build: push gitpod and codespaces images/packages during release (dde…

…v#6613) [skip ci]
ddev-test · Oct 16, 2024 · 96aaa50 · 96aaa50
1 parent aeb5ee0
commit 96aaa50
Show file tree

Hide file tree

Showing 34 changed files with 219 additions and 124 deletions.
diff --git a/.ci-scripts/linux_arm64_setup.sh b/.ci-scripts/linux_arm64_setup.sh
@@ -62,4 +62,4 @@ docker info
 docker version
 docker-compose version
 lsb_release -a
-docker buildx create --name ddev-builder-multi --use
+docker buildx use multi-arch-builder || docker buildx create --name multi-arch-builder --use
diff --git a/.circleci/linux_docker_buildx_setup.sh b/.circleci/linux_docker_buildx_setup.sh
@@ -12,5 +12,4 @@ chmod a+x ~/.docker/cli-plugins/docker-buildx
 
 # We need this to get arm64 qemu to work https://github.com/docker/buildx/issues/138#issuecomment-569240559
 docker run --privileged --rm docker/binfmt:a7996909642ee92942dcd6cff44b9b95f08dad64
-if ! docker buildx inspect ddev-builder-multi --bootstrap >/dev/null; then docker buildx create --name ddev-builder-multi; fi
-docker buildx use ddev-builder-multi
+docker buildx use multi-arch-builder || docker buildx create --name multi-arch-builder --use
diff --git a/.github/devcontainers/src/install-ddev/devcontainer-feature.json b/.github/devcontainers/src/install-ddev/devcontainer-feature.json
diff --git a/.github/workflows/container-tests.yml b/.github/workflows/container-tests.yml
@@ -94,7 +94,7 @@ jobs:
             popd
 
           elif [[ "${{ matrix.containers }}" == "others" ]]; then
-            for dir in ddev-nginx-proxy-router ddev-ssh-agent ddev-traefik-router test-ssh-server
+            for dir in ddev-gitpod-base ddev-nginx-proxy-router ddev-ssh-agent ddev-traefik-router test-ssh-server
               do pushd containers/$dir
               echo "--- Test container $dir"
               time make test DOCKER_ARGS=--no-cache

diff --git a/.github/workflows/master-build.yml b/.github/workflows/master-build.yml
@@ -32,11 +32,15 @@ env:
   HOMEBREW_EDGE_REPOSITORY: ${{ vars.HOMEBREW_EDGE_REPOSITORY }}
   HOMEBREW_STABLE_REPOSITORY: ${{ vars.HOMEBREW_STABLE_REPOSITORY }}
   REPOSITORY_OWNER: ${{ github.repository_owner }}
+  DOCKER_ORG: ${{ vars.DOCKER_ORG }}
+
+permissions:
+  packages: write
 
 jobs:
   build-most:
     name: Build DDEV executables except Windows
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     steps:
 
       - uses: actions/checkout@v4
@@ -194,7 +198,7 @@ jobs:
       AUR_STABLE_GIT_URL: ${{ vars.AUR_STABLE_GIT_URL }}
       DOCKERHUB_USERNAME: ${{ vars.DOCKERHUB_USERNAME }}
     name: Upload artifacts
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     needs: [build-most, sign-windows, notarize-macos]
     steps:
       - name: Setup tmate session
@@ -273,7 +277,6 @@ jobs:
           args: release --clean
         env:
           CGO_ENABLED: 0
-          DOCKER_ORG: ddev
 
