Here's my workflow file:
name: Build Pipeline
on: push
env:
NODE_VERSION: 11
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- uses: actions/setup-node#v2
with:
node-version: ${{ env.NODE_VERSION }}
- id: cache-node-modules
uses: actions/cache#v2
with:
path: ${{ github.workspace }}/node_modules
key: node_modules-${{ hashFiles('package-lock.json') }}
restore-keys: node_modules
- uses: actions/cache#v2
with:
path: ${{ github.workspace }}/build
key: build-${{ github.sha }}
restore-keys: build
- if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: npm install
- run: npm run build -- --incremental
npm-scripts:
needs: [build]
runs-on: ubuntu-latest
strategy:
matrix:
script: ['lint:pipeline', 'lint:exports', 'i18n:pipeline', 'schema:validate']
steps:
- uses: actions/checkout#v2
- uses: actions/setup-node#v2
with:
node-version: ${{ env.NODE_VERSION }}
- id: cache-node-modules
uses: actions/cache#v2
with:
path: ${{ github.workspace }}/node_modules
key: node_modules-${{ hashFiles('package-lock.json') }}
- if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: |
echo 'Expected to have a cache hit for "node_modules", since this job runs after the "build" job, which caches the latest version of "node_modules". Not having a cache hit means probably there is a bug with the workflow file.'
exit 1
- id: cache-build-output
uses: actions/cache#v2
with:
path: ${{ github.workspace }}/build
key: build-${{ github.sha }}
- if: steps.cache-build-output.outputs.cache-hit != 'true'
run: |
echo 'Expected to have a cache hit for the build output folder, since this job runs after the "build" job, which caches the latest version of the "build" folder. Not having a cache hit means probably there is a bug with the workflow file.'
exit 1
- run: npm run ${{ matrix.script }}
jest-tests:
needs: [build]
runs-on: ubuntu-latest
container: node:11
services:
postgres:
image: postgres
env:
POSTGRES_DB: localhost
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
redis:
image: redis
steps:
- uses: actions/checkout#v2
- id: cache-node-modules
uses: actions/cache#v2
with:
path: ${{ github.workspace }}/node_modules
key: node_modules-${{ hashFiles('package-lock.json') }}
- if: steps.cache-node-modules.outputs.cache-hit != 'true'
run: |
echo 'Expected to have a cache hit for "node_modules", since this job runs after the "build" job, which caches the latest version of "node_modules". Not having a cache hit means probably there is a bug with the workflow file.'
exit 1
- id: cache-build-output
uses: actions/cache#v2
with:
path: ${{ github.workspace }}/build
key: build-${{ github.sha }}
- if: steps.cache-build-output.outputs.cache-hit != 'true'
run: |
echo 'Expected to have a cache hit for the build output folder, since this job runs after the "build" job, which caches the latest version of the "build" folder. Not having a cache hit means probably there is a bug with the workflow file.'
exit 1
- run: echo
node_modules and build folders are cached in the build job. These caches are able to be restored without a problem in the npm-scripts job. However, they are not able to be restored in the jest-tests job, where it gets a Cache not found for input keys error.
I don't know how this is possible, since the exact same cache keys are able to be restored without a problem in all of the npm-scripts jobs.
When I remove the:
container: node:11
services:
postgres:
image: postgres
env:
POSTGRES_DB: localhost
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
redis:
image: redis
part (and hence let the job run on ubuntu-latest, instead of a Docker container), the cache is able to be restored again properly. So not sure what's going on here.
It seems that the #actions/cache job silently fails if there is no zstd binary available in the PATH in the container that you are running in. This may be the case for your Node container.
