Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate docker images from docker.hub to ghcr registry #34

Merged
merged 15 commits into from
Jul 25, 2024
Merged

Migrate docker images from docker.hub to ghcr registry #34

Show file tree
Hide file tree
Changes from 11 commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
27f495e
add ghcr as registry
sotojn Jul 22, 2024
16e5bb2
add echo for github repo variable
sotojn Jul 22, 2024
a36559e
move test outside
sotojn Jul 23, 2024
c1559a4
adjust repo name
sotojn Jul 23, 2024
bc0958b
fix registry on build step
sotojn Jul 23, 2024
21961e8
change registry globally
sotojn Jul 23, 2024
fd5a582
make image public
sotojn Jul 23, 2024
bca7a38
add ghcr release build
sotojn Jul 23, 2024
c31fcbf
fix unknown arc problem
sotojn Jul 23, 2024
9213406
add correct image labels
sotojn Jul 23, 2024
02026fa
update readme
sotojn Jul 24, 2024
115d38c
update readme with docker pull info
sotojn Jul 24, 2024
bbd7296
adjust node_version and kafka_connector labels
sotojn Jul 24, 2024
7875c67
unpin node 22
sotojn Jul 24, 2024
1c73201
Add namespace to our custom image labels
godber Jul 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 20 additions & 4 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@ on:
- '!master'

env:
IMAGE_NAME: ${{ github.repository_owner }}/node-base
REGISTRY: ghcr.io
IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/node-base

jobs:
build_matrix:
Expand All @@ -20,6 +21,11 @@ jobs:
# Ex: ["18", "20", "22"] ---> ["18.19.1", "20", "22"]
version: ["18", "20", "22.4.1"]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
attestations: write
id-token: write

steps:
-
Expand All @@ -29,20 +35,30 @@ jobs:
name: Log in to the Container registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
platforms: linux/arm64,linux/amd64
-
name: Get timestamp for docker build
id: docker_time_stamp
run: echo "BUILD_TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")" >> $GITHUB_ENV
-
name: Build
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/arm64,linux/amd64
build-args: "NODE_VERSION=${{ matrix.version }}"
build-args: |
"NODE_VERSION=${{ matrix.version }}"
"GITHUB_SHA=${{ github.sha }}"
"BUILD_TIMESTAMP=${{ env.BUILD_TIMESTAMP }}"
provenance: false
sbom: false
pull: true
push: true
file: ./Dockerfile
Expand Down
25 changes: 21 additions & 4 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,8 @@ on:
workflow_dispatch:

env:
IMAGE_NAME: ${{ github.repository_owner }}/node-base
REGISTRY: ghcr.io
IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/node-base

jobs:
build_and_release_matrix:
Expand All @@ -21,6 +22,12 @@ jobs:
# Ex: ["18", "20", "22"] ---> ["18.19.1", "20", "22"]
version: ["18", "20", "22.4.1"]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
attestations: write
id-token: write

steps:
-
name: Checkout
Expand All @@ -29,20 +36,30 @@ jobs:
name: Log in to the Container registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
platforms: linux/arm64,linux/amd64
-
name: Get timestamp for docker build
id: docker_time_stamp
run: echo "BUILD_TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")" >> $GITHUB_ENV
-
name: Build
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/arm64,linux/amd64
build-args: "NODE_VERSION=${{ matrix.version }}"
build-args: |
"NODE_VERSION=${{ matrix.version }}"
"GITHUB_SHA=${{ github.sha }}"
"BUILD_TIMESTAMP=${{ env.BUILD_TIMESTAMP }}"
provenance: false
sbom: false
pull: true
push: true
file: ./Dockerfile
Expand Down
14 changes: 12 additions & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
ARG NODE_VERSION
FROM node:${NODE_VERSION}-alpine

ARG GITHUB_SHA
ARG BUILD_TIMESTAMP

RUN apk --no-cache add \
bash \
curl \
Expand Down Expand Up @@ -67,8 +70,15 @@ COPY wait-for-it.sh /usr/local/bin/wait-for-it

ENV NODE_OPTIONS "--max-old-space-size=2048"

LABEL node_version="$NODE_VERSION"
LABEL kafka_connector_version="1.0.0"
LABEL org.opencontainers.image.created="$BUILD_TIMESTAMP" \
org.opencontainers.image.documentation="https://github.com/terascope/base-docker-image/blob/master/README.md" \
org.opencontainers.image.licenses="MIT License" \
org.opencontainers.image.revision="$GITHUB_SHA" \
org.opencontainers.image.source="https://github.com/terascope/base-docker-image" \
org.opencontainers.image.title="Node-base" \
org.opencontainers.image.vendor="Terascope" \
org.opencontainers.image.node_version="$NODE_VERSION" \
org.opencontainers.image.kafka_connector_version="1.0.0"