       # Do artifacts for upload to workflow URL
       - name: Generate artifacts
@@ -336,3 +339,82 @@ jobs:
           pushd .gotmp/bin/windows_amd64/chocolatey
           docker run --rm -v $PWD:/tmp/chocolatey -w /tmp/chocolatey linuturk/mono-choco push -s https://push.chocolatey.org/ --api-key "${CHOCOLATEY_API_KEY}"
           popd
+
+  push-devcontainers:
+    name: Push devcontainer feature
+    runs-on: ubuntu-latest
+    needs: artifacts
+    steps:
+      - name: Load 1password secret(s)
+        uses: 1password/load-secrets-action@v2
+        with:
+          export-env: true
+        env:
+          OP_SERVICE_ACCOUNT_TOKEN: "${{ secrets.PUSH_SERVICE_ACCOUNT_TOKEN }}"
+          GITHUB_TOKEN: "op://push-secrets/DDEV_GITHUB_TOKEN/credential"
+
+      - uses: actions/checkout@v4
+        with:
+          # We need to get all branches and tags for git describe to work properly
+          fetch-depth: 0
+
+      - name: Replace version in devcontainer-feature.json
+        run: |
+          sed -i 's/\${DDEV_VERSION}/'"${GITHUB_REF##*/}"'/g' ./containers/devcontainers/install-ddev/devcontainer-feature.json
+
+      - name: Push DDEV devcontainer feature
+        if: startsWith(github.ref, 'refs/tags/v1')
+        uses: devcontainers/action@v1
+        with:
+          publish-features: "true"
+          base-path-to-features: "./containers/devcontainers"
+          devcontainer-cli-version: "0.53.0"
+
+  push-gitpod-base:
+    name: Push ddev-gitpod-base docker image
+    runs-on: ubuntu-latest
+    needs: artifacts
+
+    steps:
+      - name: Load 1password secret(s)
+        uses: 1password/load-secrets-action@v2
+        with:
+          export-env: true
+        env:
+          OP_SERVICE_ACCOUNT_TOKEN: "${{ secrets.PUSH_SERVICE_ACCOUNT_TOKEN }}"
+          DOCKERHUB_TOKEN: "op://push-secrets/DOCKERHUB_TOKEN/credential"
+      - uses: actions/checkout@v4
+        with:
+          # We need to get all branches and tags for git describe to work properly
+          fetch-depth: 0
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ env.DOCKERHUB_TOKEN }}
+      - name: Setup tmate session
+        uses: mxschmitt/action-tmate@v3
+        with:
+          limit-access-to-actor: true
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+        if: ${{ github.event_name == 'workflow_dispatch' && inputs.debug_enabled }}
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ env.DOCKERHUB_TOKEN }}
+
+      - name: Push ddev-gitpod-base image
+        if: startsWith(github.ref, 'refs/tags/v1')
+        run: |
+          pushd containers/ddev-gitpod-base >/dev/null
+          # For testing, push to ddevhq docker org
+          set -x
+          make push VERSION="${GITHUB_REF##*/}" DOCKER_ORG=${DOCKER_ORG}
+          popd >/dev/null
+
diff --git a/.github/workflows/push-tagged-dbimage.yml b/.github/workflows/push-tagged-dbimage.yml
@@ -17,7 +17,7 @@ on:
         default: false
 env:
   REGISTRY: docker.io
-  DOCKER_ORG: ddev
+  DOCKER_ORG: ${{ vars.DOCKER_ORG }}
   TAG: "${{ github.event.inputs.tag }}"
   HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
@@ -62,4 +62,4 @@ jobs:
     - name: Push ${{  matrix.dbtype }}:${{ github.event.inputs.tag }}
       run: |
         cd "containers/ddev-dbserver"
-        make ${{ matrix.dbtype }} PUSH=true VERSION="${TAG}"
+        make ${{ matrix.dbtype }} PUSH=true VERSION="${TAG}" DOCKER_ORG=${DOCKER_ORG}
diff --git a/.github/workflows/push-tagged-image.yml b/.github/workflows/push-tagged-image.yml
@@ -12,14 +12,15 @@ on:
         default: ddev-webserver
         type: choice
         options:
+          - ddev-gitpod-base
           - ddev-php-base
           - ddev-webserver
           - ddev-ssh-agent
           - ddev-traefik-router
           - ddev-nginx-proxy-router
           - test-ssh-server
       tag:
-        description: Tag for pushed image (v1.22.2 for example)
+        description: Tag for pushed image (v1.24.5 for example)
         required: true
         default: ""
       debug_enabled:
@@ -29,7 +30,7 @@ on:
         default: false
 env:
   REGISTRY: docker.io
-  DOCKER_ORG: ddev
+  DOCKER_ORG: ${{ vars.DOCKER_ORG }}
   TAG: "${{ github.event.inputs.tag }}"
   HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
@@ -39,7 +40,7 @@ permissions:
 jobs:
   push-tagged-image:
     name: "push tagged image"
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
 
     steps:
     - name: Load 1password secret(s)
@@ -81,5 +82,5 @@ jobs:
       if: github.event.inputs.image == 'ddev-dbserver'
       run: |
         cd "containers/${{ github.event.inputs.image }}"
-        make PUSH=true VERSION="${{ github.event.inputs.tag }}"
+        make PUSH=true VERSION="${{ github.event.inputs.tag }}" DOCKER_ORG=${DOCKER_ORG}
 
diff --git a/.gitpod.yml b/.gitpod.yml
@@ -1,4 +1,4 @@
-image: ddev/ddev-gitpod-base:20240923
+image: ddev/ddev-gitpod-base:latest
 tasks:
   - name: build-run
     init: |
@@ -40,25 +40,6 @@ vscode:
     - timonwong.shellcheck
     - rogalmic.bash-debug
 
