github.com/networkservicemesh/govpp@v0.0.0-20240328101142-8a444680fbba/.github/workflows/ci.yaml (about) 1 --- 2 name: ci 3 on: 4 push: 5 branches: 6 - main 7 tags: 8 - v* 9 paths-ignore: 10 - '**.md' 11 pull_request: 12 paths-ignore: 13 - '**.md' 14 jobs: 15 setup_github_runner: 16 name: Setup actions runner 17 runs-on: ubuntu-latest 18 env: 19 METAL_AUTH_TOKEN: ${{ secrets.PACKET_AUTH_TOKEN }} 20 METAL_PROJECT_ID: ${{ secrets.PACKET_PROJECT_ID }} 21 SERVER_NAME: "nsm-govpp-builder" 22 SERVER_TYPE: "c3.medium.x86" 23 METRO: da 24 steps: 25 - name: Check out code 26 uses: actions/checkout@v2 27 with: 28 path: ${{ github.repository }} 29 - name: Install metal CLI 30 run: | 31 curl -L https://github.com/equinix/metal-cli/releases/download/v0.15.0/metal-linux-amd64 -o metal 32 chmod +x ./metal 33 mv ./metal /usr/local/bin/metal 34 metal -v 35 # Setup ssh to be able to connect to the Packet server 36 - name: Setup ssh 37 id: setup_ssh 38 run: | 39 echo "${{ secrets.PACKET_SSH_KEY }}" > /tmp/sshkey 40 chmod 600 /tmp/sshkey 41 ssh-keygen -f /tmp/sshkey -y > /tmp/sshkey.pub 42 metal ssh-key create --key "$(cat /tmp/sshkey.pub)" --label $SERVER_NAME-ssh -o json | jq -r '.id' 43 44 # Create server and wait to be ready 45 - name: Create server 46 run: | 47 metal device create -p $METAL_PROJECT_ID -P $SERVER_TYPE -m $METRO -H $SERVER_NAME -O ubuntu_20_04 48 max_retry=20 49 for i in $(seq 1 $max_retry); do 50 state=$(metal device get -p $METAL_PROJECT_ID -o json | jq -r '.[] | select(.hostname==env.SERVER_NAME) | .state') 51 [ "$state" == "active" ] && break 52 [[ ${i} -eq $max_retry ]] && echo "Failed!" && exit 1 53 sleep 30s 54 echo "Try #$i" 55 done 56 # Install GitHub action runner on the Packet server. The script uses RUNNER_TOKEN that we can get from GitHub api (gh api ...) 57 # Redirect the script output to file to not show the token 58 - name: Setup actions runner 59 working-directory: ${{ github.repository }} 60 run: | 61 RUNNER_TOKEN=$(gh api \ 62 --method POST \ 63 -H "Accept: application/vnd.github+json" \ 64 -H "X-GitHub-Api-Version: 2022-11-28" \ 65 /repos/networkservicemesh/govpp/actions/runners/registration-token | jq -r '.token') 66 67 SSH_OPTS="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentitiesOnly=yes -i /tmp/sshkey" 68 server_ip=$(metal device get -p $METAL_PROJECT_ID -o json | jq -r '.[] | select(.hostname==env.SERVER_NAME) | .ip_addresses[] | select(.public==true and .address_family==4) | .address') 69 scp ${SSH_OPTS} scripts/setup-actions-runner.sh root@${server_ip}:setup-actions-runner.sh 70 ssh ${SSH_OPTS} root@${server_ip} "./setup-actions-runner.sh $RUNNER_TOKEN &> f.log" 71 env: 72 GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} 73 74 build: 75 name: build 76 needs: setup_github_runner 77 runs-on: self-hosted 78 outputs: 79 docker_tag: ${{ steps.docker_push.outputs.docker_tag }} 80 steps: 81 - name: Docker install 82 run: | 83 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 84 add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable" 85 apt update 86 apt install docker-ce -y 87 - name: Check out code 88 uses: actions/checkout@v2 89 - uses: actions/setup-go@v4 90 with: 91 go-version: 1.20.8 92 93 # Use buildx to build for two platforms (amd64, arm64) in one image 94 - name: Docker Build 95 run: | 96 docker run --rm --privileged multiarch/qemu-user-static --reset -p yes 97 docker buildx create --use --bootstrap 98 echo "docker buildx inspect --bootstrap" 99 docker buildx inspect --bootstrap 100 echo "docker buildx build --platform linux/amd64,linux/arm64 ." 101 docker buildx build --platform linux/amd64,linux/arm64 . 102 103 docker buildx build -t vpp:version --target version --load . 104 105 branch=${{github.event.workflow_run.head_branch}} 106 if [[ $branch == *release/* ]]; then 107 TAG=${branch#release/} 108 else 109 VPP_VERSION=$(docker run vpp:version) 110 TAG=v${VPP_VERSION/\~/-} 111 fi 112 113 echo "TAG=${TAG}" >> $GITHUB_ENV 114 - name: Generate files 115 run: go generate ./... 