I am trying to optimise my cicd deployment workflow for android and ios with cache but I have a problem with the cache path. When not caching the workflow works well but when caching, the fastlane action doesn't find flutter or pods and I get errors like "error: /Users/runner/work/xxx/xxx/ios/Flutter/Release.xcconfig:1: could not find included file 'Pods/Target Support Files/Pods-Runner/Pods-Runner.release.xcconfig' in search paths (in target 'Runner' from project 'Runner')"
name: Deploy staging
on:
workflow_dispatch:
inputs:
lane:
description: "Staging lane to use : alpha or beta"
required: true
default: "alpha"
jobs:
deploy-to-ios:
runs-on: macos-latest
timeout-minutes: 30
steps:
- name: Checkout
uses: actions/checkout#v2
- name: Setup Flutter Cache
id: cache-flutter
uses: actions/cache#v2
with:
path: /Users/runner/hostedtoolcache/flutter
key: ${{ runner.os }}-flutter
restore-keys: |
${{ runner.os }}-flutter-
- name: Setup Flutter
uses: subosito/flutter-action#v1
if: steps.cache-flutter.outputs.cache-hit != 'true'
with:
channel: "stable"
- name: Setup Pods Cache
id: cache-pods
uses: actions/cache#v2
with:
path: Pods
key: ${{ runner.os }}-pods-${{ hashFiles('ios/Podfile.lock') }}
restore-keys: |
${{ runner.os }}-pods-
- name: Setup Pods
if: steps.cache-pods.outputs.cache-hit != 'true'
run: |
cd ios/
flutter pub get
pod install
# Setup Ruby, Bundler, and Gemfile dependencies
- name: Setup Ruby
uses: ruby/setup-ruby#v1
with:
ruby-version: "2.7.4"
bundler-cache: true
working-directory: ios
- name: Setup Fastlane Cache
id: cache-fastlane
uses: actions/cache#v2
with:
path: ./vendor/bundle
key: ${{ runner.os }}-fastlane-${{ hashFiles('ios/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-fastlane-
- name: Setup Fastlane
if: steps.cache-fastlane.outputs.cache-hit != 'true'
run: gem install fastlane
- name: Build and deploy with Fastlane 🚀
run: bundle exec fastlane ${{ github.event.inputs.lane || 'beta' }}
env:
MATCH_GIT_BASIC_AUTHORIZATION: ${{ secrets.MATCH_GIT_BASIC_AUTHORIZATION }}
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
APP_STORE_CONNECT_API_KEY_KEY_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_KEY_ID }}
APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ISSUER_ID }}
APP_STORE_CONNECT_API_KEY_KEY: ${{ secrets.APP_STORE_CONNECT_API_KEY_KEY }}
working-directory: ios
Any idea how to find the path used in fastlane for flutter and pods and cache the files there so they are found ?
Related
I'm trying to setup scheduled container rebuilds on my latest release (git tag).
I'm already building containers on main branch and version tags, but i'd like to expand the version tags to be a scheduled rebuild to pickup base image security updates. I can't figure out how to do scheduled actions on only the latest tag.
Suggestions welcome. My example repository is github.com/ruckc/container-openldap. I reuse this same workflow frequently, and just trying to improve it to handle base image updates.
on:
push:
branches: ['main']
tags:
- 'v*'
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.actor }}/openldap
jobs:
build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout#v2
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action#v2
with:
platforms: arm64,amd64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action#v2
- name: Log in to the Container registry
uses: docker/login-action#v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action#v4
with:
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern=version
type=semver,pattern={{major}}.{{minor}}
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and push Docker image
uses: docker/build-push-action#v3
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/arm64,linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
I m running jobs on Mac-os-11. I have integrated the SwiftLint locally as well and that is working fine. But When someone raise the pr I need to run the SwiftLint on GitHub actions. How can I do that. Below is the current yml file for actions.
