Skip to content

fix(registry): fix auth in docker with http #2279

fix(registry): fix auth in docker with http

fix(registry): fix auth in docker with http #2279

Workflow file for this run

name: CI
on:
push:
branches:
- master
tags-ignore:
- "**"
pull_request:
branches:
- "**"
jobs:
common_checks:
name: Common checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20.8.0
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
- name: Install dependencies
run: npm ci
- name: Check formatting
run: npm run format:check
build_ilc:
name: Build ILC
runs-on: ubuntu-latest
strategy:
matrix:
branch:
- name: src
ref: ${{ github.ref }}
- name: dest
ref: ${{ github.base_ref }}
exclude:
- branch:
ref: ""
steps:
- uses: actions/checkout@v4
with:
ref: ${{ matrix.branch.ref }}
- id: sha7
run: |
echo "SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
echo "BRANCH=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Docker ILC auth
run: echo "${{ secrets.DOCKER_HUB_BROTHERS_TOKEN }}" | docker login --username brothers --password-stdin
- name: Build the Docker image
uses: docker/build-push-action@v3
with:
context: ./ilc
platforms: linux/amd64,linux/arm64
push: true
cache-from: |
type=registry,ref=namecheap/ilc_tmp:buildcache
cache-to: |
type=registry,ref=namecheap/ilc_tmp:buildcache,mode=max
tags: |
namecheap/ilc_tmp:${{ env.SHA }}
- name: Run server-side tests
run: docker run namecheap/ilc_tmp:$SHA npm run test:ci
- name: Run server-side tests coverage
run: docker run --volume $(pwd)/artifacts/ilc/coverage/server:/.coverage namecheap/ilc_tmp:$SHA bash -c "npm run test:coverage && mv .nyc_output/* /.coverage"
- uses: actions/upload-artifact@v4
with:
name: ${{ matrix.branch.name }}-server-side-tests-artifacts
path: artifacts/ilc/coverage/server
- name: Build the Docker image to test client-side
run: |
cd ./ilc/
DOCKER_BUILDKIT=1 docker build . --file ./Test.Dockerfile --tag ilc:tmp-test-client --build-arg BASE_IMAGE=namecheap/ilc_tmp:$SHA
- name: Run client-side tests
run: |
echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
docker run --volume $(pwd)/artifacts/ilc/coverage/client:/.coverage ilc:tmp-test-client bash -c "npm run test:client -- --browsers ChromeHeadlessWithoutSecurity && mv .karma_output/* /.coverage"
- uses: actions/upload-artifact@v4
with:
name: ${{ matrix.branch.name }}-client-side-tests-artifacts
path: artifacts/ilc/coverage/client
build_registry:
name: Build Registry
runs-on: ubuntu-latest
strategy:
matrix:
branch:
- name: src
ref: ${{ github.ref }}
- name: dest
ref: ${{ github.base_ref }}
exclude:
- branch:
ref: ""
steps:
- uses: actions/checkout@v4
with:
ref: ${{ matrix.branch.ref }}
- id: sha7
run: echo "SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
with:
buildkitd-flags: --debug
- name: Docker registry auth
run: echo "${{ secrets.DOCKER_HUB_BROTHERS_TOKEN }}" | docker login --username brothers --password-stdin
- name: Build the Docker image
uses: docker/build-push-action@v3
with:
context: ./registry
platforms: linux/amd64,linux/arm64
push: true
cache-from: |
type=registry,ref=namecheap/ilc_tmp:buildcache_registry_${{ matrix.branch.name }}
cache-to: |
type=registry,ref=namecheap/ilc_tmp:buildcache_registry_${{ matrix.branch.name }},mode=max
tags: |
namecheap/ilc_tmp:reg_${{ env.SHA }}
registry_tests:
name: Test Registry
needs: [build_registry]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
branch:
- name: src
ref: ${{ github.ref }}
- name: dest
ref: ${{ github.base_ref }}
database:
- client: sqlite3
- client: mysql
host: mysql
port: 3306
- client: pg
host: postgres
port: 5432
exclude:
- branch:
ref: ""
env:
DB_CLIENT: ${{ matrix.database.client }}
DB_NAME: ilc_${{ matrix.branch.name }}
services:
mysql:
image: mysql:5.7
env:
MYSQL_ROOT_PASSWORD: pwd
ports:
- 3306:3306
volumes:
- ${{ github.workspace }}:/usr/src/ilc
options: --name=mysql --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