116 - name: Check for changes in generated code 117 run: | 118 git diff -- binapi || (echo "Rerun go generate ./... locally and resubmit" && exit -1) 119 - name: Go Build 120 run: go build ./... 121 122 - name: Login to GitHub Container Registry 123 id: docker_login 124 if: ${{ github.event_name == 'push' }} 125 uses: docker/login-action@v2 126 with: 127 registry: ghcr.io 128 username: ${{ github.repository_owner }} 129 password: ${{ secrets.GITHUB_TOKEN }} 130 131 # Use the --push flag to publish the image. Currently, buildx only supports this way. 132 - name: Docker Push 133 id: docker_push 134 if: steps.docker_login.outcome == 'success' 135 run: | 136 docker buildx build --platform linux/amd64,linux/arm64 -t ghcr.io/${{github.repository}}/vpp:${TAG} . --target vpp --push 137 echo docker_tag=${TAG} >> $GITHUB_OUTPUT 138 139 - name: Push tag ${TAG} 140 id: tag_commit 141 if: ${{ steps.docker_push.outcome == 'success' && !contains(github.event.workflow_run.head_branch, 'release/') }} 142 run: | 143 git status 144 git tag ${TAG} ${{github.sha}} 145 git push origin ${TAG} -f 146 147 delete_github_runner: 148 name: Delete actions runner 149 if: ${{ always() }} 150 needs: [setup_github_runner, build] 151 runs-on: ubuntu-latest 152 env: 153 METAL_AUTH_TOKEN: ${{ secrets.PACKET_AUTH_TOKEN }} 154 METAL_PROJECT_ID: ${{ secrets.PACKET_PROJECT_ID }} 155 SERVER_NAME: "nsm-govpp-builder" 156 steps: 157 - name: Check out code 158 uses: actions/checkout@v2 159 with: 160 path: ${{ github.repository }} 161 - name: Install metal CLI 162 run: | 163 curl -L https://github.com/equinix/metal-cli/releases/download/v0.15.0/metal-linux-amd64 -o metal 164 chmod +x ./metal 165 mv ./metal /usr/local/bin/metal 166 metal -v 167 168 # Delete GitHub action runner from the Packet server 169 - name: Delete actions runner 170 working-directory: ${{ github.repository }} 171 run: | 172 RUNNER_TOKEN=$(gh api \ 173 --method POST \ 174 -H "Accept: application/vnd.github+json" \ 175 -H "X-GitHub-Api-Version: 2022-11-28" \ 176 /repos/networkservicemesh/govpp/actions/runners/remove-token | jq -r '.token') 177 178 echo "${{ secrets.PACKET_SSH_KEY }}" > /tmp/sshkey 179 chmod 600 /tmp/sshkey 180 SSH_OPTS="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o IdentitiesOnly=yes -i /tmp/sshkey" 181 server_ip=$(metal device get -p $METAL_PROJECT_ID -o json | jq -r '.[] | select(.hostname==env.SERVER_NAME) | .ip_addresses[] | select(.public==true and .address_family==4) | .address') 182 scp ${SSH_OPTS} scripts/delete-actions-runner.sh root@${server_ip}:delete-actions-runner.sh 183 ssh ${SSH_OPTS} root@${server_ip} "./delete-actions-runner.sh $RUNNER_TOKEN &> f.log" 184 env: 185 GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} 186 - name: Delete server 187 run: | 188 device_id=$(metal device get -p $METAL_PROJECT_ID -o json | jq -r '.[] | select(.hostname==env.SERVER_NAME) | .id') 189 metal device delete -i $device_id -f 190 - name: Delete ssh 191 run: | 192 export ssh_label=$SERVER_NAME-ssh 193 ssh_id=$(metal ssh-key get -o json | jq -r '.[] | select(.label==env.ssh_label) | .id') 194 metal ssh-key delete -i $ssh_id -f 195 196 check-gomod-deps: 197 needs: [build] 198 if: ${{ contains(github.event.workflow_run.head_branch, 'release/') }} 199 uses: networkservicemesh/.github/.github/workflows/check-gomod-deps.yaml@main 200 with: 201 tag: ${{ needs.build.outputs.docker_tag }} 202 203 create-release: 204 needs: check-gomod-deps 205 if: ${{ contains(github.event.workflow_run.head_branch, 'release/') }} 206 uses: networkservicemesh/.github/.github/workflows/release.yaml@main 207 secrets: 208 token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }} 209 210 update_dependent_repositories: 211 name: update_dependent_repositories 212 needs: build 213 if: ${{ github.event_name == 'push' }} 214 uses: networkservicemesh/govpp/.github/workflows/update-dependent-repositories.yaml@main 215 with: 216 docker_tag: ${{ needs.build.outputs.docker_tag }} 217 secrets: 218 token: ${{ secrets.NSM_BOT_GITHUB_TOKEN }}