diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 1a85d1535f752..8882dc112fa18 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -343,7 +343,7 @@ jobs: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - name: Set up QEMU - uses: docker/setup-qemu-action@v1 + uses: docker/setup-qemu-action@v3 with: image: '${{ env.DOCKER_BASE_IMAGE_REGISTRY }}/eks-distro-build-tooling/binfmt-misc:qemu-v6.1.0' - name: Set up Docker Buildx @@ -552,7 +552,7 @@ jobs: AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - name: Set up QEMU - uses: docker/setup-qemu-action@v1 + uses: docker/setup-qemu-action@v3 with: image: '${{ env.DOCKER_BASE_IMAGE_REGISTRY }}/eks-distro-build-tooling/binfmt-misc:qemu-v6.1.0' - name: Set up Docker Buildx @@ -561,6 +561,25 @@ jobs: driver-opts: | image=${{vars.AWS_ECR_REPO_BASE}}/moby/buildkit:buildx-stable-1 + - name: Prepare Docker build arguments + id: dockerargs + if: steps.gather.outcome == 'success' + env: + NODE_IMAGE_TAG: ${{ needs.prepare.outputs.NODE_IMAGE_TAG }} + SHA: ${{ github.sha }} + DOCKER_BASE_IMAGE_REGISTRY: ${{ env.DOCKER_BASE_IMAGE_REGISTRY }} + run: | + set -x + build_args=( + --build-arg="DOCKER_IMAGE_REGISTRY=${DOCKER_BASE_IMAGE_REGISTRY}" + --build-arg="NODE_IMAGE_TAG=${NODE_IMAGE_TAG}" + --build-arg="GIT_BRANCH=${GIT_BRANCH}" + --build-arg="GIT_SHA=${SHA}" + --build-arg="GIT_REPOSITORY_URL=${{ github.server_url }}/${{ github.repository }}" + ) + export EXTRA_DOCKER_BUILD_ARGS="${build_args[*]}" + echo "EXTRA_DOCKER_BUILD_ARGS=${EXTRA_DOCKER_BUILD_ARGS}" >> "${GITHUB_ENV}" + - name: Building Docker images continue-on-error: true id: dockerbuild @@ -570,9 +589,11 @@ jobs: SHA: ${{ github.sha }} DOCKER_BASE_IMAGE_REGISTRY: ${{ env.DOCKER_BASE_IMAGE_REGISTRY }} run: | - echo "Node image tag is: '$NODE_IMAGE_TAG'" - export EXTRA_DOCKER_BUILD_ARGS="--build-arg DOCKER_IMAGE_REGISTRY=$DOCKER_BASE_IMAGE_REGISTRY --build-arg GIT_SHA=$SHA --build-arg NODE_IMAGE_TAG=$NODE_IMAGE_TAG" - ./scripts/ci/run-in-parallel.sh "90_$DOCKER_TYPE" + set -x + echo "Node image tag is: '${NODE_IMAGE_TAG}'" + echo "Docker build args are: 'EXTRA_DOCKER_BUILD_ARGS'" + export EXTRA_DOCKER_BUILD_ARGS + ./scripts/ci/run-in-parallel.sh "90_${DOCKER_TYPE}" - name: Building Docker images Retry if: steps.gather.outcome == 'success' && steps.dockerbuild.outcome == 'failure' @@ -581,9 +602,11 @@ jobs: SHA: ${{ github.sha }} DOCKER_BASE_IMAGE_REGISTRY: ${{ env.DOCKER_BASE_IMAGE_REGISTRY }} run: | - echo "Node image tag is: '$NODE_IMAGE_TAG'" - export EXTRA_DOCKER_BUILD_ARGS="--build-arg DOCKER_IMAGE_REGISTRY=$DOCKER_BASE_IMAGE_REGISTRY --build-arg GIT_SHA=$SHA --build-arg NODE_IMAGE_TAG=$NODE_IMAGE_TAG" - ./scripts/ci/run-in-parallel.sh "90_$DOCKER_TYPE" + set -x + echo "Node image tag is: '${NODE_IMAGE_TAG}'" + echo "Docker build args are: 'EXTRA_DOCKER_BUILD_ARGS'" + export EXTRA_DOCKER_BUILD_ARGS + ./scripts/ci/run-in-parallel.sh "90_${DOCKER_TYPE}" helm-docker-build: needs: diff --git a/scripts/ci/Dockerfile b/scripts/ci/Dockerfile index 07fd92a85a9d4..8e8d26897fb89 100644 --- a/scripts/ci/Dockerfile +++ b/scripts/ci/Dockerfile @@ -2,6 +2,7 @@ ARG PLAYWRIGHT_VERSION ARG DOCKER_IMAGE_REGISTRY=public.ecr.aws ARG NODE_IMAGE_TAG + FROM ${DOCKER_IMAGE_REGISTRY}/docker/library/node:${NODE_IMAGE_TAG} AS deps # hadolint ignore=DL3018 @@ -35,14 +36,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" RUN yarn run build ${APP} --prod +# This is base image for containers that are to be deployed FROM ${DOCKER_IMAGE_REGISTRY}/docker/library/node:${NODE_IMAGE_TAG} AS output-base -# this is base image for containers that are to be deployed -ARG GIT_BRANCH -ARG GIT_SHA -LABEL branch=${GIT_BRANCH} -LABEL commit=${GIT_SHA} -ENV GIT_BRANCH=${GIT_BRANCH} -ENV GIT_SHA=${GIT_SHA} ARG APP ARG APP_HOME ARG APP_DIST_HOME @@ -65,40 +60,36 @@ RUN npm install -g \ USER runner FROM output-base-with-pg AS output-express -ARG GIT_SHA -ENV DD_GIT_COMMIT_SHA="${GIT_SHA}" -ENV