From 0ed0fb3382290b0a04d7a7ffd796ac80d8eaafb4 Mon Sep 17 00:00:00 2001 From: Andrew Lewis Date: Tue, 19 Mar 2024 15:53:29 +0200 Subject: [PATCH 1/6] Migrate to Github Actions --- .drone.jsonnet | 230 --------- .drone.yml | 781 ----------------------------- .github/workflows/docker_build.yml | 82 +++ .github/workflows/nightly.yml | 14 + .github/workflows/release.yml | 15 + Dockerfile | 10 +- Dockerfile.pkg | 2 +- 7 files changed, 116 insertions(+), 1018 deletions(-) delete mode 100644 .drone.jsonnet delete mode 100644 .drone.yml create mode 100644 .github/workflows/docker_build.yml create mode 100644 .github/workflows/nightly.yml create mode 100644 .github/workflows/release.yml diff --git a/.drone.jsonnet b/.drone.jsonnet deleted file mode 100644 index ba38667..0000000 --- a/.drone.jsonnet +++ /dev/null @@ -1,230 +0,0 @@ -local docker_defaults = { - username: { - from_secret: 'docker_username', - }, - password: { - from_secret: 'docker_password', - }, -}; - -local pipeline_defaults = { - kind: 'pipeline', - type: 'docker', -}; - -local trigger_on(what_event) = { - trigger: { - event: { - include: [ - what_event, - ], - }, - }, -}; - -local rspamd_image = 'rspamd/rspamd'; - -local image_tags(asan_tag, arch) = [ - std.format('image%s-%s-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}', [asan_tag, arch]), -]; - -local pkg_tags(arch) = [ - std.format('pkg-%s-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}', arch), -]; - -local architecture_specific_pipeline(arch, get_image_tags=image_tags, get_pkg_tags=pkg_tags, rspamd_git='${DRONE_SEMVER_SHORT}', rspamd_version='${DRONE_SEMVER_SHORT}', long_version='${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}') = { - local step_default_settings = { - platform: 'linux/' + arch, - repo: rspamd_image, - }, - local install_step(name, asan_tag) = { - name: name, - depends_on: [ - 'pkg_' + arch, - ], - image: 'rspamd/drone-docker-plugin', - pull: 'always', - privileged: true, - settings: { - local asan_build_tag = if std.length(asan_tag) != 0 then ['ASAN_TAG=' + asan_tag] else [], - dockerfile: 'Dockerfile', - build_args: [ - 'PKG_TAG=' + get_pkg_tags(arch)[0], - 'TARGETARCH=' + arch, - ] + asan_build_tag, - squash: true, - tags: get_image_tags(asan_tag, arch), - target: 'install', - } + step_default_settings + docker_defaults, - }, - name: 'rspamd_' + arch, - platform: { - os: 'linux', - arch: arch, - }, - steps: [ - { - name: 'pkg_' + arch, - image: 'rspamd/drone-docker-plugin', - pull: 'always', - privileged: true, - settings: { - dockerfile: 'Dockerfile.pkg', - build_args: [ - 'RSPAMD_GIT=' + rspamd_git, - 'RSPAMD_VERSION=' + rspamd_version, - 'TARGETARCH=' + arch, - ], - tags: get_pkg_tags(arch), - target: 'pkg', - } + step_default_settings + docker_defaults, - }, - install_step('install_' + arch, ''), - install_step('install_asan_' + arch, '-asan'), - ], -} + trigger_on('tag') + pipeline_defaults; - -local multiarch_pipeline = { - name: 'rspamd_multiarch', - depends_on: [ - 'rspamd_amd64', - 'rspamd_arm64', - ], - local multiarch_step(step_name, asan_tag) = { - name: step_name, - image: 'plugins/manifest', - pull: 'always', - settings: { - target: std.format('%s:image%s-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}', [rspamd_image, asan_tag]), - template: std.format('%s:image%s-ARCH-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}', [rspamd_image, asan_tag]), - platforms: [ - 'linux/amd64', - 'linux/arm64', - ], - } + docker_defaults, - }, - steps: [ - multiarch_step('multiarch_image', ''), - multiarch_step('multiarch_asan_image', '-asan'), - ], -} + trigger_on('tag') + pipeline_defaults; - -local promo_get_image_name(rspamd_image, arch) = - std.format('%s:image-%s-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}', [rspamd_image, arch]); - -local cron_promo_get_image_name(rspamd_image, arch) = - std.format('%s:nightly-%s', [rspamd_image, arch]); - -local prepromotion_test(arch, get_image_name=promo_get_image_name, branch_name='${DRONE_SEMVER_SHORT}') = { - name: 'prepromo_' + arch, - platform: { - os: 'linux', - arch: arch, - }, - steps: [ - { - name: 'pre_promotion_test', - image: get_image_name(rspamd_image, arch), - pull: 'always', - user: 'root', - commands: [ - 'apt-get update', - 'apt-get install -y git miltertest python3 python3-dev python3-pip python3-venv redis-server', - 'python3 -mvenv $DRONE_WORKSPACE/venv', - 'bash -c "source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: setuptools==57.5.0"', // https://github.com/dmeranda/demjson/issues/43 - 'bash -c "source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: demjson psutil requests robotframework tornado"', - 'git clone -b ' + branch_name + ' https://github.com/rspamd/rspamd.git', - 'RSPAMD_INSTALLROOT=/usr bash -c "source $DRONE_WORKSPACE/venv/bin/activate && umask 0000 && robot --removekeywords wuks --exclude isbroken $DRONE_WORKSPACE/rspamd/test/functional/cases"', - ], - }, - ], -} + trigger_on('promote') + pipeline_defaults; - -local promotion_multiarch(name, step_name, asan_tag) = { - depends_on: [ - 'prepromo_amd64', - 'prepromo_arm64', - ], - name: name, - steps: [ - { - name: step_name, - image: 'plugins/manifest', - pull: 'always', - settings: { - target: std.format('%s:%s${DRONE_SEMVER_SHORT}', [rspamd_image, asan_tag]), - template: std.format('%s:image-%sARCH-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}', [rspamd_image, asan_tag]), - platforms: [ - 'linux/amd64', - 'linux/arm64', - ], - tags: [ - asan_tag + 'latest', - asan_tag + '${DRONE_SEMVER_MAJOR}.