ref(build)!: use official lightwallted image for CI (#8323)

2024-02-29 15:50:50 +00:00 · 2024-02-29 15:50:50 +00:00 · 56fca2c9ee
parent 6a6f2865d3
commit 56fca2c9ee
5 changed files with 1 additions and 232 deletions
--- a/.github/workflows/chore-delete-gcp-resources.yml
+++ b/.github/workflows/chore-delete-gcp-resources.yml
@ -136,6 +136,5 @@ jobs:
        with:
          args: >-
            -repo=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra/zebrad-test
            -repo=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra/lightwalletd
            -grace=${{ env.DELETE_IMAGE_HOURS }}
            -keep=${{ env.KEEP_LATEST_IMAGE_COUNT }}
--- a/.github/workflows/sub-build-lightwalletd.patch.yml
+++ b/.github/workflows/sub-build-lightwalletd.patch.yml
@ -1,20 +0,0 @@
 name: Build lightwalletd
 # When the real job doesn't run because the files aren't changed,
 # run a fake CI job to satisfy the branch protection rules.
 on:
  pull_request:
    paths-ignore:
      - 'zebra-rpc/**'
      - 'zebrad/tests/acceptance.rs'
      - 'zebrad/src/config.rs'
      - 'zebrad/src/commands/start.rs'
      - 'docker/zcash-lightwalletd/Dockerfile'
      - '.github/workflows/sub-build-lightwalletd.yml'
 jobs:
  build:
    name: Build lightwalletd Docker
    runs-on: ubuntu-latest
    steps:
      - run: 'echo "No build required"'
--- a/.github/workflows/sub-build-lightwalletd.yml
+++ b/.github/workflows/sub-build-lightwalletd.yml
@ -1,149 +0,0 @@
 # TODO: we should stop using this build approach with lightwalletd and move to using our
 # reusable workflow to building all the docker images of our repo 
 name: Build lightwalletd
 # Ensures that only one workflow task will run at a time. Previous builds, if
 # already in process, will get cancelled. Only the latest commit will be allowed
 # to run, cancelling any workflows in between
 #
 # Cancelling old jobs is the most efficient approach, because the workflow is quick.
 concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true
 on:
  workflow_dispatch:
  # Update the lightwalletd image when related changes merge to the `zebra/main` branch
  push:
    branches:
      - 'main'
    paths:
      # rebuild lightwalletd whenever the related Zebra code changes
      #
      # TODO: this code isn't compiled in this docker image
      #       rebuild whenever the actual code at lightwalletd/master changes
      - 'zebra-rpc/**'
      - 'zebrad/tests/acceptance.rs'
      - 'zebrad/src/config.rs'
      - 'zebrad/src/commands/start.rs'
      # these workflow definitions actually change the docker image
      - 'docker/zcash-lightwalletd/Dockerfile'
      - '.github/workflows/sub-build-lightwalletd.yml'
  # Update the lightwalletd image when each related PR changes
  pull_request:
    paths:
      # rebuild lightwalletd whenever the related Zebra code changes
      # (this code isn't actually compiled in this docker image)
      - 'zebra-rpc/**'
      - 'zebrad/tests/acceptance.rs'
      - 'zebrad/src/config.rs'
      - 'zebrad/src/commands/start.rs'
      # these workflow definitions actually change the docker image
      - 'docker/zcash-lightwalletd/Dockerfile'
      - '.github/workflows/sub-build-lightwalletd.yml'
 env:
  IMAGE_NAME: lightwalletd
 jobs:
  build:
    name: Build lightwalletd Docker
    runs-on: ubuntu-latest
    permissions:
      contents: 'read'
      id-token: 'write'
    steps:
      - uses: actions/checkout@v4.1.1
        with:
          # Note: check service.proto when modifying lightwalletd repo
          repository: zcash/lightwalletd
          ref: 'v0.4.16'
          persist-credentials: false
      - uses: actions/checkout@v4.1.1
        with:
          path: zebra
          persist-credentials: false
      - name: Inject slug/short variables
        uses: rlespinasse/github-slug-action@v4
        with:
          short-length: 7
      # Automatic tag management and OCI Image Format Specification for labels
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5.5.1
        with:
