13f738a2..cb9498831c4 100644 --- a/.github/workflows/continous-delivery.yml +++ b/.github/workflows/continous-delivery.yml @@ -21,8 +21,6 @@ on: push: branches: - main - tags: - - 'v*' release: types: - published diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml new file mode 100644 index 00000000000..77347969474 --- /dev/null +++ b/.github/workflows/release-binaries.yml @@ -0,0 +1,29 @@ +# This workflow is meant to trigger a build of Docker binaries when a tag +# is created, it uses the existing `build-docker-image.yml` workflow +# +# We use a separate action as we might want to trigger this with different under +# different circumstances than a Continous Deployment, for example. +name: Release binaries + +on: + push: + tags: + - 'v*' + +jobs: + # Each time this workflow is executed, a build will be triggered to create a new image + # with the corresponding tags using information from git + # + # The image will be commonly named `zebrad:` + build: + uses: ./.github/workflows/build-docker-image.yml + with: + dockerfile_path: ./docker/Dockerfile + dockerfile_target: runtime + image_name: zebrad + network: Mainnet + # TODO: validate this are the values we want on a public image + checkpoint_sync: true + rust_backtrace: '1' + zebra_skip_ipv6_tests: '1' + rust_log: info From 3c691371f6b69c0cc29158e1824d77d702bd95a6 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Mon, 12 Sep 2022 17:50:47 -0400 Subject: [PATCH 03/13] fix(release): trigger on tag creation, not pushing to it --- .github/workflows/release-binaries.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index 77347969474..daf719c3611 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -6,9 +6,7 @@ name: Release binaries on: - push: - tags: - - 'v*' + create: jobs: # Each time this workflow is executed, a build will be triggered to create a new image @@ -16,6 +14,7 @@ jobs: # # The image will be commonly named `zebrad:` build: + if: ${{ startsWith(github.ref, 'refs/tags/v') }} uses: ./.github/workflows/build-docker-image.yml with: dockerfile_path: ./docker/Dockerfile From 20e9ded51a508e7d23a9e045977c709cba7cf1f3 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Mon, 12 Sep 2022 18:18:26 -0400 Subject: [PATCH 04/13] fix(release): use the same conditions for logging into DockerHub --- .github/workflows/build-docker-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 43bb5e1592a..f40015b3ae4 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -108,7 +108,7 @@ jobs: logout: false - name: Login to DockerHub - if: ${{ github.event_name == 'tag' }} + if: ${{ startsWith(github.ref, 'refs/tags/v') }} uses: docker/login-action@v2.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} From 7c1d3a786535b0120d42f7f818fc20810d5c8b80 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Mon, 12 Sep 2022 18:45:08 -0400 Subject: [PATCH 05/13] fix(release): add missing parameter to access GH secrets --- .github/workflows/release-binaries.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index daf719c3611..67c2001d920 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -26,3 +26,5 @@ jobs: rust_backtrace: '1' zebra_skip_ipv6_tests: '1' rust_log: info + # This step needs access to Docker Hub secrets to run succesfully + secrets: inherit \ No newline at end of file From 85a2df5635dd0589e74d246322542483061885cc Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Tue, 13 Sep 2022 15:20:35 -0400 Subject: [PATCH 06/13] Apply suggestions from code review Co-authored-by: teor --- .github/workflows/release-binaries.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index 67c2001d920..014b4f1272d 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -1,8 +1,8 @@ # This workflow is meant to trigger a build of Docker binaries when a tag # is created, it uses the existing `build-docker-image.yml` workflow # -# We use a separate action as we might want to trigger this with different under -# different circumstances than a Continous Deployment, for example. +# We use a separate action as we might want to trigger this under +# different circumstances than a Continuous Deployment, for example. name: Release binaries on: @@ -26,5 +26,5 @@ jobs: rust_backtrace: '1' zebra_skip_ipv6_tests: '1' rust_log: info - # This step needs access to Docker Hub secrets to run succesfully + # This step needs access to Docker Hub secrets to run successfully secrets: inherit \ No newline at end of file From 53191eaea9016ac8b0cd7633d77ed610fa9be62c Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Tue, 13 Sep 2022 15:54:36 -0400 Subject: [PATCH 07/13] ci(release): just publish to DockerHub when a release is published --- .github/workflows/build-docker-image.yml | 4 ++-- .github/workflows/release-binaries.yml | 11 ++++++++--- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index f40015b3ae4..61ff19e0eaf 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -105,10 +105,10 @@ jobs: registry: us-docker.pkg.dev username: oauth2accesstoken password: ${{ steps.auth.outputs.access_token }} - logout: false - name: Login to DockerHub - if: ${{ startsWith(github.ref, 'refs/tags/v') }} + # We only publish images to DockerHub if a release is not a pre-release + if: github.event.release.action == 'released' uses: docker/login-action@v2.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index 014b4f1272d..84e63e84c15 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -3,16 +3,22 @@ # # We use a separate action as we might want to trigger this under # different circumstances than a Continuous Deployment, for example. +# +# This workflow is triggered if: +# - A release is published +# - A pre-release is changed to a release name: Release binaries on: - create: + release: + types: + - released jobs: # Each time this workflow is executed, a build will be triggered to create a new image # with the corresponding tags using information from git # - # The image will be commonly named `zebrad:` + # The image will be named `zebrad:` build: if: ${{ startsWith(github.ref, 'refs/tags/v') }} uses: ./.github/workflows/build-docker-image.yml @@ -21,7 +27,6 @@ jobs: dockerfile_target: runtime image_name: zebrad network: Mainnet - # TODO: validate this are the values we want on a public image checkpoint_sync: true rust_backtrace: '1' zebra_skip_ipv6_tests: '1' From 7996141e4772f963fe001ce308597e9db96f1514 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Wed, 14 Sep 2022 09:27:44 -0400 Subject: [PATCH 08/13] Apply suggestions from code review Co-authored-by: teor --- .github/workflows/build-docker-image.yml | 2 +- .github/workflows/release-binaries.yml | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 61ff19e0eaf..2a7589ad57d 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -114,7 +114,7 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - # Build and push image to Google Artifact Registry + # Build and push image to Google Artifact Registry, and possibly DockerHub - name: Build & push id: docker_build uses: docker/build-push-action@v3.1.1 diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index 84e63e84c15..f09ea3cde81 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -1,5 +1,5 @@ -# This workflow is meant to trigger a build of Docker binaries when a tag -# is created, it uses the existing `build-docker-image.yml` workflow +# This workflow is meant to trigger a build of Docker binaries when a release +# is published, it uses the existing `build-docker-image.yml` workflow # # We use a separate action as we might want to trigger this under # different circumstances than a Continuous Deployment, for example. @@ -20,7 +20,6 @@ jobs: # # The image will be named `zebrad:` build: - if: ${{ startsWith(github.ref, 'refs/tags/v') }} uses: ./.github/workflows/build-docker-image.yml with: dockerfile_path: ./docker/Dockerfile From cb753f68369b3a7c8b9c9199fe5d54c2fe8446a7 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Wed, 14 Sep 2022 09:48:38 -0400 Subject: [PATCH 09/13] ci(release): filter prerelease event correctly --- .github/workflows/build-docker-image.yml | 3 ++- .github/workflows/release-binaries.yml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 2a7589ad57d..2f4b06ab516 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -108,7 +108,8 @@ jobs: - name: Login to DockerHub # We only publish images to DockerHub if a release is not a pre-release - if: github.event.release.action == 'released' + # Ref: https://github.com/orgs/community/discussions/26281#discussioncomment-3251177 + if: "!github.event.release.prerelease" uses: docker/login-action@v2.