${DRONE_SEMVER_MINOR}', - ], - } + docker_defaults, - }, - ], -} + trigger_on('promote') + pipeline_defaults; - -local cron_promotion(asan_tag) = { - depends_on: [ - 'cron_prepromo_amd64', - 'cron_prepromo_arm64', - ], - name: std.format('cron-%spromotion', [asan_tag]), - steps: [ - { - name: 'cron_promotion', - image: 'plugins/manifest', - pull: 'always', - settings: { - target: std.format('%s:%snightly', [rspamd_image, asan_tag]), - template: std.format('%s:nightly-%sARCH', [rspamd_image, asan_tag]), - platforms: [ - 'linux/amd64', - 'linux/arm64', - ], - } + docker_defaults, - }, - ], -} + trigger_on('cron') + pipeline_defaults; - -local cron_image_tags(asan_tag, arch) = [ - std.format('nightly%s-%s', [asan_tag, arch]), -]; - -local cron_pkg_tags(arch) = [ - std.format('pkg-%s-nightly', arch), -]; - -local cron_archspecific_splice(arch) = { - name: 'cron_rspamd_' + arch, -} + trigger_on('cron'); - -local cron_prepromo_splice(arch) = { - name: 'cron_prepromo_' + arch, - depends_on: [ - 'cron_rspamd_' + arch, - ], -} + trigger_on('cron'); - -[ - architecture_specific_pipeline('amd64'), - architecture_specific_pipeline('arm64'), - architecture_specific_pipeline('amd64', cron_image_tags, cron_pkg_tags, 'master', 'auto') + cron_archspecific_splice('amd64'), - architecture_specific_pipeline('arm64', cron_image_tags, cron_pkg_tags, 'master', 'auto') + cron_archspecific_splice('arm64'), - multiarch_pipeline, - prepromotion_test('amd64'), - prepromotion_test('arm64'), - prepromotion_test('amd64', cron_promo_get_image_name, 'master') + cron_prepromo_splice('amd64'), - prepromotion_test('arm64', cron_promo_get_image_name, 'master') + cron_prepromo_splice('arm64'), - promotion_multiarch('promotion_multiarch', 'promote_multiarch', ''), - promotion_multiarch('promotion_multiarch_asan', 'promote_multiarch_asan', 'asan-'), - cron_promotion(''), - cron_promotion('asan-'), - { - kind: 'signature', - hmac: '0000000000000000000000000000000000000000000000000000000000000000', - }, -] diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 14844f4..0000000 --- a/.drone.yml +++ /dev/null @@ -1,781 +0,0 @@ ---- -{ - "kind": "pipeline", - "name": "rspamd_amd64", - "platform": { - "arch": "amd64", - "os": "linux" - }, - "steps": [ - { - "image": "rspamd/drone-docker-plugin", - "name": "pkg_amd64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "RSPAMD_GIT=${DRONE_SEMVER_SHORT}", - "RSPAMD_VERSION=${DRONE_SEMVER_SHORT}", - "TARGETARCH=amd64" - ], - "dockerfile": "Dockerfile.pkg", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/amd64", - "repo": "rspamd/rspamd", - "tags": [ - "pkg-amd64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}" - ], - "target": "pkg", - "username": { - "from_secret": "docker_username" - } - } - }, - { - "depends_on": [ - "pkg_amd64" - ], - "image": "rspamd/drone-docker-plugin", - "name": "install_amd64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "PKG_TAG=pkg-amd64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "TARGETARCH=amd64" - ], - "dockerfile": "Dockerfile", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/amd64", - "repo": "rspamd/rspamd", - "squash": true, - "tags": [ - "image-amd64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}" - ], - "target": "install", - "username": { - "from_secret": "docker_username" - } - } - }, - { - "depends_on": [ - "pkg_amd64" - ], - "image": "rspamd/drone-docker-plugin", - "name": "install_asan_amd64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "PKG_TAG=pkg-amd64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "TARGETARCH=amd64", - "ASAN_TAG=-asan" - ], - "dockerfile": "Dockerfile", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/amd64", - "repo": "rspamd/rspamd", - "squash": true, - "tags": [ - "image-asan-amd64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}" - ], - "target": "install", - "username": { - "from_secret": "docker_username" - } - } - } - ], - "trigger": { - "event": { - "include": [ - "tag" - ] - } - }, - "type": "docker" -} ---- -{ - "kind": "pipeline", - "name": "rspamd_arm64", - "platform": { - "arch": "arm64", - "os": "linux" - }, - "steps": [ - { - "image": "rspamd/drone-docker-plugin", - "name": "pkg_arm64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "RSPAMD_GIT=${DRONE_SEMVER_SHORT}", - "RSPAMD_VERSION=${DRONE_SEMVER_SHORT}", - "TARGETARCH=arm64" - ], - "dockerfile": "Dockerfile.pkg", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/arm64", - "repo": "rspamd/rspamd", - "tags": [ - "pkg-arm64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}" - ], - "target": "pkg", - "username": { - "from_secret": "docker_username" - } - } - }, - { - "depends_on": [ - "pkg_arm64" - ], - "image": "rspamd/drone-docker-plugin", - "name": "install_arm64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "PKG_TAG=pkg-arm64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "TARGETARCH=arm64" - ], - "dockerfile": "Dockerfile", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/arm64", - "repo": "rspamd/rspamd", - "squash": true, - "tags": [ - "image-arm64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}" - ], - "target": "install", - "username": { - "from_secret": "docker_username" - } - } - }, - { - "depends_on": [ - "pkg_arm64" - ], - "image": "rspamd/drone-docker-plugin", - "name": "install_asan_arm64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "PKG_TAG=pkg-arm64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "TARGETARCH=arm64", - "ASAN_TAG=-asan" - ], - "dockerfile": "Dockerfile", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/arm64", - "repo": "rspamd/rspamd", - "squash": true, - "tags": [ - "image-asan-arm64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}" - ], - "target": "install", - "username": { - "from_secret": "docker_username" - } - } - } - ], - "trigger": { - "event": { - "include": [ - "tag" - ] - } - }, - "type": "docker" -} ---- -{ - "kind": "pipeline", - "name": "cron_rspamd_amd64", - "platform": { - "arch": "amd64", - "os": "linux" - }, - "steps": [ - { - "image": "rspamd/drone-docker-plugin", - "name": "pkg_amd64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "RSPAMD_GIT=master", - "RSPAMD_VERSION=auto", - "TARGETARCH=amd64" - ], - "dockerfile": "Dockerfile.pkg", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/amd64", - "repo": "rspamd/rspamd", - "tags": [ - "pkg-amd64-nightly" - ], - "target": "pkg", - "username": { - "from_secret": "docker_username" - } - } - }, - { - "depends_on": [ - "pkg_amd64" - ], - "image": "rspamd/drone-docker-plugin", - "name": "install_amd64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "PKG_TAG=pkg-amd64-nightly", - "TARGETARCH=amd64" - ], - "dockerfile": "Dockerfile", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/amd64", - "repo": "rspamd/rspamd", - "squash": true, - "tags": [ - "nightly-amd64" - ], - "target": "install", - "username": { - "from_secret": "docker_username" - } - } - }, - { - "depends_on": [ - "pkg_amd64" - ], - "image": "rspamd/drone-docker-plugin", - "name": "install_asan_amd64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "PKG_TAG=pkg-amd64-nightly", - "TARGETARCH=amd64", - "ASAN_TAG=-asan" - ], - "dockerfile": "Dockerfile", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/amd64", - "repo": "rspamd/rspamd", - "squash": true, - "tags": [ - "nightly-asan-amd64" - ], - "target": "install", - "username": { - "from_secret": "docker_username" - } - } - } - ], - "trigger": { - "event": { - "include": [ - "cron" - ] - } - }, - "type": "docker" -} ---- -{ - "kind": "pipeline", - "name": "cron_rspamd_arm64", - "platform": { - "arch": "arm64", - "os": "linux" - }, - "steps": [ - { - "image": "rspamd/drone-docker-plugin", - "name": "pkg_arm64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "RSPAMD_GIT=master", - "RSPAMD_VERSION=auto", - "TARGETARCH=arm64" - ], - "dockerfile": "Dockerfile.pkg", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/arm64", - "repo": "rspamd/rspamd", - "tags": [ - "pkg-arm64-nightly" - ], - "target": "pkg", - "username": { - "from_secret": "docker_username" - } - } - }, - { - "depends_on": [ - "pkg_arm64" - ], - "image": "rspamd/drone-docker-plugin", - "name": "install_arm64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "PKG_TAG=pkg-arm64-nightly", - "TARGETARCH=arm64" - ], - "dockerfile": "Dockerfile", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/arm64", - "repo": "rspamd/rspamd", - "squash": true, - "tags": [ - "nightly-arm64" - ], - "target": "install", - "username": { - "from_secret": "docker_username" - } - } - }, - { - "depends_on": [ - "pkg_arm64" - ], - "image": "rspamd/drone-docker-plugin", - "name": "install_asan_arm64", - "privileged": true, - "pull": "always", - "settings": { - "build_args": [ - "PKG_TAG=pkg-arm64-nightly", - "TARGETARCH=arm64", - "ASAN_TAG=-asan" - ], - "dockerfile": "Dockerfile", - "password": { - "from_secret": "docker_password" - }, - "platform": "linux/arm64", - "repo": "rspamd/rspamd", - "squash": true, - "tags": [ - "nightly-asan-arm64" - ], - "target": "install", - "username": { - "from_secret": "docker_username" - } - } - } - ], - "trigger": { - "event": { - "include": [ - "cron" - ] - } - }, - "type": "docker" -} ---- -{ - "depends_on": [ - "rspamd_amd64", - "rspamd_arm64" - ], - "kind": "pipeline", - "name": "rspamd_multiarch", - "steps": [ - { - "image": "plugins/manifest", - "name": "multiarch_image", - "pull": "always", - "settings": { - "password": { - "from_secret": "docker_password" - }, - "platforms": [ - "linux/amd64", - "linux/arm64" - ], - "target": "rspamd/rspamd:image-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "template": "rspamd/rspamd:image-ARCH-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "username": { - "from_secret": "docker_username" - } - } - }, - { - "image": "plugins/manifest", - "name": "multiarch_asan_image", - "pull": "always", - "settings": { - "password": { - "from_secret": "docker_password" - }, - "platforms": [ - "linux/amd64", - "linux/arm64" - ], - "target": "rspamd/rspamd:image-asan-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "template": "rspamd/rspamd:image-asan-ARCH-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "username": { - "from_secret": "docker_username" - } - } - } - ], - "trigger": { - "event": { - "include": [ - "tag" - ] - } - }, - "type": "docker" -} ---- -{ - "kind": "pipeline", - "name": "prepromo_amd64", - "platform": { - "arch": "amd64", - "os": "linux" - }, - "steps": [ - { - "commands": [ - "apt-get update", - "apt-get install -y git miltertest python3 python3-dev python3-pip python3-venv redis-server", - "python3 -mvenv $DRONE_WORKSPACE/venv", - "bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: setuptools==57.5.0\"", - "bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: demjson psutil requests robotframework tornado\"", - "git clone -b ${DRONE_SEMVER_SHORT} https://github.com/rspamd/rspamd.git", - "RSPAMD_INSTALLROOT=/usr bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && umask 0000 && robot --removekeywords wuks --exclude isbroken $DRONE_WORKSPACE/rspamd/test/functional/cases\"" - ], - "image": "rspamd/rspamd:image-amd64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "name": "pre_promotion_test", - "pull": "always", - "user": "root" - } - ], - "trigger": { - "event": { - "include": [ - "promote" - ] - } - }, - "type": "docker" -} ---- -{ - "kind": "pipeline", - "name": "prepromo_arm64", - "platform": { - "arch": "arm64", - "os": "linux" - }, - "steps": [ - { - "commands": [ - "apt-get update", - "apt-get install -y git miltertest python3 python3-dev python3-pip python3-venv redis-server", - "python3 -mvenv $DRONE_WORKSPACE/venv", - "bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: setuptools==57.5.0\"", - "bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: demjson psutil requests robotframework tornado\"", - "git clone -b ${DRONE_SEMVER_SHORT} https://github.com/rspamd/rspamd.git", - "RSPAMD_INSTALLROOT=/usr bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && umask 0000 && robot --removekeywords wuks --exclude isbroken $DRONE_WORKSPACE/rspamd/test/functional/cases\"" - ], - "image": "rspamd/rspamd:image-arm64-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "name": "pre_promotion_test", - "pull": "always", - "user": "root" - } - ], - "trigger": { - "event": { - "include": [ - "promote" - ] - } - }, - "type": "docker" -} ---- -{ - "depends_on": [ - "cron_rspamd_amd64" - ], - "kind": "pipeline", - "name": "cron_prepromo_amd64", - "platform": { - "arch": "amd64", - "os": "linux" - }, - "steps": [ - { - "commands": [ - "apt-get update", - "apt-get install -y git miltertest python3 python3-dev python3-pip python3-venv redis-server", - "python3 -mvenv $DRONE_WORKSPACE/venv", - "bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: setuptools==57.5.0\"", - "bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: demjson psutil requests robotframework tornado\"", - "git clone -b master https://github.com/rspamd/rspamd.git", - "RSPAMD_INSTALLROOT=/usr bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && umask 0000 && robot --removekeywords wuks --exclude isbroken $DRONE_WORKSPACE/rspamd/test/functional/cases\"" - ], - "image": "rspamd/rspamd:nightly-amd64", - "name": "pre_promotion_test", - "pull": "always", - "user": "root" - } - ], - "trigger": { - "event": { - "include": [ - "cron" - ] - } - }, - "type": "docker" -} ---- -{ - "depends_on": [ - "cron_rspamd_arm64" - ], - "kind": "pipeline", - "name": "cron_prepromo_arm64", - "platform": { - "arch": "arm64", - "os": "linux" - }, - "steps": [ - { - "commands": [ - "apt-get update", - "apt-get install -y git miltertest python3 python3-dev python3-pip python3-venv redis-server", - "python3 -mvenv $DRONE_WORKSPACE/venv", - "bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: setuptools==57.5.0\"", - "bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: demjson psutil requests robotframework tornado\"", - "git clone -b master https://github.com/rspamd/rspamd.git", - "RSPAMD_INSTALLROOT=/usr bash -c \"source $DRONE_WORKSPACE/venv/bin/activate && umask 0000 && robot --removekeywords wuks --exclude isbroken $DRONE_WORKSPACE/rspamd/test/functional/cases\"" - ], - "image": "rspamd/rspamd:nightly-arm64", - "name": "pre_promotion_test", - "pull": "always", - "user": "root" - } - ], - "trigger": { - "event": { - "include": [ - "cron" - ] - } - }, - "type": "docker" -} ---- -{ - "depends_on": [ - "prepromo_amd64", - "prepromo_arm64" - ], - "kind": "pipeline", - "name": "promotion_multiarch", - "steps": [ - { - "image": "plugins/manifest", - "name": "promote_multiarch", - "pull": "always", - "settings": { - "password": { - "from_secret": "docker_password" - }, - "platforms": [ - "linux/amd64", - "linux/arm64" - ], - "tags": [ - "latest", - "${DRONE_SEMVER_MAJOR}.${DRONE_SEMVER_MINOR}" - ], - "target": "rspamd/rspamd:${DRONE_SEMVER_SHORT}", - "template": "rspamd/rspamd:image-ARCH-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "username": { - "from_secret": "docker_username" - } - } - } - ], - "trigger": { - "event": { - "include": [ - "promote" - ] - } - }, - "type": "docker" -} ---- -{ - "depends_on": [ - "prepromo_amd64", - "prepromo_arm64" - ], - "kind": "pipeline", - "name": "promotion_multiarch_asan", - "steps": [ - { - "image": "plugins/manifest", - "name": "promote_multiarch_asan", - "pull": "always", - "settings": { - "password": { - "from_secret": "docker_password" - }, - "platforms": [ - "linux/amd64", - "linux/arm64" - ], - "tags": [ - "asan-latest", - "asan-${DRONE_SEMVER_MAJOR}.