name: Build & Test
on:
# Run tests when PRs are created or updated
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
env:
# Defines the Xcode version
DEVELOPER_DIR: /Applications/Xcode_13.0.app/Contents/Developer
FETCH_DEPTH: 0
RUBY_VERSION: 2.7.1
defaults:
run:
shell: bash
jobs:
test:
name: Build & Test
if: ${{ github.event.pull_request.draft == false }}
runs-on: macos-11
steps:
- name: Checkout Project
uses: actions/checkout#v2.3.4
with:
fetch-depth: ${{ env.FETCH_DEPTH }}
- name: Restore Gem Cache
uses: actions/cache#v2.1.3
with:
path: vendor/bundle
key: ${{ runner.os }}-gem-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: ${{ runner.os }}-gem-
- name: Restore Pod Cache
uses: actions/cache#v2.1.3
with:
path: Pods
key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }}
restore-keys: ${{ runner.os }}-pods-
- name: Setup Ruby
uses: ruby/setup-ruby#v1.51.1
with:
bundler-cache: true
ruby-version: ${{ env.RUBY_VERSION }}
SwiftLint is working fine locally, But when I raise the pull request no SwiftLint warning are coming.
I am using this step:
- name: Lint
run: |
set -o pipefail
swiftlint lint --strict --quiet | sed -E 's/^(.*):([0-9]+):([0-9]+): (warning|error|[^:]+): (.*)/::\4 title=Lint error,file=\1,line=\2,col=\3::\5\n\1:\2:\3/'
It parses swiftlint warnings and errors into GitHub annotations which are visible in summary straight away.
I am trying to stop my github CI from failing completely in case the build of a multi-arch docker images is successful for at least on architecture such that the successful builds of the those architectures are still pushed to docker hub. What I do so far:
name: 'build images'
on:
push:
branches:
- master
tags:
- '*'
schedule:
- cron: '0 4 1 * *'
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout#v2
- name: Prepare
id: prep
run: |
DOCKER_IMAGE=${{ secrets.DOCKER_USERNAME }}/${GITHUB_REPOSITORY#*/}
VERSION=latest
# If this is git tag, use the tag name as a docker tag
if [[ $GITHUB_REF == refs/tags/* ]]; then
VERSION="${GITHUB_REF#refs/tags/v}"
fi
TAGS="${DOCKER_IMAGE}:${VERSION}"
# If the VERSION looks like a version number, assume that
# this is the most recent version of the image and also
# tag it 'latest'.
if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
TAGS="$TAGS,${DOCKER_IMAGE}:latest"
fi
# Set output parameters.
echo ::set-output name=tags::${TAGS}
echo ::set-output name=docker_image::${DOCKER_IMAGE}
- name: Set up QEMU
uses: docker/setup-qemu-action#v1
with:
platforms: all
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action#v1
- name: Inspect builder
run: |
echo "Name: ${{ steps.buildx.outputs.name }}"
echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}"
echo "Status: ${{ steps.buildx.outputs.status }}"
echo "Flags: ${{ steps.buildx.outputs.flags }}"
echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action#v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build
uses: docker/build-push-action#v2
with:
builder: ${{ steps.buildx.outputs.name }}
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64,linux/arm/v7
push: true
tags: ${{ steps.prep.outputs.tags }}
- name: Sync
uses: ms-jpq/sync-dockerhub-readme#v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
repository: xx/yy
readme: "./README.md"
What I also did is: create this CI for each architecture individually with an own architecture tag but that way, I do not have a "multi-arch" tag..
I would like to semantic versioning my docker images which are built and pushed to GitHub Container Registry by the GitHub Action.
I found a satisfying solution here: https://stackoverflow.com/a/69059228/12877180
According to the solution I reproduced the following YAML.
name: Docker CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
REGISTRY: ghcr.io
jobs:
build-push:
# needs: build-test
name: Buid and push Docker image to GitHub Container registry
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Checkout the repository
uses: actions/checkout#v2
- name: Login to GitHub Container registry
uses: docker/login-action#v1
env:
USERNAME: ${{ github.actor }}
PASSWORD: ${{ secrets.GITHUB_TOKEN }}
with:
registry: ${{ env.REGISTRY }}
username: ${{ env.USERNAME }}
password: ${{ env.PASSWORD }}
- name: Get lowercase repository name
run: |
echo "IMAGE=${REPOSITORY,,}">>${GITHUB_ENV}
env:
REPOSITORY: ${{ env.REGISTRY }}/${{ github.repository }}
- name: Build and export the image to Docker
uses: docker/build-push-action#v2
with:
context: .
file: ./docker/Dockerfile
target: final
push: true
tags: |
${{ env.IMAGE }}:${{ secrets.MAJOR }}.${{ secrets.MINOR }}
build-args: |
ENVIRONMENT=production
- name: Update Patch version
uses: hmanzur/actions-set-secret#v2.0.0
with:
name: 'MINOR'
value: $((${{ secrets.MINOR }} + 1))
repository: ${{ github.repository }}
token: ${{ secrets.GH_PAT }}
Unfortunately this does not work.
The initial value of the MINOR secret is 0. If the build-push job is executed very first time, the docker image is perfectly pushed to the GHCR with the ghcr.io/my-org/my-repo:0.0 syntax.
The purpose of the build-push job is then increment the MINOR secret by 1.
If the action job build-push is executed again after new event, I get error while trying to build docker image using the incremented tag.
/usr/bin/docker buildx build --build-arg ENVIRONMENT=production --tag ghcr.io/my-org/my-repo:***.*** --target final --iidfile /tmp/docker-build-push-HgjJR7/iidfile --metadata-file /tmp/docker-build-push-HgjJR7/metadata-file --file ./docker/Dockerfile --push .
error: invalid tag "ghcr.io/my-org/my-repo:***.***": invalid reference format
Error: buildx failed with: error: invalid tag "ghcr.io/my-org/my-repo:***.***": invalid reference format
You need to increment the version in a bash command like this:
- name: Autoincrement a new patch version
run: |
echo "NEW_PATCH_VERSION=$((${{ env.PATCH_VERSION }}+1))" >> $GITHUB_ENV
- name: Update patch version
uses: hmanzur/actions-set-secret#v2.0.0
with:
name: 'PATCH_VERSION'
value: ${{ env.NEW_PATCH_VERSION }}
repository: ${{ github.repository }}
token: ${{ secrets.REPO_ACCESS_TOKEN }}
I'm trying to deploy my repository to a private Docker registry on every new release and everything works except for the version tagging. No matter what I've tried ${{ github.event.release.tag_name }} is always '', which cancels the workflow since docker tags can't be empty.
on:
release:
types: [published]
jobs:
push_to_registry:
name: Push Docker image to Docker Registry
runs-on: ubuntu-latest
steps:
-
name: Check out the repo
uses: actions/checkout#v2
-
name: Set up QEMU
uses: docker/setup-qemu-action#v1
-
name: Setup Docker Buildx
uses: docker/setup-buildx-action#v1
-
name: Log in to Docker Registry
uses: docker/login-action#v1
with:
registry: ${{ secrets.DOCKER_REGISTRY }}
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: check tag
if: ${{ github.event.release.tag_name }} == ''
run: |
echo Epic fail
exit 1
-
name: Build and Push to Docker Registry
id: docker_build
uses: docker/build-push-action#v2
with:
push: true
tags: ${{ secrets.DOCKER_REGISTRY }}/repos:latest, ${{ secrets.DOCKER_REGISTRY }}/$repos:${{ github.event.release.tag_name }}
-
name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
The repository this is running on is private so that might have something to do with it but I haven't been able to figure out what.
Any suggestions?
I think the problem is that github.event.release.tag_name is only available if the tagging itself triggered the build (but I'm not sure)
I made it work using a separate action: https://github.com/dawidd6/action-get-tag
Here's my usage:
steps:
- uses: actions/checkout#v2
- name: Get git tag
id: tag
uses: dawidd6/action-get-tag#v1
- uses: docker/build-push-action#v2
with:
context: ./
file: ./Dockerfile
push: true
tags: locustio/locust:${{ steps.tag.outputs.tag }}