-github:
-  prebuilds:
-    # enable for the master/default branch (defaults to true)
-    master: true
-    # enable for all branches in this repo (defaults to false)
-    branches: true
-    # enable for pull requests coming from this repo (defaults to true)
-    pullRequests: true
-    # enable for pull requests coming from forks (defaults to false)
-    pullRequestsFromForks: true
-    # add a check to pull requests (defaults to true)
-    addCheck: true
-    # add a "Review in Gitpod" button as a comment to pull requests (defaults to false)
-    addComment: false
-    # add a "Review in Gitpod" button to the pull request's description (defaults to false)
-    addBadge: true
-    # add a label once the prebuild is ready to pull requests (defaults to false)
-    addLabel: true
-
 ports:
   # Ignore host https port
   - port: 8443

diff --git a/.gitpod/images/push.sh b/.gitpod/images/push.sh
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -409,7 +409,6 @@ dockerhub:
       from_file:
         path: ./containers/ddev-dbserver/README.md
 
-
   #ddev-gitpod-base
   - images:
       - '{{ .Env.DOCKER_ORG }}/ddev-gitpod-base'
@@ -418,7 +417,7 @@ dockerhub:
     description: Gitpod integration for DDEV
     full_description:
       from_file:
-        path: ./.gitpod/images/README.md
+        path: ./containers/ddev-gitpod-base/README.md
 
   #ddev-nginx-proxy-router
   - images:

diff --git a/containers/containers_shared.mak b/containers/containers_shared.mak
diff --git a/containers/containers_shared.mk b/containers/containers_shared.mk
@@ -0,0 +1,33 @@
+DOCKER_ORG ?= ddev
+export DOCKER_ORG
+
+SHELL = /bin/bash
+
+SANITIZED_DOCKER_REPO = $(subst /,_,$(DOCKER_REPO))
+
+DOTFILE_IMAGE = $(subst /,_,$(IMAGE))-$(VERSION)
+
+.PHONY: container push
+
+container: container-name
+	docker build -t $(DOCKER_REPO):$(VERSION) $(DOCKER_ARGS) --label "build-info=$(DOCKER_REPO):$(VERSION) commit=$(shell git describe --tags --always)" .
+
+container-name:
+	@echo "container: $(DOCKER_REPO):$(VERSION)"
+
+push:
+	docker buildx use multi-arch-builder >/dev/null 2>&1 || docker buildx create --name multi-arch-builder --use
+	docker buildx build --push --platform $(BUILD_ARCHS) \
+	    -t $(DOCKER_REPO):$(VERSION) \
+	    --label "build-info=$(DOCKER_REPO):$(VERSION) commit=$(shell git describe --tags --always) built $$(date) by $$(id -un) on $$(hostname)" \
+	    --label "maintainer=DDEV <[email protected]>" \
+	    $(DOCKER_ARGS) .
+	# If this is a stable version, then push the "latest" tag, which we don't currently
+	# use except with ddev-gitpod-base
+	if [[ "$(VERSION)" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$$ ]] ; then \
+		docker buildx build --push --platform $(BUILD_ARCHS) \
+			-t $(DOCKER_REPO):latest \
+			--label "build-info=$(DOCKER_REPO):$(VERSION) commit=$(shell git describe --tags --always) built $$(date) by $$(id -un) on $$(hostname)" \
+			--label "maintainer=DDEV <[email protected]>" \
+			$(DOCKER_ARGS) . ;\
+	 fi
diff --git a/containers/ddev-dbserver/Makefile b/containers/ddev-dbserver/Makefile
@@ -1,12 +1,15 @@
-DOCKER_REPO ?= ddev/ddev-dbserver
+DOCKER_ORG ?= ddev
+export DOCKER_ORG
+DOCKER_REPO ?= $(DOCKER_ORG)/ddev-dbserver
+export DOCKER_REPO
 
 VERSION := $(shell git describe --tags --always --dirty)
 
 .PHONY: build clean test
 
 CURRENT_ARCH=$(shell ../get_arch.sh)
 
-# This Makefile explicitly does not include containers/containers_shared.mak,
+# This Makefile explicitly does not include containers/containers_shared.mk,
 # So has to explicitly declare anything it might need from there (like SHELL)
 SHELL = /bin/bash
 