${DRONE_SEMVER_MINOR}" - ], - "target": "rspamd/rspamd:asan-${DRONE_SEMVER_SHORT}", - "template": "rspamd/rspamd:image-asan-ARCH-${DRONE_SEMVER_SHORT}-${DRONE_SEMVER_BUILD}", - "username": { - "from_secret": "docker_username" - } - } - } - ], - "trigger": { - "event": { - "include": [ - "promote" - ] - } - }, - "type": "docker" -} ---- -{ - "depends_on": [ - "cron_prepromo_amd64", - "cron_prepromo_arm64" - ], - "kind": "pipeline", - "name": "cron-promotion", - "steps": [ - { - "image": "plugins/manifest", - "name": "cron_promotion", - "pull": "always", - "settings": { - "password": { - "from_secret": "docker_password" - }, - "platforms": [ - "linux/amd64", - "linux/arm64" - ], - "target": "rspamd/rspamd:nightly", - "template": "rspamd/rspamd:nightly-ARCH", - "username": { - "from_secret": "docker_username" - } - } - } - ], - "trigger": { - "event": { - "include": [ - "cron" - ] - } - }, - "type": "docker" -} ---- -{ - "depends_on": [ - "cron_prepromo_amd64", - "cron_prepromo_arm64" - ], - "kind": "pipeline", - "name": "cron-asan-promotion", - "steps": [ - { - "image": "plugins/manifest", - "name": "cron_promotion", - "pull": "always", - "settings": { - "password": { - "from_secret": "docker_password" - }, - "platforms": [ - "linux/amd64", - "linux/arm64" - ], - "target": "rspamd/rspamd:asan-nightly", - "template": "rspamd/rspamd:nightly-asan-ARCH", - "username": { - "from_secret": "docker_username" - } - } - } - ], - "trigger": { - "event": { - "include": [ - "cron" - ] - } - }, - "type": "docker" -} ---- -{ - "hmac": "131839e247c3ab48953c3e432e77a045cbccd4d246f23fdc09410dbc882f2107", - "kind": "signature" -} -... diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml new file mode 100644 index 0000000..dd0bf74 --- /dev/null +++ b/.github/workflows/docker_build.yml @@ -0,0 +1,82 @@ +name: Publish Docker image + +on: + workflow_call: + inputs: + nightly: + default: true + required: false + type: boolean + +jobs: + docker_build: + name: docker_build + runs-on: ["ubuntu-latest"] + permissions: + packages: write + contents: read + steps: + - name: Check out source code + uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to the Container registry + run: | + docker login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io + + - name: Set nightly-specific variables + if: ${{ inputs.nightly }} + run: | + echo "IMG_TAGS_ASAN=ghcr.io/${{ github.repository }}:asan-nightly" >> "$GITHUB_ENV" + echo "IMG_TAGS_RELEASE=ghcr.io/${{ github.repository }}:nightly" >> "$GITHUB_ENV" + echo "PKG_TAG_SUFFIX=-nightly" >> "$GITHUB_ENV" + echo "RSPAMD_GIT=master" >> "$GITHUB_ENV" + echo "RSPAMD_VERSION=auto" >> "$GITHUB_ENV" + + - name: Set release-specific variables + if: ${{ ! inputs.nightly }} + run: | + echo "IMG_TAGS_ASAN=ghcr.io/${{ github.repository }}:asan-latest" >> "$GITHUB_ENV" + echo "IMG_TAGS_RELEASE=ghcr.io/${{ github.repository }}:latest" >> "$GITHUB_ENV" + echo "PKG_TAG_SUFFIX=-`echo ${{ github.ref_name }} | sed s/+/-/ | sed s/^v//`" >> "$GITHUB_ENV" + echo "RSPAMD_GIT=`echo ${{ github.ref_name }} | sed s/^v// | sed s/+.*//`" >> "$GITHUB_ENV" + echo "RSPAMD_VERSION=`echo ${{ github.ref_name }} | sed s/^v// | sed s/+.*//`" >> "$GITHUB_ENV" + + - name: Build pkg image + uses: docker/build-push-action@v5 + with: + build-args: | + RSPAMD_GIT=${{ env.RSPAMD_GIT }} + RSPAMD_VERSION=${{ env.RSPAMD_VERSION }} + file: Dockerfile.pkg + platforms: linux/amd64,linux/arm64 + push: true + tags: ghcr.io/${{ github.repository }}:pkg${{ env.PKG_TAG_SUFFIX }} + + - name: Build release image + uses: docker/build-push-action@v5 + with: + build-args: | + PKG_IMG=ghcr.io/${{ github.repository }} + PKG_TAG=pkg${{ env.PKG_TAG_SUFFIX }} + file: Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ env.IMG_TAGS_RELEASE }} + + - name: Build ASAN image + uses: docker/build-push-action@v5 + with: + build-args: | + ASAN_TAG=-asan + PKG_IMG=ghcr.io/${{ github.repository }} + PKG_TAG=pkg${{ env.PKG_TAG_SUFFIX }} + file: Dockerfile + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ env.IMG_TAGS_ASAN }} diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml new file mode 100644 index 0000000..0117db1 --- /dev/null +++ b/.github/workflows/nightly.yml @@ -0,0 +1,14 @@ +name: nightly + +on: + schedule: + - cron: "0 0 * * *" + +jobs: + nightly: + uses: ./.github/workflows/docker_build.yml + with: + nightly: true + permissions: + packages: write + contents: read diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..be5eaab --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,15 @@ +name: release + +on: + push: + tags: + - "v[0-9]+.[0-9]+.