# Use tini to handle sigterm and zombie processes
ENTRYPOINT ["/sbin/tini", "--"]
13 changes: 11 additions & 2 deletions Dockerfile.core
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
ARG NODE_VERSION
FROM node:${NODE_VERSION}-alpine

ARG GITHUB_SHA
ARG BUILD_TIMESTAMP

RUN apk --no-cache add \
bash \
curl \
Expand Down Expand Up @@ -37,7 +40,13 @@ COPY wait-for-it.sh /usr/local/bin/wait-for-it

ENV NODE_OPTIONS "--max-old-space-size=2048"

LABEL node_version="$NODE_VERSION"

LABEL org.opencontainers.image.created="$BUILD_TIMESTAMP" \
org.opencontainers.image.documentation="https://github.com/terascope/base-docker-image/blob/master/README.md" \
org.opencontainers.image.licenses="MIT License" \
org.opencontainers.image.revision="$GITHUB_SHA" \
org.opencontainers.image.source="https://github.com/terascope/base-docker-image" \
org.opencontainers.image.title="Node-base-core" \
org.opencontainers.image.vendor="Terascope" \
org.opencontainers.image.node_version="$NODE_VERSION"
# Use tini to handle sigterm and zombie processes
ENTRYPOINT ["/sbin/tini", "--"]
33 changes: 24 additions & 9 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,27 +15,30 @@ Without: (this will save the image size by roughly 200MB)

**_DEPRECATED:_** Core images are no longer built and pushed to docker.hub.

- `terascope/node-base:22.2.0-core`
- `terascope/node-base:20.11.1-core`
- `terascope/node-base:18.19.1-core`
- `terascope/node-base:22-core`
- `terascope/node-base:20-core`
- `terascope/node-base:18-core`
- `terascope/node-base:22.*.*-core`
- `terascope/node-base:20.*.*-core`
- `terascope/node-base:18.*.*-core`

Check for the latest version tags here:

https://hub.docker.com/r/terascope/node-base/tags
https://github.com/terascope/base-docker-image/pkgs/container/node-base

At the moment, manual builds can be done like this (substitute the appropriate
NodeJS version):

```bash
# With connectors
docker build --file Dockerfile --pull \
--build-arg NODE_VERSION=18.19.1 \
--tag terascope/node-base:18.19.1 .
--build-arg NODE_VERSION=18 \
--tag ghcr.io/terascope/node-base:18 .

# Without connectors
docker build --file Dockerfile.core --pull \
--build-arg NODE_VERSION=18.19.1 \
--tag terascope/node-base:18.19.1-core .
--build-arg NODE_VERSION=18 \
--tag ghcr.io/terascope/node-base:18-core .
```

Double check the action output before relying on the above commands.
Expand All @@ -44,6 +47,18 @@ Double check the action output before relying on the above commands.

- Docker image builds will happen on any push to any branch other than `master`.
- When a Github release is made, the image will be built and then pushed to
docker hub.
the github container registry.

**NOTE:** _When making changes to the github workflows, the node matrix array only supports either a major node version or a full specific node version. Ex: [18, 22.4.1]. Adding a major-minor version like "18.19" is not supported as of right now._

### How tags and node versions are released in the workflow

The workflow for the base image tags is closely linked to the Node.js version used in the image. Here's a simple breakdown of how it works:

**Major Version Tag:** The image will either grab the latest available version of a specific major Node.js release from the node alpine image(e.g., Node 18) or it will be pinned to the latest node version that is compatible with the base image. This image is tagged with the major version number (e.g., 18). So in some cases this version will be pinned and not completely up to date with a node release. This tag is always overwritten on release.

**Major-Minor Version Tag:** Next, it will retag and include both the major and minor version numbers (e.g., 18.14). This tag is updated to reflect the latest minor release within the specified major version. This tag will get overwritten in the case of a node-base change or if a new patch is relased for this minor version of node.

**Major-Minor-Patch Version Tag:** Finally, the image will be re-tagged again with the complete version number, including the major, minor, and patch versions (e.g., 18.14.2). This tag points to a specific version of the Node.js release. This image only gets overwritten on a change to the node-base image that isn't node version related.

The build and publishing is done by Github Actions.