          # list of Docker images to use as base name for tags
          images: |
            us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra/${{ env.IMAGE_NAME }}
          # generate Docker tags based on the following events/attributes
          # set latest tag for default branch
          tags: |
            type=schedule
            # semver and ref,tag automatically add a "latest" tag, but only on stable releases
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}
            type=ref,event=tag
            type=ref,event=branch
            type=ref,event=pr
            type=sha
            # edge is the latest commit on the default branch.
            type=edge,enable={{is_default_branch}}
      - name: Set up QEMU
        id: qemu
        uses: docker/setup-qemu-action@v3
        with:
          image: tonistiigi/binfmt:latest
          platforms: all
      # Setup Docker Buildx to allow use of docker cache layers from GH
      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v3
      # Setup gcloud CLI
      - name: Authenticate to Google Cloud
        id: auth
        uses: google-github-actions/auth@v2.1.1
        with:
          retries: '3'
          workload_identity_provider: '${{ vars.GCP_WIF }}'
          service_account: '${{ vars.GCP_ARTIFACTS_SA }}'
          token_format: 'access_token'
      - name: Set up Cloud SDK
        uses: google-github-actions/setup-gcloud@v2.1.0
      - name: Login to Google Artifact Registry
        uses: docker/login-action@v3.0.0
        with:
          registry: us-docker.pkg.dev
          username: oauth2accesstoken
          password: ${{ steps.auth.outputs.access_token }}
      # Build and push image to Google Artifact Registry
      - name: Build & push
        id: docker_build
        uses: docker/build-push-action@v5.1.0
        with:
          target: build
          context: .
          file: ./zebra/docker/zcash-lightwalletd/Dockerfile
          platforms: |
            linux/amd64
            linux/arm64
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          push: true
          cache-from: |
            type=registry,ref=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra-caching/${{ env.IMAGE_NAME }}:${{ env.GITHUB_REF_SLUG_URL }}-cache
            type=registry,ref=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra-caching/${{ env.IMAGE_NAME }}:main-cache
          cache-to: |
            type=registry,ref=us-docker.pkg.dev/${{ vars.GCP_PROJECT }}/zebra-caching/${{ env.IMAGE_NAME }}:${{ env.GITHUB_REF_SLUG_URL }}-cache,mode=max
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -98,7 +98,7 @@ ENV CARGO_HOME="/opt/zebrad/.cargo/"
 # An entrypoint.sh is only available in this step for easier test handling with variables.
 FROM deps AS tests
-COPY --from=us-docker.pkg.dev/zfnd-dev-zebra/zebra/lightwalletd:edge /opt/lightwalletd /usr/local/bin
+COPY --from=electriccoinco/lightwalletd:latest /usr/local/bin/lightwalletd /usr/local/bin/
 # cargo uses timestamps for its cache, so they need to be in this order:
 # unmodified source files < previous build cache < modified source files
--- a/docker/zcash-lightwalletd/Dockerfile
+++ b/docker/zcash-lightwalletd/Dockerfile
@ -1,61 +0,0 @@
 ARG ZCASHD_CONF_PATH=/etc/zcash.conf
 ARG LWD_GRPC_PORT=9067
 ARG LWD_HTTP_PORT=9068
 ##
 ## Build
 ##
 FROM golang:1.17 AS build
 # Create and change to the app directory.
 WORKDIR /app
 # Retrieve application dependencies.
 # This allows the container build to reuse cached dependencies.
 # Expecting to copy go.mod and if present go.sum.
 COPY go.mod ./
 COPY go.sum ./
 # Do not use `go get` as it updates the requirements listed in your go.mod file.
 # `go mod download` does not add new requirements or update existing requirements.
 RUN go mod download
 # Copy local code to the container image.
 COPY . ./
 # Build and install the binary.
 RUN go build -v -o /opt/lightwalletd
 ARG ZCASHD_CONF_PATH
 RUN set -ex; \
  { \
    echo "rpcuser=zcashrpc"; \
    echo "rpcpassword=`head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo ''`" \
    echo "rpcbind=127.0.0.1"; \
    echo "rpcport=8232"; \
  } > "${ZCASHD_CONF_PATH}"
 ENTRYPOINT ["/opt/lightwalletd"]
 CMD ["--no-tls-very-insecure", "--grpc-bind-addr=0.0.0.0:9067",  "--http-bind-addr=0.0.0.0:9068", "--log-file=/dev/stdout", "--log-level=7"]
 ##
 ## Deploy
 ##
 FROM debian:bookworm-slim as runtime
 ARG ZCASHD_CONF_PATH
 # Maintain backward compatibility with mainstream repo using this ARGs in docker-compose
 ARG LWD_GRPC_PORT
 ARG LWD_HTTP_PORT
 WORKDIR /
 COPY --from=build /opt/lightwalletd /usr/local/bin
 COPY --from=build $ZCASHD_CONF_PATH ./
 EXPOSE 9067
 EXPOSE 9068
 ENTRYPOINT ["lightwalletd"]
 CMD ["--no-tls-very-insecure", "--grpc-bind-addr=0.0.0.0:9067",  "--http-bind-addr=0.0.0.0:9068", "--log-file=/dev/stdout", "--log-level=7"]