Skip to content

Docker release pipeline#86

Merged
liran-funaro merged 12 commits into
hyperledger:mainfrom
anushka159-a:docker-release-pipeline
Jul 23, 2025
Merged

Docker release pipeline#86
liran-funaro merged 12 commits into
hyperledger:mainfrom
anushka159-a:docker-release-pipeline

Conversation

@anushka159-a

Copy link
Copy Markdown
Contributor

A docker-release-pipeline.yml is added that triggers github actions workflow on the push of a new tag.

Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Comment thread .github/workflows/docker-release.yml Outdated
Comment thread .github/workflows/docker-release.yml
Comment thread .github/workflows/docker-release.yml Outdated
@cendhu cendhu requested a review from Copilot July 17, 2025 12:48

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR introduces a new GitHub Actions workflow to automate building and releasing the Fabric-X committer Docker image whenever a v* tag is pushed.

  • Triggers a release pipeline on new tag pushes.
  • Sets up QEMU and Docker Buildx for multi-architecture builds.
  • Extracts version from tag, builds binaries, and pushes multi-platform Docker images using Docker Hub credentials.
Comments suppressed due to low confidence (2)

.github/workflows/docker-release.yml:34

  • The secret name DOCKERHUB_TOKEN is inconsistent with DOCKER_HUB_USERNAME. Consider renaming it to DOCKER_HUB_TOKEN for consistency across secrets.
          password: ${{ secrets.DOCKERHUB_TOKEN }}

.github/workflows/docker-release.yml:38

  • [nitpick] Add a validation step to ensure GITHUB_REF matches the expected refs/tags/v* format and fail early if VERSION is empty, preventing downstream steps from using an invalid version.
        run: echo "VERSION=${GITHUB_REF#refs/tags/v}" >> $GITHUB_ENV

Comment thread .github/workflows/docker-release.yml
Comment thread .github/workflows/docker-release.yml Outdated
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
@anushka159-a

anushka159-a commented Jul 17, 2025

Copy link
Copy Markdown
Contributor Author

I have resolved all the review comments from @cendhu and @Copilot
This PR still needs some code modification for the Image tagging, testing for somethings, will update the PR once it gets ready.

Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>

@liran-funaro liran-funaro left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Just some minor comment.
@cendhu Can we remove scripts/build-release-image.sh?

if [ "$GITHUB_REPOSITORY_OWNER" == "hyperledger" ]; then
echo "IMAGE_PREFIX=hyperledger" >> $GITHUB_ENV
else
echo "IMAGE_PREFIX=${{ secrets.DOCKERHUB_USERNAME }}" >> $GITHUB_ENV

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we need this part? We would only push images from the main "hyperledger" repository.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It permits for forks to push in their dockerhubs. That was the idea

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a way to disable this? I prefer not to have this capability in my fork to avoid mistakes.

ARCHBIN_PATH=archbin
PORTS=4001 2114 9001 2119 5001 2115 6001 2116 7001 2117
cache-from: type=registry,ref=docker.io/${{ env.IMAGE_PREFIX }}/fabric-x-committer:buildcache
cache-to: type=registry,ref=docker.io/${{ env.IMAGE_PREFIX }}/fabric-x-committer:buildcache,mode=max No newline at end of file

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: missing line break

@liran-funaro liran-funaro merged commit 46d4765 into hyperledger:main Jul 23, 2025
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants