Publish RC container images (#7556)

* WIP * Add missing checkout * Add debuggin * Fix VAR name * Bug fix * Rework jobs * Revert "Rework jobs" This reverts commit 2bfa79fd3ae633c17403b838f9a5025f0f7fc3f3. * Add cache * Add temp default for testing * Add missing checkout * Fix patch * Comment out the GPG check for now * Rename polkadot_injected_release into a more appropriate polkadot_injected_debian * Refactoring / renaming * Introduce a generic image for binary injection * Flag files to be deleted and changes to be done * WIP * Fix multi binaries images * Add test build scripts * Remove old file, add polkadot build-injected script * Fix doc * Fix tagging * Add build of the injected container * Fix for docker * Remove the need for TTY * Handling container publishing * Fix owner and registry * Fix vars * Fix repo * Fix var naming * Fix case when there is no tag * Fix case with no tag * Handle error * Fix spacings * Fix tags * Remove unnecessary grep that may fail * Add final check * Clean up and introduce GPG check * Add doc * Add doc * Update doc/docker.md Co-authored-by: Mira Ressel <mira@parity.io> * type Co-authored-by: Mira Ressel <mira@parity.io> * Fix used VAR * Improve doc * ci: Update .build-push-image jobs to use the new build-injected.sh * ci: fix path to build-injected.sh script * Rename the release artifacts folder to prevent confusion due to a similar folder in the gitlab CI * ci: check out polkadot repo in .build-push-image This seems far cleaner than copying the entire scripts/ folder into our job artifacts. * feat(build-injected.sh): make PROJECT_ROOT configurable This lets us avoid a dependency on git in our CI image. * ci: build injected images with buildah * ci: pass full image names to zombienet * Add missing ignore --------- Co-authored-by: Mira Ressel <mira@parity.io>
2026-05-30 16:21:02 +00:00 · 2023-08-11 15:28:39 +02:00
parent cf66819a19
commit 693a29da1a
35 changed files with 663 additions and 325 deletions
@@ -159,31 +159,39 @@ default:
    - if: $CI_COMMIT_REF_NAME =~ /^v[0-9]+\.[0-9]+.*$/ # i.e. v1.0, v2.1rc1

 .build-push-image:
+  variables:
+    CI_IMAGE: "${BUILDAH_IMAGE}"
+
+    REGISTRY: "docker.io"
+    DOCKER_OWNER: "paritypr"
+    DOCKER_USER: "${PARITYPR_USER}"
+    DOCKER_PASS: "${PARITYPR_PASS}"
+    IMAGE: "${REGISTRY}/${DOCKER_OWNER}/${IMAGE_NAME}"
+
+    ENGINE: "${BUILDAH_COMMAND}"
+    BUILDAH_FORMAT: "docker"
+    SKIP_IMAGE_VALIDATION: 1
+
+    PROJECT_ROOT: "."
+    BIN_FOLDER: "./artifacts"
+    VCS_REF: "${CI_COMMIT_SHA}"
+
  before_script:
    - !reference [.common-before-script, before_script]
    - test -s ./artifacts/VERSION || exit 1
    - test -s ./artifacts/EXTRATAG || exit 1
-    - VERSION="$(cat ./artifacts/VERSION)"
+    - export VERSION="$(cat ./artifacts/VERSION)"
    - EXTRATAG="$(cat ./artifacts/EXTRATAG)"
    - echo "Polkadot version = ${VERSION} (EXTRATAG = ${EXTRATAG})"
  script:
    - test "$DOCKER_USER" -a "$DOCKER_PASS" ||
      ( echo "no docker credentials provided"; exit 1 )
-    - cd ./artifacts
-    - $BUILDAH_COMMAND build
-      --format=docker
-      --build-arg VCS_REF="${CI_COMMIT_SHA}"
-      --build-arg BUILD_DATE="$(date -u '+%Y-%m-%dT%H:%M:%SZ')"
-      --build-arg IMAGE_NAME="${IMAGE_NAME}"
-      --tag "$IMAGE_NAME:$VERSION"
-      --tag "$IMAGE_NAME:$EXTRATAG"
-      --file ${DOCKERFILE} .
-    # The job will success only on the protected branch
+    - TAGS="${VERSION},${EXTRATAG}" scripts/ci/dockerfiles/build-injected.sh
    - echo "$DOCKER_PASS" |
-      buildah login --username "$DOCKER_USER" --password-stdin docker.io
+      buildah login --username "$DOCKER_USER" --password-stdin "${REGISTRY}"
    - $BUILDAH_COMMAND info
-    - $BUILDAH_COMMAND push --format=v2s2 "$IMAGE_NAME:$VERSION"
-    - $BUILDAH_COMMAND push --format=v2s2 "$IMAGE_NAME:$EXTRATAG"
+    - $BUILDAH_COMMAND push --format=v2s2 "$IMAGE:$VERSION"
+    - $BUILDAH_COMMAND push --format=v2s2 "$IMAGE:$EXTRATAG"
  after_script:
    - buildah logout --all