DD_GIT_REPOSITORY_URL="github.com/island-is/island.is" COPY --from=builder /build/${APP_DIST_HOME} /webapp/ +ARG GIT_BRANCH GIT_SHA GIT_REPOSITORY_URL +ENV GIT_BRANCH=${GIT_BRANCH} GIT_SHA=${GIT_SHA} GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +ENV DD_GIT_BRANCH=${GIT_BRANCH} DD_GIT_SHA=${GIT_SHA} DD_GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +LABEL branch=${GIT_BRANCH} +LABEL commit=${GIT_SHA} ENTRYPOINT [] CMD [ "node", "--no-experimental-fetch", "main.js" ] FROM output-base-with-pg AS output-next -ARG GIT_SHA -ENV DD_GIT_COMMIT_SHA="${GIT_SHA}" -ENV DD_GIT_REPOSITORY_URL="github.com/island-is/island.is" ENV PORT=4200 # TODO: smallify COPY --from=deps /build/node_modules /webapp/node_modules COPY --from=builder /build/${APP_DIST_HOME} /webapp/ +ARG GIT_BRANCH GIT_SHA GIT_REPOSITORY_URL +ENV GIT_BRANCH=${GIT_BRANCH} GIT_SHA=${GIT_SHA} GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +ENV DD_GIT_BRANCH=${GIT_BRANCH} DD_GIT_SHA=${GIT_SHA} DD_GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +LABEL branch=${GIT_BRANCH} +LABEL commit=${GIT_SHA} ENTRYPOINT [ "node", "main.js" ] -FROM $DOCKER_IMAGE_REGISTRY/nginx/nginx:1.21-alpine AS output-static +FROM ${DOCKER_IMAGE_REGISTRY}/nginx/nginx:1.21-alpine AS output-static ARG APP ARG APP_DIST_HOME -ARG GIT_BRANCH -ARG GIT_SHA -LABEL branch=${GIT_BRANCH} -LABEL commit=${GIT_SHA} -ENV GIT_BRANCH=${GIT_BRANCH} -ENV GIT_SHA=${GIT_SHA} ENV APP=${APP} ENV BASEPATH=/ -ENV DD_GIT_COMMIT_SHA="${GIT_SHA}" -ENV DD_GIT_REPOSITORY_URL="github.com/island-is/island.is" RUN mkdir -p /etc/nginx/templates # hadolint ignore=DL3018 @@ -111,6 +102,12 @@ COPY scripts/dockerfile-assets/bash/extract-environment.sh /docker-entrypoint.d COPY scripts/dockerfile-assets/bash/extract-environment.js /docker-entrypoint.d COPY --from=builder /build/${APP_DIST_HOME} /usr/share/nginx/html +ARG GIT_BRANCH GIT_SHA GIT_REPOSITORY_URL +ENV GIT_BRANCH=${GIT_BRANCH} GIT_SHA=${GIT_SHA} GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +ENV DD_GIT_BRANCH=${GIT_BRANCH} DD_GIT_SHA=${GIT_SHA} DD_GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +LABEL branch=${GIT_BRANCH} +LABEL commit=${GIT_SHA} + FROM output-base AS output-jest RUN echo 'module.exports = {};' > jest.config.js @@ -122,24 +119,19 @@ COPY --from=builder /build/${APP_DIST_HOME} /webapp/ USER runner +ARG GIT_BRANCH GIT_SHA GIT_REPOSITORY_URL +ENV GIT_BRANCH=${GIT_BRANCH} GIT_SHA=${GIT_SHA} GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +ENV DD_GIT_BRANCH=${GIT_BRANCH} DD_GIT_SHA=${GIT_SHA} DD_GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +LABEL branch=${GIT_BRANCH} +LABEL commit=${GIT_SHA} CMD [ "jest", "main.spec.js" ] FROM mcr.microsoft.com/playwright:v${PLAYWRIGHT_VERSION}-focal AS playwright-base - - - - - FROM playwright-base AS output-playwright -ARG GIT_BRANCH -ARG GIT_SHA -LABEL branch=${GIT_BRANCH} -LABEL commit=${GIT_SHA} -ENV GIT_BRANCH=${GIT_BRANCH} -ENV GIT_SHA=${GIT_SHA} + # TODO: remove awscli dependency (157 MB extra) # hadolint ignore=DL3008 @@ -165,6 +157,11 @@ RUN yarn playwright install ${PLAYWRIGHT_BROWSER} COPY --chown=pwuser:pwuser --chmod=0755 ${APP_HOME}/entrypoint.sh . +ARG GIT_BRANCH GIT_SHA GIT_REPOSITORY_URL +ENV GIT_BRANCH=${GIT_BRANCH} GIT_SHA=${GIT_SHA} GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +ENV DD_GIT_BRANCH=${GIT_BRANCH} DD_GIT_SHA=${GIT_SHA} DD_GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +LABEL branch=${GIT_BRANCH} +LABEL commit=${GIT_SHA} ENTRYPOINT ["./entrypoint.sh"] @@ -183,6 +180,11 @@ COPY --chown=pwuser:pwuser --chmod=0755 ${APP_HOME}/entrypoint.sh . USER pwuser +ARG GIT_BRANCH GIT_SHA GIT_REPOSITORY_URL +ENV GIT_BRANCH=${GIT_BRANCH} GIT_SHA=${GIT_SHA} GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +ENV DD_GIT_BRANCH=${GIT_BRANCH} DD_GIT_SHA=${GIT_SHA} DD_GIT_REPOSITORY_URL=${GIT_REPOSITORY_URL} +LABEL branch=${GIT_BRANCH} +LABEL commit=${GIT_SHA} ENTRYPOINT ["./entrypoint.sh"] FROM output-base AS output-native