Skip to content

Manual - Build, Test, and Push #52

Manual - Build, Test, and Push

Manual - Build, Test, and Push #52

Workflow file for this run

on:
workflow_dispatch:
inputs:
branch:
description: "Branch to build off."
default: "main"
type: choice
options:
- main
- dev
- dev-rspm
product:
description: "The product/path to build."
required: true
type: choice
options:
- connect
- connect-content-init
- content/base
- content/pro
- package-manager
- product/base
- product/pro
- r-session-complete
- workbench
- workbench-for-microsoft-azure-ml
os:
description: "Which OS to build. WARNING: Not all OSes may be present for all products."
required: false
default: "ubuntu2204"
type: choice
options:
- ubuntu2204
- ubuntu1804
- centos7
type:
description: "The type of image being built."
required: false
default: "preview"
type: choice
options:
- preview
- daily
- release
use_s3_download_url:
description: "Force build to download binaries directly from S3 where applicable."
required: false
default: false
type: boolean
version:
description: "The version to build. Use 'auto' to target the latest build."
required: false
default: "auto"
type: string
push:
description: "Flag to push the image after build."
required: false
default: false
type: boolean
name: Manual - Build, Test, Scan, and Push
jobs:
build:
runs-on: ubuntu-latest
name: manual-build
permissions:
contents: read
packages: write
steps:
- name: Check Out Repo
uses: actions/checkout@v3
with:
ref: ${{ inputs.branch }}
- name: Set up Just
uses: extractions/setup-just@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Get Version
id: get-version
run: |
if [[ "${{ inputs.version }}" == "auto" ]]; then
VERSION=`just -f ci.Justfile get-version ${{ inputs.product }} --type=${{ inputs.type }} --local`
else
VERSION="${{ inputs.version }}"
fi
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
- name: Get build args
id: get-build-args
run: |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
ARGS_CMD=""
USE_S3_DOWNLOAD_URL=""
VERSION_OVERRIDES=""
if [[ "${{inputs.os}}" == "centos7" ]]; then
# FIXME(ianpittwood): This is probably a silly way of doing this. We don't have CentOS builds for later
# Python versions so we need to override them. This is done via matrix in the release CI
# but we don't have that here. We're also limited by the 10 input cap so these can't be
# passed by the user alongside R versions as I would've liked to do.
VERSION_OVERRIDES="PYTHON_VERSION=3.9.14 PYTHON_VERSION_ALT=3.8.15"
fi
if [[ "${{ inputs.type }}" == "release" ]]; then
ARGS_CMD="get-product-args"
if [[ "${{ inputs.use_s3_download_url }}" == "true" ]]; then
USE_S3_DOWNLOAD_URL="${{ inputs.use_s3_download_url }}"
fi
else
ARGS_CMD="get-prerelease-args ${{inputs.type}}"
fi
BUILD_ARGS=$( \
just -f ci.Justfile \
${VERSION_OVERRIDES} \
${ARGS_CMD} \
${{ inputs.product }} \
${{ inputs.os }} \
${{ steps.get-version.outputs.VERSION }} \
${USE_S3_DOWNLOAD_URL} \
)
echo "BUILD_ARGS<<$EOF" >> $GITHUB_OUTPUT
echo "$BUILD_ARGS" >> $GITHUB_OUTPUT
echo "$EOF" >> $GITHUB_OUTPUT
- name: Get tags
id: get-tags
run: |
ARGS_CMD=""
if [[ "${{ inputs.type }}" == "release" ]]; then
ARGS_CMD="get-product-tags"
else
ARGS_CMD="get-prerelease-tags ${{inputs.type}}"
fi
IMAGE_TAGS=$( \
just -f ci.Justfile \
${ARGS_CMD} \
${{ inputs.product }} \
${{ inputs.os }} \
${{ steps.get-version.outputs.VERSION }} \
)
echo "IMAGE_TAGS=$IMAGE_TAGS" >> $GITHUB_OUTPUT
- name: Build/Test/Scan/Push manual build image
uses: ./.github/actions/build-test-scan-push
with:
context: ./${{ inputs.product }}
os: ${{ inputs.os }}
product: ${{ inputs.product }}
image-tags: ${{ steps.get-tags.outputs.IMAGE_TAGS }}
build-args: ${{ steps.get-build-args.outputs.BUILD_ARGS }}
push-image: ${{ inputs.push }}
snyk-token: ${{ secrets.SNYK_TOKEN }}
snyk-org-id: ${{ secrets.SNYK_ORG_ID }}
ghcr-token: ${{ secrets.GITHUB_TOKEN }}
dockerhub-username: ${{ secrets.DOCKER_HUB_USERNAME }}
dockerhub-token: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
gcp-json: '${{ secrets.GCP_ARTIFACT_REGISTRY_JSON }}'