[0-9]+\\+[0-9]+" + +jobs: + release: + uses: ./.github/workflows/docker_build.yml + with: + nightly: false + permissions: + packages: write + contents: read diff --git a/Dockerfile b/Dockerfile index 1a03156..753fd7a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,8 @@ ARG DEBIAN_RELEASE=bookworm +ARG PKG_IMG=ghcr.io/rspamd/rspamd-docker ARG PKG_TAG -ARG TARGETARCH -FROM rspamd/rspamd:${PKG_TAG} AS pkg +FROM ${PKG_IMG}:${PKG_TAG} AS pkg FROM scratch AS lid COPY lid.176.ftz / @@ -10,19 +10,17 @@ COPY lid.176.ftz / FROM debian:${DEBIAN_RELEASE}-slim AS install ARG ASAN_TAG -ARG TARGETARCH ENV ASAN_TAG=$ASAN_TAG -ENV TARGETARCH=$TARGETARCH RUN --mount=type=cache,from=pkg,source=/deb,target=/deb \ apt-get update \ - && apt-get install -y `bash -c "dpkg -I /deb/rspamd${ASAN_TAG}_*_${TARGETARCH}.deb | grep '^ Depends:' | perl -p -e 's#Depends: |,|\||\([^)]*\)##g'"` \ + && apt-get install -y `bash -c "dpkg -I /deb/rspamd${ASAN_TAG}_*_*.deb | grep '^ Depends:' | perl -p -e 's#Depends: |,|\||\([^)]*\)##g'"` \ && apt-get -q clean \ && rm -rf /var/cache/ldconfig/aux-cache /var/lib/apt/lists/* /var/log/apt/*.log /var/log/dpkg.log \ && bash -c "find / -mount -newer /proc/1 -not -path '/dev/**' -not -path '/proc/**' -not -path '/sys/**' | xargs touch -h -d '2000-01-01 00:00:00'" RUN --mount=type=cache,from=pkg,source=/deb,target=/deb --mount=type=cache,from=lid,source=/,target=/lid \ - dpkg -i /deb/rspamd${ASAN_TAG}_*_${TARGETARCH}.deb /deb/rspamd${ASAN_TAG}-dbg_*_${TARGETARCH}.deb \ + dpkg -i /deb/rspamd${ASAN_TAG}_*_*.deb /deb/rspamd${ASAN_TAG}-dbg_*_*.deb \ && rm -rf /var/log/dpkg.log \ && cp /lid/lid.176.ftz /usr/share/rspamd/languages/fasttext_model.ftz \ && passwd --expire _rspamd && passwd --expire _rspamd \ diff --git a/Dockerfile.pkg b/Dockerfile.pkg index a5556c4..0c9fc28 100644 --- a/Dockerfile.pkg +++ b/Dockerfile.pkg @@ -4,7 +4,7 @@ ARG RSPAMD_GIT ARG RSPAMD_VERSION ARG TARGETARCH -FROM rspamd/pkg:debian-${DEBIAN_RELEASE} AS build +FROM ghcr.io/rspamd/rspamd-build-docker:debian-${DEBIAN_RELEASE} AS build RUN mkdir /build /deb && chown nobody:nogroup /build /deb \ && apt-get update \ From ac539562e17351a2b3795c19c26ecabaaa164136 Mon Sep 17 00:00:00 2001 From: Andrew Lewis Date: Tue, 19 Mar 2024 19:24:08 +0200 Subject: [PATCH 2/6] Add more version tags --- .github/workflows/docker_build.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index dd0bf74..a506157 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -41,8 +41,16 @@ jobs: - name: Set release-specific variables if: ${{ ! inputs.nightly }} run: | - echo "IMG_TAGS_ASAN=ghcr.io/${{ github.repository }}:asan-latest" >> "$GITHUB_ENV" - echo "IMG_TAGS_RELEASE=ghcr.io/${{ github.repository }}:latest" >> "$GITHUB_ENV" + export VERSION_BUILD=`echo ${{ github.ref_name }} | sed s/^v// | sed 's/\+/-/'` + echo "VERSION_BUILD=${VERSION_BUILD}" >> "$GITHUB_ENV" + export VERSION_FULL=`echo ${{ github.ref_name }} | sed s/^v// | sed 's/\+.*//'` + echo "VERSION_FULL=${VERSION_FULL}" >> "$GITHUB_ENV" + export VERSION_MAJOR_MINOR=${VERSION_FULL%.*} + echo "VERSION_MAJOR_MINOR=${VERSION_MAJOR_MINOR}" >> "$GITHUB_ENV" + export VERSION_MAJOR=`echo ${{ github.ref_name }} | sed s/^v// | sed 's/[^0-9].*//'` + echo "VERSION_MAJOR=${VERSION_MAJOR}" >> "$GITHUB_ENV" + echo "IMG_TAGS_ASAN=ghcr.io/${{ github.repository }}:asan-latest,ghcr.io/${{ github.repository }}:asan-${VERSION_BUILD},ghcr.io/${{ github.repository }}:asan-${VERSION_FULL},ghcr.io/${{ github.repository }}:asan-${VERSION_MAJOR_MINOR},ghcr.io/${{ github.repository }}:asan-${VERSION_MAJOR}" >> "$GITHUB_ENV" + echo "IMG_TAGS_RELEASE=ghcr.io/${{ github.repository }}:latest,ghcr.io/${{ github.repository }}:${VERSION_BUILD},ghcr.io/${{ github.repository }}:${VERSION_FULL},ghcr.io/${{ github.repository }}:${VERSION_MAJOR_MINOR},ghcr.io/${{ github.repository }}:${VERSION_MAJOR}" >> "$GITHUB_ENV" echo "PKG_TAG_SUFFIX=-`echo ${{ github.ref_name }} | sed s/+/-/ | sed s/^v//`" >> "$GITHUB_ENV" echo "RSPAMD_GIT=`echo ${{ github.ref_name }} | sed s/^v// | sed s/+.*//`" >> "$GITHUB_ENV" echo "RSPAMD_VERSION=`echo ${{ github.ref_name }} | sed s/^v// | sed s/+.*//`" >> "$GITHUB_ENV" From a2c6e9496352a6f2a5d15b8c0cba2cb3c0a7df5b Mon Sep 17 00:00:00 2001 From: Andrew Lewis Date: Fri, 22 Mar 2024 13:29:06 +0200 Subject: [PATCH 3/6] Add tests; dockerhub --- .github/workflows/docker_build.yml | 57 ++++++++++++++++++++++++------ .github/workflows/nightly.yml | 20 ++++++++++- .github/workflows/promote.yml | 54 ++++++++++++++++++++++++++++ .github/workflows/release.yml | 20 ++++++++++- .github/workflows/rspamd_test.yml | 29 +++++++++++++++ 5 files changed, 168 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/promote.yml create mode 100644 .github/workflows/rspamd_test.yml diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml index a506157..0ae8c89 100644 --- a/.github/workflows/docker_build.yml +++ b/.github/workflows/docker_build.yml @@ -3,14 +3,31 @@ name: Publish Docker image on: workflow_call: inputs: + dockerhub_name: + default: rspamd/rspamd + required: false + type: string nightly: default: true required: false type: boolean + outputs: + dockerhub_tags_asan: + description: "Tags to set in Dockerhub (ASAN)" + value: ${{ jobs.docker_build.outputs.dockerhub_tags_asan }} + dockerhub_tags_release: + description: "Tags to set in Dockerhub (release)" + value: ${{ jobs.docker_build.outputs.dockerhub_tags_release }} + tag: + description: "Tag in rspamd repo to check out for tests" + value: ${{ jobs.docker_build.outputs.tag }} jobs: docker_build: - name: docker_build + outputs: + dockerhub_tags_asan: ${{ steps.save_output.outputs.dockerhub_tags_asan }} + dockerhub_tags_release: ${{ steps.save_output.outputs.dockerhub_tags_release }} + tag: ${{ steps.save_output.outputs.tag }} runs-on: ["ubuntu-latest"] permissions: packages: write @@ -25,15 +42,26 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Log in to the Container registry - run: | - docker login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io + - name: Log in to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Log in to Dockerhub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} - name: Set nightly-specific variables if: ${{ inputs.nightly }} run: | - echo "IMG_TAGS_ASAN=ghcr.io/${{ github.repository }}:asan-nightly" >> "$GITHUB_ENV" - echo "IMG_TAGS_RELEASE=ghcr.io/${{ github.repository }}:nightly" >> "$GITHUB_ENV" + echo "IMG_TAGS_GHCR_ASAN=ghcr.io/${{ github.repository }}:asan-nightly" >> "$GITHUB_ENV" + echo "IMG_TAGS_GHCR_RELEASE=ghcr.io/${{ github.repository }}:nightly" >> "$GITHUB_ENV" + echo "IMG_TAGS_DOCKERHUB_ASAN=${{ inputs.dockerhub_name }}:asan-nightly" >> "$GITHUB_ENV" + echo "IMG_TAGS_DOCKERHUB_RELEASE=${{ inputs.dockerhub_name }}:nightly" >> "$GITHUB_ENV" echo "PKG_TAG_SUFFIX=-nightly" >> "$GITHUB_ENV" echo "RSPAMD_GIT=master" >> "$GITHUB_ENV" echo "RSPAMD_VERSION=auto" >> "$GITHUB_ENV" @@ -49,12 +77,21 @@ jobs: echo "VERSION_MAJOR_MINOR=${VERSION_MAJOR_MINOR}" >> "$GITHUB_ENV" export VERSION_MAJOR=`echo ${{ github.ref_name }} | sed s/^v// | sed 's/[^0-9].*//'` echo "VERSION_MAJOR=${VERSION_MAJOR}" >> "$GITHUB_ENV" - echo "IMG_TAGS_ASAN=ghcr.io/${{ github.repository }}:asan-latest,ghcr.io/${{ github.repository }}:asan-${VERSION_BUILD},ghcr.io/${{ github.repository }}:asan-${VERSION_FULL},ghcr.io/${{ github.repository }}:asan-${VERSION_MAJOR_MINOR},ghcr.io/${{ github.repository }}:asan-${VERSION_MAJOR}" >> "$GITHUB_ENV" - echo "IMG_TAGS_RELEASE=ghcr.io/${{ github.repository }}:latest,ghcr.io/${{ github.repository }}:${VERSION_BUILD},ghcr.io/${{ github.repository }}:${VERSION_FULL},ghcr.io/${{ github.repository }}:${VERSION_MAJOR_MINOR},ghcr.io/${{ github.repository }}:${VERSION_MAJOR}" >> "$GITHUB_ENV" + echo "IMG_TAGS_DOCKERHUB_ASAN=${{ inputs.dockerhub_name }}:asan-latest,${{ inputs.dockerhub_name }}:asan-${VERSION_BUILD},${{ inputs.dockerhub_name }}:asan-${VERSION_FULL},${{ inputs.dockerhub_name }}:asan-${VERSION_MAJOR_MINOR},${{ inputs.dockerhub_name }}:asan-${VERSION_MAJOR}" >> "$GITHUB_ENV" + echo "IMG_TAGS_GHCR_ASAN=ghcr.io/${{ github.repository }}:asan-latest,ghcr.io/${{ github.repository }}:asan-${VERSION_BUILD},ghcr.io/${{ github.repository }}:asan-${VERSION_FULL},ghcr.io/${{ github.repository }}:asan-${VERSION_MAJOR_MINOR},ghcr.io/${{ github.repository }}:asan-${VERSION_MAJOR}" >> "$GITHUB_ENV" + echo "IMG_TAGS_DOCKERHUB_RELEASE=${{ inputs.dockerhub_name }}:latest,${{ inputs.dockerhub_name }}:${VERSION_BUILD},${{ inputs.dockerhub_name }}:${VERSION_FULL},${{ inputs.dockerhub_name }}:${VERSION_MAJOR_MINOR},${{ inputs.dockerhub_name }}:${VERSION_MAJOR}" >> "$GITHUB_ENV" + echo "IMG_TAGS_GHCR_RELEASE=ghcr.io/${{ github.repository }}:latest,ghcr.io/${{ github.repository }}:${VERSION_BUILD},ghcr.io/${{ github.repository }}:${VERSION_FULL},ghcr.io/${{ github.repository }}:${VERSION_MAJOR_MINOR},ghcr.io/${{ github.repository }}:${VERSION_MAJOR}" >> "$GITHUB_ENV" echo "PKG_TAG_SUFFIX=-`echo ${{ github.ref_name }} | sed s/+/-/ | sed s/^v//`" >> "$GITHUB_ENV" echo "RSPAMD_GIT=`echo ${{ github.ref_name }} | sed s/^v// | sed s/+.*//`" >> "$GITHUB_ENV" echo "RSPAMD_VERSION=`echo ${{ github.ref_name }} | sed s/^v// | sed s/+.*//`" >> "$GITHUB_ENV" + - name: Save output + id: save_output + run: | + echo "dockerhub_tags_asan=${{ env.IMG_TAGS_DOCKERHUB_ASAN }}" >> $GITHUB_OUTPUT + echo "dockerhub_tags_release=${{ env.IMG_TAGS_DOCKERHUB_RELEASE }}" >> $GITHUB_OUTPUT + echo "tag=${{ env.RSPAMD_GIT }}" >> $GITHUB_OUTPUT + - name: Build pkg image uses: docker/build-push-action@v5 with: @@ -75,7 +112,7 @@ jobs: file: Dockerfile platforms: linux/amd64,linux/arm64 push: true - tags: ${{ env.IMG_TAGS_RELEASE }} + tags: ${{ env.IMG_TAGS_GHCR_RELEASE }} - name: Build ASAN image uses: docker/build-push-action@v5 @@ -87,4 +124,4 @@ jobs: file: Dockerfile platforms: linux/amd64,linux/arm64 push: true - tags: ${{ env.IMG_TAGS_ASAN }} + tags: ${{ env.IMG_TAGS_GHCR_ASAN }} diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 0117db1..6fda3d6 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -5,10 +5,28 @@ on: - cron: "0 0 * * *" jobs: - nightly: + build: uses: ./.github/workflows/docker_build.yml with: nightly: true permissions: packages: write contents: read + secrets: inherit + + test: + needs: [build] + uses: ./.github/workflows/rspamd_test.yml + with: + image: ghcr.io/${{ github.repository }}:nightly + tag: "${{ needs.build.outputs.tag }}" + + promote: + needs: [test] + uses: ./.github/workflows/promote.yml + with: + image: ghcr.io/${{ github.repository }}:nightly + image_asan: ghcr.io/${{ github.repository }}:asan-nightly + dockerhub_tags_asan: "${{ needs.build.outputs.dockerhub_tags_asan }}" + dockerhub_tags_release: "${{ needs.build.outputs.dockerhub_tags_release }}" + secrets: inherit diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml new file mode 100644 index 0000000..7fd861e --- /dev/null +++ b/.github/workflows/promote.yml @@ -0,0 +1,54 @@ +name: rspamd_test + +on: + workflow_call: + inputs: + dockerhub_tags_asan: + required: true + type: string + dockerhub_tags_release: + required: true + type: string + image: + required: true + type: string + image_asan: + required: true + type: string + +jobs: + promote: + runs-on: "ubuntu-latest" + steps: + - name: Log in to Dockerhub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Log in to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Push image + run: | + docker pull ${{ inputs.image }} + IFS=, read -a tags <<< "${{ inputs.dockerhub_tags_release }}" + for tag in ${tags[@]} + do + docker buildx imagetools create -t ${tag} ${{ inputs.image }} + docker push ${tag} + done + + - name: Push ASAN image + run: | + docker pull ${{ inputs.image_asan }} + IFS=, read -a tags <<< "${{ inputs.dockerhub_tags_asan }}" + for tag in ${tags[@]} + do + docker buildx imagetools create -t ${tag} ${{ inputs.image_asan }} + docker push ${tag} + done diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index be5eaab..07dcf04 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,10 +6,28 @@ on: - "v[0-9]+.[0-9]+.[0-9]+\\+[0-9]+" jobs: - release: + build: uses: ./.github/workflows/docker_build.yml with: nightly: false permissions: packages: write contents: read + secrets: inherit + + test: + needs: [build] + uses: ./.github/workflows/rspamd_test.yml + with: + image: ghcr.io/${{ github.repository }}:latest + tag: "${{ needs.build.outputs.tag }}" + + promote: + needs: [build, test] + uses: ./.github/workflows/promote.yml + with: + image: ghcr.io/${{ github.repository }}:latest + image_asan: ghcr.io/${{ github.repository }}:asan-latest + dockerhub_tags_asan: "${{ needs.build.outputs.dockerhub_tags_asan }}" + dockerhub_tags_release: "${{ needs.build.outputs.dockerhub_tags_release }}" + secrets: inherit diff --git a/.github/workflows/rspamd_test.yml b/.github/workflows/rspamd_test.yml new file mode 100644 index 0000000..cc5d250 --- /dev/null +++ b/.github/workflows/rspamd_test.yml @@ -0,0 +1,29 @@ +name: rspamd_test + +on: + workflow_call: + inputs: + image: + required: true + type: string + tag: + required: true + type: string + +jobs: + rspamd_test: + runs-on: "ubuntu-latest" + container: + image: ${{ inputs.image }} + options: --user root + steps: + - name: Run tests + run: | + apt-get update + apt-get install -y git miltertest python3 python3-dev python3-pip python3-venv redis-server + mkdir -p $GITHUB_WORKSPACE + python3 -mvenv $GITHUB_WORKSPACE/venv + bash -c "source $GITHUB_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: setuptools==57.5.0" + bash -c "source $GITHUB_WORKSPACE/venv/bin/activate && pip3 install --no-cache --disable-pip-version-check --no-binary :all: demjson psutil requests robotframework tornado" + git clone -b ${{ inputs.tag }} https://github.com/rspamd/rspamd.git + RSPAMD_INSTALLROOT=/usr bash -c "source $GITHUB_WORKSPACE/venv/bin/activate && robot --removekeywords wuks --exclude isbroken $GITHUB_WORKSPACE/rspamd/test/functional/cases" From 5492eb274f3654ea17943b1ef638ee55b6a51127 Mon Sep 17 00:00:00 2001 From: Andrew Lewis Date: Fri, 22 Mar 2024 14:37:21 +0200 Subject: [PATCH 4/6] Fix previous change --- .github/workflows/promote.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml index 7fd861e..33ec1b2 100644 --- a/.github/workflows/promote.yml +++ b/.github/workflows/promote.yml @@ -40,7 +40,6 @@ jobs: for tag in ${tags[@]} do docker buildx imagetools create -t ${tag} ${{ inputs.image }} - docker push ${tag} done - name: Push ASAN image @@ -50,5 +49,4 @@ jobs: for tag in ${tags[@]} do docker buildx imagetools create -t ${tag} ${{ inputs.image_asan }} - docker push ${tag} done From 672286637f0b8548a5d286cc507b548980240c17 Mon Sep 17 00:00:00 2001 From: Andrew Lewis Date: Fri, 22 Mar 2024 18:18:58 +0200 Subject: [PATCH 5/6] Further fix for previous changes --- .github/workflows/nightly.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 6fda3d6..da7dc21 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -22,7 +22,7 @@ jobs: tag: "${{ needs.build.outputs.tag }}" promote: - needs: [test] + needs: [build, test] uses: ./.github/workflows/promote.yml with: image: ghcr.io/${{ github.repository }}:nightly From 45a319afb964c208f1480df6f80fe04e1e8765d7 Mon Sep 17 00:00:00 2001 From: Andrew Lewis Date: Fri, 22 Mar 2024 16:28:06 +0200 Subject: [PATCH 6/6] Remove some unnecessary stuff --- .github/workflows/promote.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/promote.yml b/.github/workflows/promote.yml index 33ec1b2..d7bcb62 100644 --- a/.github/workflows/promote.yml +++ b/.github/workflows/promote.yml @@ -35,7 +35,6 @@ jobs: - name: Push image run: | - docker pull ${{ inputs.image }} IFS=, read -a tags <<< "${{ inputs.dockerhub_tags_release }}" for tag in ${tags[@]} do @@ -44,7 +43,6 @@ jobs: - name: Push ASAN image run: | - docker pull ${{ inputs.image_asan }} IFS=, read -a tags <<< "${{ inputs.dockerhub_tags_asan }}" for tag in ${tags[@]} do