@@ -52,6 +55,7 @@ $(BUILD_TARGETS):
 	export DB_MAJOR_VERSION=$(word 2, $(subst _, ,$@)) && \
 	export ARCH=$(word 3, $(subst _, ,$@)) && \
 	export DB_PINNED_VERSION=$(word 4, $(subst _, ,$@)) && \
+	export DOCKER_ORG=${DOCKER_ORG:ddev} && \
 	case $${ARCH} in \
 	  both) \
 	    ARCHS="linux/amd64,linux/arm64"; \
@@ -60,7 +64,7 @@ $(BUILD_TARGETS):
 	    ARCHS="linux/$${ARCH}"; \
 	    ;; \
 	esac; \
-	cmd="./build_image.sh --db-type=$${DB_TYPE} --db-major-version=$${DB_MAJOR_VERSION} --archs=$${ARCHS} --tag=$(VERSION) --docker-args=$(DOCKER_ARGS)" && \
+	cmd="./build_image.sh --db-type=$${DB_TYPE} --db-major-version=$${DB_MAJOR_VERSION} --archs=$${ARCHS} --tag=$(VERSION) --docker-org=$(DOCKER_ORG) --docker-args=$(DOCKER_ARGS)" && \
 	if [ ! -z $${PUSH} ]; then cmd="$$cmd --push"; fi && \
 	if [ ! -z $${DB_PINNED_VERSION} ]; then cmd="$$cmd --db-pinned-version=$${DB_PINNED_VERSION}"; fi && \
 	echo $${cmd} && \

diff --git a/containers/ddev-dbserver/build_image.sh b/containers/ddev-dbserver/build_image.sh
@@ -25,7 +25,7 @@ if [[ ${PIPESTATUS[0]} -ne 4 ]]; then
 fi
 
 OPTS=-h,-v:,-d:
-LONGOPTS=archs:,db-type:,db-major-version:,db-pinned-version:,docker-args:,tag:,push,help
+LONGOPTS=archs:,db-type:,db-major-version:,db-pinned-version:,docker-args:,docker-org:,tag:,push,help
 
 ! PARSED=$(getopt --options=$OPTS --longoptions=$LONGOPTS --name "$0" -- "$@")
 if [[ ${PIPESTATUS[0]} -ne 0 ]]; then
@@ -81,6 +81,10 @@ while true; do
     IMAGE_TAG=$2
     shift 2
     ;;
+  --docker-org)
+    DOCKER_ORG=$2
+    shift 2
+    ;;
   -h | --help)
     echo "Usage: $0 --db-type [mariadb|mysql] --db-major-version <major> --tag <image_tag> --archs <comma-delimited_architectures> --push --no-load"
     printf "Examples: $0 ./build_image.sh --db-type mysql --db-major-version 8.0 --tag junker99 --archs linux/amd64 --push
@@ -112,13 +116,13 @@ printf "\n\n========== Building ddev/ddev-dbserver-${DB_TYPE}-${DB_MAJOR_VERSION
 if [ ! -z ${PUSH:-} ]; then
   echo "building/pushing ddev/ddev-dbserver-${DB_TYPE}-${DB_MAJOR_VERSION}:${IMAGE_TAG}"
   set -x
-  docker buildx build --push --platform ${ARCHS} ${DOCKER_ARGS} --build-arg="BASE_IMAGE=${BASE_IMAGE}" --build-arg="DB_PINNED_VERSION=${DB_PINNED_VERSION}" --build-arg="DB_VERSION=${DB_MAJOR_VERSION}" -t "ddev/ddev-dbserver-${DB_TYPE}-${DB_MAJOR_VERSION}:${IMAGE_TAG}" .
+  docker buildx build --push --platform ${ARCHS} ${DOCKER_ARGS} --build-arg="BASE_IMAGE=${BASE_IMAGE}" --build-arg="DB_PINNED_VERSION=${DB_PINNED_VERSION}" --build-arg="DB_VERSION=${DB_MAJOR_VERSION}" -t "${DOCKER_ORG}/ddev-dbserver-${DB_TYPE}-${DB_MAJOR_VERSION}:${IMAGE_TAG}" .
   set +x
 fi
 
 # By default, load/import into local docker
 set -x
 if [ -z "${PUSH:-}" ]; then
     echo "Loading to local docker ddev/ddev-dbserver-${DB_TYPE}-${DB_MAJOR_VERSION}:${IMAGE_TAG}"
-    docker buildx build --load ${DOCKER_ARGS} --build-arg="DB_TYPE=${DB_TYPE}" --build-arg="DB_VERSION=${DB_MAJOR_VERSION}" --build-arg="BASE_IMAGE=${BASE_IMAGE}" --build-arg="DB_PINNED_VERSION=${DB_PINNED_VERSION}" -t "ddev/ddev-dbserver-${DB_TYPE}-${DB_MAJOR_VERSION}:${IMAGE_TAG}" .
+    docker buildx build --load ${DOCKER_ARGS} --build-arg="DB_TYPE=${DB_TYPE}" --build-arg="DB_VERSION=${DB_MAJOR_VERSION}" --build-arg="BASE_IMAGE=${BASE_IMAGE}" --build-arg="DB_PINNED_VERSION=${DB_PINNED_VERSION}" -t "${DOCKER_ORG}/ddev-dbserver-${DB_TYPE}-${DB_MAJOR_VERSION}:${IMAGE_TAG}" .
 fi