I found this out by setting ACTIONS_STEP_DEBUG to true in the repository secrets. The debug log shows that the action tries to run zstd and can't, but it is instead reported as a cache miss. Once I figured that out, I found that there is a bug report open for it: https://github.com/actions/cache/issues/580
It is a weird bug. The workaround that I found is not running the jest-tests job in a container. That is, running the jest-tests job in a regular, ubuntu-latest machine, and mapping the service container ports like:
jest-tests:
needs: [build]
runs-on: ubuntu-latest
services:
postgres:
image: postgres
ports:
- 5432:5432
env:
POSTGRES_DB: localhost
POSTGRES_USER: postgres
POSTGRES_PASSWORD: password
redis:
image: redis
ports:
- 6379:6379
I'm using a custom image and just by adding zstd package to the image, it made the action/cache to work.
Related
I would like to know how I can share service containers between jobs in GitHub Actions. With this workflow currently the containers get destroyed after the build step.
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
RAILS_ENV: test
RACK_ENV: test
RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
POSTGRES_PASSWORD: postgres15
POSTGRES_USERNAME: postgres
POSTGRES_HOST: localhost
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout#v3
- name: Initialize Ruby
uses: ruby/setup-ruby#v1
with:
bundler-cache: true
- name: Setup Rails
run: bin/setup
services:
postgres:
image: postgres:15.1-alpine
ports:
- 5432:5432
env:
POSTGRES_PASSWORD: ${{ env.POSTGRES_PASSWORD }}
POSTGRES_USER: ${{ env.POSTGRES_USERNAME }}
# needed because the postgres container does not provide a healthcheck
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
test:
runs-on: ubuntu-latest
needs: [ build ]
steps:
- name: Lint Ruby
run: bundle exec rubocop
- name: Run tests
run: bin/rails test:all
coverage:
runs-on: ubuntu-latest
needs: [ build, test ]
steps:
- uses: joshmfrankel/simplecov-check-action#main
with:
minimum_suite_coverage: 98
minimum_file_coverage: 90
github_token: ${{ secrets.GITHUB_TOKEN }}
check_job_name: coverage
As per the documentation, you cannot share service containers across jobs.
https://docs.github.com/en/actions/using-containerized-services/about-service-containers
You can configure service containers for each job in a workflow. GitHub creates a fresh Docker container for each service configured in the workflow, and destroys the service container when the job completes. Steps in a job can communicate with all service containers that are part of the same job. However, you cannot create and use service containers inside a composite action.
I have a problem. I am starting to work with Github Actions, and I got a working pipeline where I am trying to:
Build the docker application
Run the tests
Publish to docker repository
But the test running and publishing are 2 separate jobs, so I am building the image twice. Here is the workflow code:
name: Test & Publish Docker Image
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
run_application_tests:
name: Run test suite
runs-on: ubuntu-latest
env:
COMPOSE_FILE: docker-compose.yml
DOCKER_USER: ${{ secrets.DOCKER_USER }}
DOCKER_PASS: ${{ secrets.DOCKER_PASS }}
steps:
- name: Checkout code
uses: actions/checkout#v3
- name: Login To Docker Hub
uses: docker/login-action#v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and run docker image
run: docker-compose up -d --build
- name: Run migrations
run: make migrate
- name: Run tests
run: make test
build_and_publish_docker_image:
needs: run_application_tests
name: Build & Publish Docker Images
runs-on: ubuntu-latest
steps:
- name: Checkout The Repo
uses: actions/checkout#v3
- name: Login To Docker Hub
uses: docker/login-action#v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build & Push Docker Image
uses: docker/build-push-action#v3
with:
push: true
tags: |
me/image:latest
me/image:${{ github.sha }}
The docker image is a Ruby-On-Rails application so the bundle install takes very long. Each build takes about 2-3 minutes.