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index f09ea3cde81..4c74e9b1963 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -31,4 +31,4 @@ jobs: zebra_skip_ipv6_tests: '1' rust_log: info # This step needs access to Docker Hub secrets to run successfully - secrets: inherit \ No newline at end of file + secrets: inherit From b4d62ce87aeba21391ed4b31f72694d284f6ae88 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Wed, 14 Sep 2022 10:17:48 -0400 Subject: [PATCH 10/13] ci(release): fix tags --- .github/workflows/build-docker-image.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 2f4b06ab516..715bbd7fb5a 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -71,15 +71,16 @@ jobs: # list of Docker images to use as base name for tags images: | us-docker.pkg.dev/zealous-zebra/zebra/${{ inputs.image_name }} + zfnd/${{ inputs.image_name }},enable=${{ !github.event.release.prerelease }} # generate Docker tags based on the following events/attributes tags: | type=schedule - type=sha - type=ref,event=branch - type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} + type=semver,pattern=v{{major}} + type=ref,event=branch + type=ref,event=pr + type=sha # Setup Docker Buildx to allow use of docker cache layers from GH - name: Set up Docker Buildx @@ -109,7 +110,7 @@ jobs: - name: Login to DockerHub # We only publish images to DockerHub if a release is not a pre-release # Ref: https://github.com/orgs/community/discussions/26281#discussioncomment-3251177 - if: "!github.event.release.prerelease" + if: ${{ !github.event.release.prerelease }} uses: docker/login-action@v2.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} From 12a162b3d9334352586d522510c0564f64466c20 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Wed, 14 Sep 2022 10:36:29 -0400 Subject: [PATCH 11/13] ci(release): use `zebra` and not `zebrad` as the repository --- .github/workflows/build-docker-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 715bbd7fb5a..5b61fb08ec9 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -71,7 +71,7 @@ jobs: # list of Docker images to use as base name for tags images: | us-docker.pkg.dev/zealous-zebra/zebra/${{ inputs.image_name }} - zfnd/${{ inputs.image_name }},enable=${{ !github.event.release.prerelease }} + zfnd/zebra,enable=${{ !github.event.release.prerelease }} # generate Docker tags based on the following events/attributes tags: | type=schedule From 6bf54e9d6f233d2760ce20c59b7d0e023efd4d2f Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Wed, 14 Sep 2022 10:59:58 -0400 Subject: [PATCH 12/13] ci(release): do not try to login to Docker if not a release --- .github/workflows/build-docker-image.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 5b61fb08ec9..95fccfa180f 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -71,7 +71,7 @@ jobs: # list of Docker images to use as base name for tags images: | us-docker.pkg.dev/zealous-zebra/zebra/${{ inputs.image_name }} - zfnd/zebra,enable=${{ !github.event.release.prerelease }} + zfnd/zebra,enable=${{ github.event_name == 'release' && !github.event.release.prerelease }} # generate Docker tags based on the following events/attributes tags: | type=schedule @@ -110,7 +110,7 @@ jobs: - name: Login to DockerHub # We only publish images to DockerHub if a release is not a pre-release # Ref: https://github.com/orgs/community/discussions/26281#discussioncomment-3251177 - if: ${{ !github.event.release.prerelease }} + if: ${{ github.event_name == 'release' && !github.event.release.prerelease }} uses: docker/login-action@v2.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} From df10a9656c408f35e04d356bb1bc289f6fb218a1 Mon Sep 17 00:00:00 2001 From: Gustavo Valverde Date: Thu, 15 Sep 2022 08:25:02 -0400 Subject: [PATCH 13/13] Update .github/workflows/build-docker-image.yml Co-authored-by: teor --- .github/workflows/build-docker-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 95fccfa180f..98a394ab28e 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -77,7 +77,7 @@ jobs: type=schedule type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - type=semver,pattern=v{{major}} + type=semver,pattern={{major}} type=ref,event=branch type=ref,event=pr type=sha