Build docker on PRs, and inline docker GHA config (#584)

* Docker: `poetry install` verbosely * Now try building on ARM * Don't use workflow repo's docker workflow This config seemed to build arm wheels much more quickly and I've no idea why!?!! * Changelog * Revert "Now try building on ARM" This reverts commit c733ced. * Remove bad copypasta
matrix-org · Nov 20, 2023 · 7efe9b5 · 7efe9b5
1 parent 1264936
commit 7efe9b5
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 9 deletions.
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -2,16 +2,48 @@ name: Docker
 
 on:
   push:
+    branches: ["main"]
     tags: ["v*"]
-    branches: [ main ]
+
+env:
+  PLATFORMS: "linux/amd64,linux/arm64"
 
 jobs:
   build:
     name: Build and publish images
-    uses: "matrix-org/backend-meta/.github/workflows/docker.yml@v1"
-    with:
-      image-name: matrixdotorg/sydent
-      publish: true
-    secrets:
-      DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
-      DOCKER_HUB_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: docker/setup-qemu-action@v2
+        with:
+          platforms: ${{ env.PLATFORMS }}
+      - uses: docker/setup-buildx-action@v2
+      - uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build main Sydent image
+        if: github.ref_name == 'main'
+        uses: docker/build-push-action@v4
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          platforms: ${{ env.PLATFORMS }}
+          push: true
+          tags: |
+            matrixdotorg/sydent:main
+
+      - name: Build release Sydent image
+        if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
+        uses: docker/build-push-action@v4
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          platforms: ${{ env.PLATFORMS }}
+          push: true
+          tags: |
+            matrixdotorg/sydent:latest
+            matrixdotorg/sydent:${{ github.ref_name }}
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
@@ -59,6 +59,22 @@ jobs:
   packaging:
     uses: "matrix-org/backend-meta/.github/workflows/packaging.yml@v1"
 
+  docker:
+    # Sanity check that we can build the x64 image
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Build image
+        uses: docker/build-push-action@v4
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          push: false
+
   run-tests:
     name: Tests
     if: ${{ !cancelled() && !failure() }} # Allow previous steps to be skipped, but not fail

diff --git a/Dockerfile b/Dockerfile
@@ -26,7 +26,7 @@ COPY --chown=sydent:sydent ["sydent", "sydent"]
 COPY --chown=sydent:sydent ["README.rst", "pyproject.toml", "poetry.lock", "./"]
 
 # Install dependencies
-RUN python -m poetry install --no-dev --no-interaction --extras "prometheus sentry"
+RUN python -m poetry install -vv --no-dev --no-interaction --extras "prometheus sentry"
 
 # Record dependencies for posterity
 RUN python -m poetry export -o requirements.txt

diff --git a/changelog.d/584.misc b/changelog.d/584.misc
@@ -0,0 +1 @@
+Inline docker job definition in this repo, and update docker-related action versions.