Update Github actions to build new GRR Docker image

The new docker image and docker-compose setup replaces the GRR debian package. The current e2e testing is temporarily removed as it depends on the debian package and will be re-introduced after the docker-compose setup is available.
google · Jan 10, 2024 · 6775585 · 6775585
1 parent 727545a
commit 6775585
Showing 1 changed file with 33 additions and 95 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -183,122 +183,60 @@ jobs:
           path: gcs_upload_dir/
           retention-days: 1
 
-  build-server-deb:
-    runs-on: ubuntu-22.04
+  build-push-docker-image:
     env:
-      GCS_TAG: server_deb
+      REGISTRY: ghcr.io
+      IMAGE_NAME: ${{ github.repository }}
+    runs-on: ubuntu-22.04
     needs:
       - build-centos
       - build-ubuntu
       - build-osx
       - build-windows
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v3
       - name: Download installers from GitHub artifacts
         id: download
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
-          path: ~/_artifacts
-      - name: Set up
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y fakeroot debhelper libffi-dev libssl-dev python3-dev python3-pip python3-venv python3-mysqldb wget openjdk-8-jdk zip git devscripts libmysqlclient-dev dh-virtualenv dh-make libc6-i386 lib32z1
-          python3 -m venv --system-site-packages "${HOME}/INSTALL"
-          "${HOME}/INSTALL/bin/python3" -m pip install --upgrade pip 'setuptools<58.3.1' wheel
-      - name: Build
-        run: |
-          travis/install.sh
-          mkdir -p grr/config/grr_response_templates/templates
-          mv -v ~/_artifacts/windows-installers/GRR_*_amd64.msi.zip grr/config/grr_response_templates/templates
-          mv -v ~/_artifacts/ubuntu-installers/grr_*_amd64.deb.zip grr/config/grr_response_templates/templates
-          mv -v ~/_artifacts/centos-installers/grr_*_amd64.rpm.zip grr/config/grr_response_templates/templates
-          mv -v ~/_artifacts/osx-installers/grr_*_amd64.xar.zip grr/config/grr_response_templates/templates
-          travis/build_local_pyindex.sh
-          travis/build_server_deb.sh
-          ls -la gcs_upload_dir
-      - name: Upload installers to GitHub artifacts
-        uses: actions/upload-artifact@v3
+          pattern: '*_installer*'
+          path: _installers
+      - name: Login to GitHub Container registry
+        if: ${{ github.event_name == 'push' }}
+        uses: docker/login-action@v3
         with:
-          name: server-deb
-          path: gcs_upload_dir/
-          retention-days: 1
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-  test-ubuntu-e2e:
-    continue-on-error: true  # Debug follow up step.
-    runs-on: ubuntu-22.04
-    env:
-      GRR_ADMIN_PASS: 'e2e_tests'
-      APPVEYOR_MYSQL_PASS: 'root'
-    needs:
-      - build-server-deb
-    steps:
-      - uses: actions/checkout@v3
-      - name: Set up MySQL
-        run: |
-          printf "\n[mysqld]\nmax_allowed_packet=42M\nlog_bin_trust_function_creators=1\n" | sudo tee -a /etc/mysql/my.cnf
-          sudo /etc/init.d/mysql start
-      - name: Download installers from GitHub artifacts
-        id: download
-        uses: actions/download-artifact@v3
-        with:
-          name: server-deb
-          path: _artifacts
-      - name: Install
-        run: |
-          free -hmw
-          lscpu
-          sudo -EH ./appveyor/e2e_tests/install_mem_usage_cron.sh
-          sudo -EH ./appveyor/e2e_tests/install_latest_server_deb.sh
-      - name: Test
-        run: |
-          sudo -EH ./appveyor/e2e_tests/run_e2e_tests.sh
-          sudo -EH ./appveyor/e2e_tests/test_repack.sh
-      - name: Upload logs and configs to GitHub artifacts
-        uses: actions/upload-artifact@v3
-        if: always()
+      - name: Extract metadata (tags, labels) for Docker
+        if: ${{ github.event_name == 'push' }}
+        id: meta
+        uses: docker/metadata-action@v5
         with:
-          name: e2e-test
-          path: /var/log/grr
-          retention-days: 1
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
-  build-push-docker:
-    runs-on: ubuntu-22.04
-    needs:
-      - build-server-deb
-      # - test-ubuntu-e2e  # TODO: Comment back in after debugging is finished.
-      - test-ubuntu
-      - build-openapi
-    steps:
-      - uses: actions/checkout@v3
-      - name: Download installers from GitHub artifacts
-        id: download
-        uses: actions/download-artifact@v3
+      - name: Build and push Docker image
+        if: ${{ github.event_name == 'push' }}
+        uses: docker/build-push-action@v5
         with:
-          name: server-deb
-          path: _artifacts
-      - name: Build Docker image
-        run: |
-          export BRANCH=$(echo $GITHUB_REF | cut -d'/' -f 3)
-          ./appveyor/docker_build/build_docker_image.sh
-      - if: ${{ github.event_name == 'push' }}
-        name: Login to GitHub Container registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - if: ${{ github.event_name == 'push' }}
-        name: Push to GitHub Container registry
-        run: |
-          docker push -a ${{ env.DOCKER_REPOSITORY }}
-  upload:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+  upload-artifacts:
     if: ${{ github.event_name == 'push' }}
     permissions:
       contents: 'read'
       id-token: 'write'
     runs-on: ubuntu-22.04
     needs:
-      - build-push-docker
+      - build-centos
+      - build-ubuntu
+      - build-osx
+      - build-windows
     steps:
       - uses: actions/checkout@v3
       - name: Download installers from GitHub artifacts