I also tried adding:
cache-from: type=gha
cache-to: type=gha,mode=max
To the docker/build-push-action#v3, but that resulted in:
Error: buildx failed with: ERROR: cache export feature is currently not supported for docker driver. Please switch to a different driver (eg. "docker buildx create --use")
What can I change to improve this pipeline time based?
in your job run_application_tests you have this code:
- name: Login To Docker Hub
uses: docker/login-action#v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and run docker image
run: docker-compose up -d --build
this code runs docker-compose why?
this is how your code should be if you want to run tests only:
jobs:
run_application_tests:
name: Run test suite
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout#v3
- name: Run migrations
run: make migrate
- name: Run tests
run: make test
Hi every one I have a problem when I executed my ci with github actions I received this problem.
Retrying download gem from https://gems.contribsys.com/ due to error (2/4): Gem::RemoteFetcher::FetchError bad response Unauthorized 401
this is my .yml file to github actions
jobs:
test:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:13-alpine
ports:
- "5432:5432"
options:
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
env:
POSTGRES_DB: rails_test
env:
RAILS_ENV: test
DATABASE_URL: "postgres://rails:password#localhost:5432/rails_test"
SIDEKIQ_PRO_USER: ${{ secrets.SIDEKIQ_PRO_USER }}
SIDEKIQ_PRO_PWD: ${{ secrets.SIDEKIQ_PRO_PWD }}
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout#v3
- name: Install Ruby and gems
uses: ruby/setup-ruby#8f312efe1262fb463d906e9bf040319394c18d3e # v1.92
with:
bundler-cache: true
# Add or replace any other lints here
- name: Security audit dependencies
run: bin/bundler-audit --update |
bundle config gems.contribsys.com ${secrets.SIDEKIQ_PRO_USER}:${ secrets.SIDEKIQ_PRO_PWD }
- name: Security audit application code
run: bin/brakeman -q -w2
- name: Lint Ruby files
run: bin/rubocop --parallel
in my gemfile I put this
gem 'sidekiq-pro', '~> 5.3', source: 'https://gems.contribsys.com'
For other hands, how I can print my ENV in console of github actions , I am not sure if the variable that I set is filled , any ideas?
I'm new to Docker and trying to perform CI using GitHub Actions.
Here's my .yml file on GitHub.
name: CI to Docker Hub
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Check Out Repo
uses: actions/checkout#v2
- name: Login to Docker Hub
uses: docker/login-action#v1
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action#v1
- name: Build and push
id: docker_build
uses: docker/build-push-action#v2
with:
context: .
file: ./Dockerfile
push: true
tags: your-order-backend:latest
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
I have added Secrets in my Github too of Docker Hub.
I'm not sure why, but it is failing at > exporting to image:
It is resloved!
In my case, there was no repo in the Docker Hub created whose tag I have passed here in the yml file.
I created the repo and it worked
for me I fixed it by changing "push: true" to "load: true"
In my case, Id needed to create the repo in dockerhub as in the response of Sagar, but the problem still were there. I'd recognized I was passing the tags incorrectly, fix it and the problem was gone. (You can See the official examples)
Before:
tags: ${{ github.sha }}, latest
After (correctly):
tags: |
henriqueholtz/fullcycle-gitops:${{ github.sha }}
henriqueholtz/fullcycle-gitops:latest
I don't know how to run a cached Docker image in Github Actions.
I've followed a tutorial about Publishing Docker images to implement a task that would cache, build and push Docker image to a DockerHub.
I need to build, cache and run the image, the image publishing is optional.
My goal is to speed up CI workflow.
Here is the Github Actions workflow:
name: CI
# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the master branch
push:
branches: [ master ]
pull_request:
branches: [ master ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Check Out Repo
uses: actions/checkout#v2
with:
fetch-depth: 0
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action#v1
- name: Cache Docker layers
uses: actions/cache#v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Login to Docker Hub
uses: docker/login-action#v1
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Build and push
id: docker_build
uses: docker/build-push-action#v2
with:
context: ./
file: ./Dockerfile
builder: ${{ steps.buildx.outputs.name }}
push: true
tags: ivan123123/c_matrix_library:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
