Merge branch 'release/26.2.1' #197
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: image | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| - release/** | |
| jobs: | |
| build-image: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| include: | |
| - os: ubuntu-24.04 | |
| platform: amd64 | |
| - os: ubuntu-24.04-arm | |
| platform: arm64 | |
| if: github.repository_owner == 'getsentry' | |
| name: build-${{ matrix.platform }} | |
| steps: | |
| - uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v5.0.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 | |
| - name: Build | |
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.8.10 | |
| with: | |
| context: . | |
| cache-from: ghcr.io/getsentry/vroom:nightly | |
| cache-to: type=inline | |
| platforms: linux/${{ matrix.platform }} | |
| tags: vroom:${{ matrix.platform }} | |
| outputs: type=docker,dest=/tmp/vroom-${{ matrix.platform }}.tar | |
| push: false | |
| # NOTE(aldy505): Rather than pushing the individual architecture-specific image to GHCR, | |
| # we're uploading the tarball into GHA's artifact store and assemble it later | |
| # to create a multiplatform image. This way, we won't be polluting the GHCR image tags | |
| # with a bunch of images that are only being used for CI purposes. | |
| # | |
| # For posterity: If at any chance you need the individual architecture-specific images, | |
| # you can set `push: true` and `tags: ghcr.io/getsentry/vroom:${{ github.sha }}-${{ matrix.platform }}` in the above step. | |
| - name: Upload Image | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: vroom-${{ matrix.platform }} | |
| path: /tmp/vroom-${{ matrix.platform }}.tar | |
| assemble-image: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build-image | |
| if: ${{ github.event_name != 'pull_request' }} | |
| steps: | |
| - uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v5.0.0 | |
| - run: docker login --username '${{ github.actor }}' --password-stdin ghcr.io <<< "$GHCR_TOKEN" | |
| env: | |
| GHCR_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 | |
| - name: Download amd64 Image | |
| uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v4.3.2 | |
| with: | |
| name: vroom-amd64 | |
| path: /tmp | |
| - name: Load amd64 Image | |
| run: docker load --input /tmp/vroom-amd64.tar | |
| - name: Download arm64 Image | |
| uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v4.3.2 | |
| with: | |
| name: vroom-arm64 | |
| path: /tmp | |
| - name: Load arm64 Image | |
| run: docker load --input /tmp/vroom-arm64.tar | |
| - name: Push to GitHub Container Registry | |
| run: | | |
| docker tag vroom:amd64 ghcr.io/getsentry/vroom:${{ github.sha }}-amd64 | |
| docker push ghcr.io/getsentry/vroom:${{ github.sha }}-amd64 | |
| docker tag vroom:arm64 ghcr.io/getsentry/vroom:${{ github.sha }}-arm64 | |
| docker push ghcr.io/getsentry/vroom:${{ github.sha }}-arm64 | |
| docker manifest create \ | |
| ghcr.io/getsentry/vroom:${{ github.sha }} \ | |
| --amend ghcr.io/getsentry/vroom:${{ github.sha }}-amd64 \ | |
| --amend ghcr.io/getsentry/vroom:${{ github.sha }}-arm64 | |
| docker manifest create \ | |
| ghcr.io/getsentry/vroom:nightly \ | |
| --amend ghcr.io/getsentry/vroom:${{ github.sha }}-amd64 \ | |
| --amend ghcr.io/getsentry/vroom:${{ github.sha }}-arm64 | |
| docker manifest push ghcr.io/getsentry/vroom:${{ github.sha }} | |
| docker manifest push ghcr.io/getsentry/vroom:nightly | |
| publish-to-dockerhub: | |
| name: Publish Vroom to DockerHub | |
| runs-on: ubuntu-latest | |
| needs: | |
| - assemble-image | |
| steps: | |
| - uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v5.0.0 | |
| - name: Push built docker image | |
| shell: bash | |
| run: | | |
| docker login --username=sentrybuilder --password-stdin <<< "${{ secrets.DOCKER_HUB_RW_TOKEN }}" | |
| # We push 3 tags to Dockerhub: | |
| # first, the full sha of the commit | |
| GITHUB_SHA="${{ github.sha }}" | |
| docker buildx imagetools create --tag getsentry/vroom:${GITHUB_SHA} ghcr.io/getsentry/vroom:${{ github.sha }} | |
| # second, the short sha of the commit | |
| SHORT_SHA=$(git rev-parse --short "$GITHUB_SHA") | |
| docker buildx imagetools create --tag getsentry/vroom:${SHORT_SHA} ghcr.io/getsentry/vroom:${{ github.sha }} | |
| # finally, nightly | |
| docker buildx imagetools create --tag getsentry/vroom:nightly ghcr.io/getsentry/vroom:${{ github.sha }} | |
| self-hosted-end-to-end: | |
| needs: | |
| - build-image | |
| - assemble-image | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Run Sentry self-hosted e2e CI | |
| uses: getsentry/self-hosted@master | |
| with: | |
| project_name: vroom | |
| image_url: ghcr.io/getsentry/vroom:${{ github.sha }} | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| build-production: | |
| runs-on: ubuntu-24.04 | |
| if: github.ref_name == github.event.repository.default_branch | |
| name: Build and push production images | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.2.2 | |
| - name: Build and push image to single-region registry | |
| uses: getsentry/action-build-and-push-images@b172ab61a5f7eabd58bd42ce231b517e79947c01 | |
| with: | |
| image_name: 'vroom' | |
| platforms: linux/amd64 | |
| dockerfile_path: './Dockerfile' | |
| ghcr: false | |
| google_ar: true | |
| tag_nightly: false | |
| tag_latest: true | |
| google_ar_image_name: us-central1-docker.pkg.dev/sentryio/vroom/vroom | |
| google_workload_identity_provider: projects/868781662168/locations/global/workloadIdentityPools/prod-github/providers/github-oidc-pool | |
| google_service_account: gha-gcr-push@sac-prod-sa.iam.gserviceaccount.com | |
| - name: Build and push image to multi-region registry | |
| uses: getsentry/action-build-and-push-images@b172ab61a5f7eabd58bd42ce231b517e79947c01 | |
| with: | |
| image_name: 'vroom' | |
| platforms: linux/amd64 | |
| dockerfile_path: './Dockerfile' | |
| ghcr: false | |
| google_ar: true | |
| tag_nightly: false | |
| tag_latest: true | |
| google_ar_image_name: us-docker.pkg.dev/sentryio/vroom-mr/vroom | |
| google_workload_identity_provider: projects/868781662168/locations/global/workloadIdentityPools/prod-github/providers/github-oidc-pool | |
| google_service_account: gha-gcr-push@sac-prod-sa.iam.gserviceaccount.com |