🚧 Work in progress: Define docker-image;

joergdw · joergdw · commit f8ed83c01546 · 2025-04-29T15:08:35.000+02:00
diff --git a/.github/workflows/image.yaml b/.github/workflows/image.yaml
@@ -5,20 +5,55 @@ on:
     paths:
       - 'ci/dockerfiles/**'
       - '.github/workflows/image.yml'
+      - '.tool-versions'
   pull_request:
     paths:
       - 'ci/dockerfiles/**'
       - '.github/workflows/image.yml'
+      - '.tool-versions'
   workflow_dispatch:
 
 env:
   REGISTRY: ghcr.io
-  IMAGE_NAME: ${{ github.repository }}
-
 jobs:
+  build-and-push-devbox-image:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    name: Build and Push app-autoscaler-release-devbox
+    env:
+      IMAGE_NAME: ${{ github.repository }}-devbox
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push
+        id: build-and-push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ci/dockerfiles/autoscaler-devbox/Dockerfile
+          push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:main
+
   build-and-push-image:
     runs-on: ubuntu-latest
-    container: jetpackio/devbox:latest@sha256:3d164648f5ca0fa66cd080ee7c895af54e0a3ec19e19b232a2fea21628e82cfb
     permissions:
       contents: read
       packages: write
@@ -29,40 +64,42 @@ jobs:
       matrix:
         image_suffix: ["tools"]
     name: Build and Push app-autoscaler-release-${{ matrix.image_suffix }}
+    env:
+      IMAGE_NAME: ${{ github.repository }}
     steps:
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+        uses: actions/checkout@v4
 
       - name: Log in to the Container registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5
+        uses: docker/metadata-action@v5
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-${{ matrix.image_suffix }}
 
       - name: Get ginkgo version from autoscaler-release
         id: ginkgo
         run: |
-          version=$(devbox info ginkgo | head --lines=1 | cut --field=2 --delimiter=" ")
-          echo "GINKGO version from devbox: '${version}'"
+          version=$(grep "ginkgo " .tool-versions|  cut -f 2 -d " ")
+          echo "GINKGO version from .tool-versions: \'${version}\'"
           echo "version=${version}" >> "$GITHUB_OUTPUT"
 
       - id: get-golang-version
         shell: bash
         run: |
-          version=$(devbox info go | head --lines=1 | cut --field=2 --delimiter=" ")
-          echo "Go version from devbox: '${version}'"
+          version=$(grep "golang " .tool-versions|  cut -f 2 -d " ")
+          echo "Go version from .tool-versions: \'${version}\'"
           echo "version=${version}" >> "$GITHUB_OUTPUT"
 
       - name: Build and push
         id: build-and-push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6
+        uses: docker/build-push-action@v5
         with:
           context: ci/dockerfiles/autoscaler-${{ matrix.image_suffix }}
           push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,14 @@
+# # Edit: Please use global git-ignore for this, see official hints in the description of gitignore
+# # on <https://git-scm.com/docs/gitignore>.
+#
+# # macOS system file that stores folder metadata (safe to ignore)
+# .DS_Store
+
+
+# ================================================================================
+# 🤖 Generated files
+# ================================================================================
+
 config/dev.yml
 config/private.yml
 releases/*.tgz
@@ -66,16 +77,11 @@ keys/
 .trunk
 
 
-# ==================== 📦 Devbox ====================
+# ==================== 📦 Devbox, ❄ Nix, direnv ====================
 .devbox
 
-# ==================== ❄ Nix ====================
-
 # Ignore links to  build-output:
 /result
 /result-*
 
 .direnv
-
-# # macOS system file that stores folder metadata (safe to ignore)
-.DS_Store
diff --git a/Makefile b/Makefile
@@ -490,11 +490,7 @@ alerts-silence:
 	${CI_DIR}/autoscaler/scripts/silence_prometheus_alert.sh BOSHJobEphemeralDiskPredictWillFill ;\
 	${CI_DIR}/autoscaler/scripts/silence_prometheus_alert.sh BOSHJobUnhealthy ;
 
-.PHONY: docker-login docker docker-image
-docker-login: target/docker-login
-target/docker-login:
-	docker login ghcr.io
-	@touch $@
+.PHONY: docker-image
 docker-image: docker-login
 	docker build -t ghcr.io/cloudfoundry/app-autoscaler-release-tools:latest  ci/dockerfiles/autoscaler-tools
 	docker push ghcr.io/cloudfoundry/app-autoscaler-release-tools:latest
diff --git a/ci/.gitignore b/ci/.gitignore
@@ -0,0 +1,3 @@
+# ================================================================================
+# 🤖 Generated files
+# ================================================================================
diff --git a/ci/Dockerfile b/ci/Dockerfile
@@ -0,0 +1,20 @@
+FROM jetpackio/devbox:latest
+
+# Installing your devbox project
+WORKDIR /code
+USER root:root
+RUN mkdir -p /code && chown ${DEVBOX_USER}:${DEVBOX_USER} /code
+USER ${DEVBOX_USER}:${DEVBOX_USER}
+COPY --chown=${DEVBOX_USER}:${DEVBOX_USER} devbox.json devbox.json
+COPY --chown=${DEVBOX_USER}:${DEVBOX_USER} devbox.lock devbox.lock
+
+
+# Step 6: Copying local flakes directories
+COPY ./.devbox/virtenv/mysql/flake ./.devbox/virtenv/mysql/flake
+COPY ./nix ./nix
+
+RUN devbox run -- echo "Installed Packages."
+
+# 🚧 To-do: Check if “ENTRYPOINT” is not the better alternative, see:
+# <https://www.bmc.com/blogs/docker-cmd-vs-entrypoint>
+CMD ["devbox", "shell"]
diff --git a/ci/Dockerfile.dockerignore b/ci/Dockerfile.dockerignore
@@ -0,0 +1,13 @@
+# ==================== Ignore everything by default ====================
+*
+
+
+
+# ==================== What we actually need ====================
+!./nix
+!/flake.nix
+!/flake.lock
+
+!./.devbox/virtenv/mysql/flake
+!/devbox.json
+!/devbox.lock
diff --git a/ci/Makefile b/ci/Makefile
@@ -1,3 +1,55 @@
+.ONESHELL:
+SHELL := /bin/bash
+.SHELLFLAGS := -eu -o pipefail -c
+
+repository-root := $(shell git rev-parse --show-toplevel)
+
+# All files that together define the development-environment:
+development-environment-definition := \
+	${repository-root}/devbox.json ${repository-root}/devbox.lock \
+	${repository-root}/flake.nix ${repository-root}/flake.lock \
+	${repository-root}/.devbox/virtenv/mysql/flake/flake.nix \
+	${repository-root}/.devbox/virtenv/mysql/flake/flake.lock
+# 🚸 Please be aware that devbox automatically creates
+# '${repository-root}/.devbox/virtenv/mysql/flake' when it loads the development-environment.
+
+# The generated Dockerfile just depends on the content of the used “devbox.json” and its lockfile.
+# It is marked secondary to not auto-clean it.
+.SECONDARY: Dockerfile
+Dockerfile: ./Makefile ${repository-root}/devbox.json ${repository-root}/devbox.lock
+	devbox generate dockerfile --config='${repository-root}'
+	mv '${repository-root}/Dockerfile' .
+
+# 🚸 Overwrite the following parameters to work with a different repository on a different registry:
+DOCKER_REGISTRY ?= ghcr.io
+DOCKER_REPOSITORY ?= cloudfoundry/app-autoscaler-release-tools
+
+.PHONY: docker-login
+docker-login:
+	@logged_in=$$(jq '.auths | has("${DOCKER_REGISTRY}")' ~/.docker/config.json)
+	readonly logged_in
+	if [[ "$${logged_in}" != 'true' ]]
+	then
+		docker login '${DOCKER_REGISTRY}'
+	else
+		echo 'Already logged in into ${DOCKER_REGISTRY}, skipping login.'
+	fi
+
+# 🚧 To-do: Come with appropriate Dockerignore!
+.PHONY: docker-image
+docker-image: ./Makefile Dockerfile ${development-environment-definition}
+	docker build --file='./Dockerfile' '${repository-root}' \
+		--tag='${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}:latest'
+
+# 🚧 To-do: Include workflow to produce the image and push it from the CI/CD-pipeline, see:
+# <https://github.com/cloudfoundry/app-autoscaler-release/pull/2943/files#diff-b4df0a4f0d80f73138c476afbd7aefdac9df339642ddfba323d27c8cbabb92e2>
+docker-image-push: docker-login docker-image
+	@ARTIFACT='${DOCKER_REGISTRY}/${DOCKER_REPOSITORY}:$*'
+	echo "Uploading image" "$${ARTIFACT}"
+	docker push "$${ARTIFACT}"
+
+
+
 .PHONY: set-autoscaler-pipeline
 set-autoscaler-pipeline:
 	@./autoscaler/set-pipeline.sh
diff --git a/ci/dockerfiles/autoscaler-tools/Dockerfile b/ci/dockerfiles/autoscaler-tools/Dockerfile

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# ================================================================================`
	`2`	`+# 🤖 Generated files`
	`3`	`+# ================================================================================`