HUB/workflows
18
0
Fork 0
Code Pull Requests 1 Actions Packages Releases Wiki Activity
Files
0dcd1b5a97dccb1c455c7aecfb5a5ef3c49f04c0
workflows/.github/workflows/build.yaml

129 lines
4.5 KiB
YAML
Raw Blame History

on:
workflow_call:
inputs:
lfs:
type: boolean
default: false
tag:
type: string
required: false
default: latest
force_build:
type: boolean
default: false
arch:
type: string
default: "linux/amd64,linux/arm64/v8"
secrets:
VK_TEAMS_BOT_TOKEN:
required: true
VK_TEAMS_CHAT_ID:
required: true
jobs:
build:
runs-on: gpu
env:
CR_REGISTRY: crp8vh46gd976oq8ipla
CR_REPO: ${{ github.event.repository.name }}
IMAGE_TAG: ${{ github.sha }}
steps:
- name: Notify (started)
uses: https://bb.hublab.ru/HUB/workflows/.gitea/actions/vk-notify@main
env:
VK_TEAMS_BOT_TOKEN: ${{ secrets.VK_TEAMS_BOT_TOKEN }}
VK_TEAMS_CHAT_ID: ${{ secrets.VK_TEAMS_CHAT_ID }}
with:
result: started
name: build tag ${{ inputs.tag }}
- uses: actions/checkout@v4
with:
lfs: ${{ inputs.lfs }}
- name: Use ssh key
uses: webfactory/ssh-agent@v0.9.0
with:
ssh-private-key: |
${{ secrets.LIB_SSH_KEY }}
${{ secrets.LIB_NEW_SSH_KEY }}
- name: Yandex Cloud Login
uses: yc-actions/yc-cr-login@v2
with:
yc-sa-json-credentials: ${{ secrets.YC_SA_JSON_CREDENTIALS }}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
with:
install: true
- name: Shorten commit SHA
run: echo "SHORT_SHA=${GITHUB_SHA::7}" >> $GITHUB_ENV
- name: Normalize tag
id: normalize
run: |
SAFE_TAG=$(echo "${{ inputs.tag }}" | tr '/' '-')
echo "SAFE_TAG=$SAFE_TAG" >> $GITHUB_ENV
- name: Restore Docker layer cache
uses: actions/cache/restore@v4
with:
path: /cache/${{ github.repository }}/buildx-cache
key: ${{ runner.os }}-${{ github.repository }}-buildx-${{ hashFiles(format('{0}/Dockerfile', github.workspace), format('{0}/**/requirements.txt', github.workspace), format('{0}/**/*lock*', github.workspace), format('{0}/**/package-lock.json', github.workspace), format('{0}/**/poetry.lock', github.workspace)) }}
restore-keys: |
${{ runner.os }}-${{ github.repository }}-buildx-
${{ runner.os }}-buildx-
- name: Build and push multi-arch image
id: build-step
uses: docker/build-push-action@v6
with:
push: true
context: .
builder: ${{ steps.buildx.outputs.name }}
tags: |
cr.yandex/${{ env.CR_REGISTRY }}/${{ env.CR_REPO }}:${{ env.SHORT_SHA }}
cr.yandex/${{ env.CR_REGISTRY }}/${{ env.CR_REPO }}:${{ env.SAFE_TAG }}
platforms: ${{ inputs.arch }}
ssh: default
no-cache: ${{ inputs.force_build }}
build-args: |
GIT_COMMIT=${{ github.sha }}
cache-from: |
type=local,src=/cache/${{ github.repository }}/buildx-cache
cache-to: |
type=local,dest=/cache/${{ github.repository }}/buildx-cache-new,mode=max
- name: Move new cache if it exists
if: steps.build-step.outcome == 'success'
run: |
mkdir -p /cache/${{ github.repository }}
if [ -d /cache/${{ github.repository }}/buildx-cache-new ]; then
echo "Found new buildx cache, replacing old one..."
rm -rf /cache/${{ github.repository }}/buildx-cache
mv /cache/${{ github.repository }}/buildx-cache-new /cache/${{ github.repository }}/buildx-cache
else
echo "No new buildx cache found, keeping old one."
fi
- name: Save Docker layer cache
if: steps.build-step.outcome == 'success'
uses: actions/cache/save@v4
with:
path: /cache/${{ github.repository }}/buildx-cache
key: ${{ runner.os }}-${{ github.repository }}-buildx-${{ hashFiles(format('{0}/Dockerfile', github.workspace), format('{0}/**/requirements.txt', github.workspace), format('{0}/**/*lock*', github.workspace), format('{0}/**/package-lock.json', github.workspace), format('{0}/**/poetry.lock', github.workspace)) }}
- name: Notify (result)
if: always()
uses: https://bb.hublab.ru/HUB/workflows/.gitea/actions/vk-notify@main
env:
VK_TEAMS_BOT_TOKEN: ${{ secrets.VK_TEAMS_BOT_TOKEN }}
VK_TEAMS_CHAT_ID: ${{ secrets.VK_TEAMS_CHAT_ID }}
with:
result: ${{ steps.build-step.outcome }}
name: build tag ${{ inputs.tag }}
View Git Blame Copy Permalink