#- name: Run Docker container
# run: ???
# Upload gcovr code coverage report
- name: Upload GCC Code Coverage Report
uses: actions/upload-artifact#v2
with:
name: coveragereport
path: ./builddir/meson-logs/coveragereport/
- name: Upload code coverage reports to codecov.io page
run: bash <(curl -s https://codecov.io/bash)
Edit:
I've found no solution to running cached Docker image, but I have managed to build cached image every time I run CI workflow with docker/setup-buildx-action#v1 action. Because the image is cached, we don't need to download every Docker image dependencies thus saving time from 3 minutes originally to only 40 seconds.
Below is the Github Actions workflow:
name: CI
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Check Out Repo
uses: actions/checkout#v2
with:
fetch-depth: 0
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action#v1
- name: Cache register
uses: actions/cache#v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ hashFiles('**/Dockerfile') }}
- name: Build Docker image
uses: docker/build-push-action#v2
with:
context: ./
file: ./Dockerfile
builder: ${{ steps.buildx.outputs.name }}
load: true
tags: c_matrix_library:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
- name: Run Docker container
run: docker run -v "$(pwd):/app" c_matrix_library:latest
If you want to cache a published Docker image that lives in the Docker Repository, you can do:
- name: Restore MySQL Image Cache if it exists
id: cache-docker-mysql
uses: actions/cache#v3
with:
path: ci/cache/docker/mysql
key: cache-docker-mysql-5.7
- name: Update MySQL Image Cache if cache miss
if: steps.cache-docker-mysql.outputs.cache-hit != 'true'
run: docker pull mysql:5.7 && mkdir -p ci/cache/docker/mysql && docker image save mysql:5.7 --output ./ci/cache/docker/mysql/mysql-5.7.tar
- name: Use MySQL Image Cache if cache hit
if: steps.cache-docker-mysql.outputs.cache-hit == 'true'
run: docker image load --input ./ci/cache/docker/mysql/mysql-5.7.tar
- name: Start containers
run: docker compose up -d
When docker compose up runs, if a service uses the Docker image mysql:5.7 image, it's going to skip downloading it.
This might not fully answer you question since I think there is no actual way of running your cached image.
But you can speed up your build using Github's cache, I have posted a complete tutorial about this that you can read here
Summarizing you can setup Docker buildx and then use GH cache
with build-push-action:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action#v1
- name: Build and push
uses: docker/build-push-action#v2
with:
context: .
file: ./Dockerfile
push: true
tags: ivan123123/c_matrix_library:latest
cache-from: type=gha
cache-to: type=gha
Edit
Just found a reference in build-push action that might be useful to you:
https://github.com/docker/build-push-action/blob/master/docs/advanced/share-image-jobs.md
This question is a bit old now, but I've found the documented way of running a built image from the docker/build-push-action in a subsequent step. In short, you have to set up a local registry.
The yaml below has been directly copy + pasted from here.
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout#v3
-
name: Set up QEMU
uses: docker/setup-qemu-action#v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action#v2
with:
driver-opts: network=host
-
name: Build and push to local registry
uses: docker/build-push-action#v3
with:
context: .
push: true
tags: localhost:5000/name/app:latest
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest
Edit:
As mentioned by Romain in the comments. The initial solution will pull the image at the beginning of the workflow and as such will not use the image that is built during the workflow. The only solution seem to be running docker run yourself in the step:
- name: Run my docker image
run: >
docker run -t ivan123123/c_matrix_library:latest
...
On a side note. Using this solution might get a bit complicated if you use services in your job. In which case, the networking between your container and the service containers will be troublesome
Original answer:
To run the image you can use the following:
- name: Run my docker image
uses: docker://ivan123123/c_matrix_library:latest
with:
entrypoint: ...
args: ...
The entrypoint and args are optional. You can find more info here. One limitation though is that you can use any variable or context in the uses field. You can only hardcode the name and tag of the image.