Merge 5f835a19e0 into d84d7356dd

2024-04-27 02:05:47 -05:00 · 2024-04-27 02:05:47 -05:00 · 649738d66f
parent d84d7356dd 5f835a19e0
commit 649738d66f
4 changed files with 19 additions and 23 deletions
--- a/.github/workflows/cd-deploy-nodes-gcp.yml
+++ b/.github/workflows/cd-deploy-nodes-gcp.yml
@ -136,6 +136,8 @@ jobs:
      image_name: zebrad
      no_cache: ${{ inputs.no_cache || false }}
      rust_log: info
+    # This step needs access to Docker Hub secrets to run successfully
+    secrets: inherit

  # Test that Zebra works using the default config with the latest Zebra version.
  test-configuration-file:
--- a/.github/workflows/ci-integration-tests-gcp.yml
+++ b/.github/workflows/ci-integration-tests-gcp.yml
@ -149,6 +149,9 @@ jobs:
      rust_backtrace: full
      rust_lib_backtrace: full
      rust_log: info
+    # This step needs access to Docker Hub secrets to run successfully
+    secrets: inherit
+

  # zebrad cached checkpoint state tests

--- a/.github/workflows/ci-unit-tests-docker.yml
+++ b/.github/workflows/ci-unit-tests-docker.yml
@ -111,6 +111,8 @@ jobs:
      rust_backtrace: full
      rust_lib_backtrace: full
      rust_log: info
+    # This step needs access to Docker Hub secrets to run successfully
+    secrets: inherit

  # Run all the zebra tests, including tests that are ignored by default.
  #
--- a/.github/workflows/sub-build-docker-image.yml
+++ b/.github/workflows/sub-build-docker-image.yml
@ -68,7 +68,7 @@ jobs:
  build:
    name: Build images
    timeout-minutes: 210
-    runs-on: ubuntu-latest-xl
+    runs-on: ubuntu-latest
    outputs:
      image_digest: ${{ steps.docker_build.outputs.digest }}
      image_name: ${{ fromJSON(steps.docker_build.outputs.metadata)['image.name'] }}
@ -92,6 +92,8 @@ jobs:
        uses: docker/metadata-action@v5.5.1
        with:
          # list of Docker images to use as base name for tags
+          # We only publish images to DockerHub if a release is not a pre-release
+          # Ref: https://github.com/orgs/community/discussions/26281#discussioncomment-3251177
          images: |
            us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra/${{ inputs.image_name }}
            zfnd/${{ inputs.image_name }},enable=${{ github.event_name == 'release' && !github.event.release.prerelease }}
@ -118,11 +120,6 @@ jobs:
            type=edge,enable={{is_default_branch}}
            type=schedule

-      # Setup Docker Buildx to allow use of docker cache layers from GH
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v3
-
      - name: Authenticate to Google Cloud
        id: auth
        uses: google-github-actions/auth@v2.1.2
@ -144,14 +141,20 @@ jobs:
          password: ${{ steps.auth.outputs.access_token }}

      - name: Login to DockerHub
-        # We only publish images to DockerHub if a release is not a pre-release
-        # Ref: https://github.com/orgs/community/discussions/26281#discussioncomment-3251177
-        if: ${{ github.event_name == 'release' && !github.event.release.prerelease }}
        uses: docker/login-action@v3.1.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

+      # Setup Docker Buildx to use Docker Build Cloud
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          version: "lab:latest"
+          driver: cloud
+          endpoint: "zfnd/zebra"
+
      # Build and push image to Google Artifact Registry, and possibly DockerHub
      - name: Build & push
        id: docker_build
@ -171,17 +174,3 @@ jobs:
          # Don't read from the cache if the caller disabled it.
          # https://docs.docker.com/engine/reference/commandline/buildx_build/#options
          no-cache: ${{ inputs.no_cache }}
-          # To improve build speeds, for each branch we push an additional image to the registry,
-          # to be used as the caching layer, using the `max` caching mode.
-          #
-          # We use multiple cache sources to confirm a cache hit, starting from a per-branch cache.
-          # If there's no hit, we continue with a `main` branch cache, which helps us avoid
-          # rebuilding cargo-chef, most dependencies, and possibly some Zebra crates.
-          #
-          # The caches are tried in top-down order, the first available cache is used:
-          # https://github.com/moby/moby/pull/26839#issuecomment-277383550
-          cache-from: |
-            type=registry,ref=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra-caching/${{ inputs.image_name }}${{ inputs.tag_suffix }}:${{ env.GITHUB_REF_SLUG_URL }}-cache
-            type=registry,ref=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra-caching/${{ inputs.image_name }}${{ inputs.tag_suffix }}:main-cache
-          cache-to: |
-            type=registry,ref=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra-caching/${{ inputs.image_name }}${{ inputs.tag_suffix }}:${{ env.GITHUB_REF_SLUG_URL }}-cache,mode=max