postgres:
image: postgres:15.4-alpine
env:
POSTGRES_USER: root
POSTGRES_PASSWORD: pwd
volumes:
- ${{ github.workspace }}:/usr/src/ilc
ports:
- 5432:5432
options: --name=postgres --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- uses: actions/checkout@v4
with:
ref: ${{ matrix.branch.ref }}
- id: sha7
run: echo "SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
- name: Docker registry auth
run: echo "${{ secrets.DOCKER_HUB_BROTHERS_TOKEN }}" | docker login --username brothers --password-stdin
- name: Run tests
run: >-
bash ./registry/scripts/reset.sh;
docker run
--volume $(pwd)/artifacts/registry/coverage:/.coverage
--network ${{ job.container.network }}
-e DB_CLIENT=${{ matrix.database.client }}
-e DB_HOST=${{ matrix.database.host }}
-e DB_PORT=${{ matrix.database.port }}
-e DB_USER=root
-e DB_PASSWORD=pwd
-e DB_NAME=$DB_NAME
namecheap/ilc_tmp:reg_$SHA
sh -c "npm run test:ci && mv .nyc_output/* /.coverage"
- uses: actions/upload-artifact@v4
with:
name: ${{ matrix.branch.name }}-${{ matrix.database.client }}-registry-tests-artifacts
path: ./artifacts/registry/coverage
e2e_tests:
name: Run E2E tests
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
database:
- client: mysql
host: mysql
port: 3306
- client: pg
host: postgres
port: 5432
services:
mysql:
image: mysql:5.7
env:
MYSQL_ROOT_PASSWORD: pwd
MYSQL_DATABASE: ilc
ports:
- 3306:3306
options: --name=mysql --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
postgres:
image: postgres:15.4-alpine
env:
POSTGRES_USER: root
POSTGRES_PASSWORD: pwd
POSTGRES_DB: ilc
ports:
- 5432:5432
options: --name=postgres --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20.8.0
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
- name: Install dependencies
run: npm install
- name: Build ILC & Registry
run: npm run build
- name: Run E2E tests
working-directory: e2e
run: npm run start:verbose
env:
DB_CLIENT: ${{ matrix.database.client }}
DB_HOST: localhost
DB_PORT: ${{ matrix.database.port }}
DB_USER: root
DB_PASSWORD: pwd
DB_NAME: ilc
- uses: actions/upload-artifact@v4
if: failure()
with:
name: e2e-tests-artifacts
path: e2e/.codecept_output
coverage_report:
name: PR Coverage Report
runs-on: ubuntu-latest
needs: [build_ilc, registry_tests]
if: github.base_ref
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
- name: Create coverage report for ilc/server
id: ilc-server-coverage-report
uses: namecheap/Coverage-Diff@master
with:
fullCoverageDiff: true
autorun: false
postComment: false
oldCodeCoveragePath: ./dest-server-side-tests-artifacts/coverage/coverage-summary.json
newCodeCoveragePath: ./src-server-side-tests-artifacts/coverage/coverage-summary.json
total_delta: 2
- name: Create coverage report for ilc/client
id: ilc-client-coverage-report
if: success() || failure()
uses: namecheap/Coverage-Diff@master
with:
fullCoverageDiff: true
autorun: false
postComment: false
oldCodeCoveragePath: ./dest-client-side-tests-artifacts/coverage/coverage-summary.json
newCodeCoveragePath: ./src-client-side-tests-artifacts/coverage/coverage-summary.json
total_delta: 2
- name: Merge coverage report for registry
run: |
bash .github/workflows/merge-registry-coverage.sh dest
bash .github/workflows/merge-registry-coverage.sh src
- name: Create coverage report for registry
id: registry-coverage-report
if: success() || failure()
uses: namecheap/Coverage-Diff@master
with:
fullCoverageDiff: true
autorun: false
postComment: false
oldCodeCoveragePath: ./dest-merged-registry-tests-artifacts/coverage/coverage-summary.json
newCodeCoveragePath: ./src-merged-registry-tests-artifacts/coverage/coverage-summary.json
total_delta: 2
- name: Compose comment
if: success() || failure()
run: |
echo "# Coverage Report" > report.md
echo "## Ilc/server" >> report.md
echo "${{ steps.ilc-server-coverage-report.outputs.report }}" >> report.md
echo "## Ilc/client" >> report.md
echo "${{ steps.ilc-client-coverage-report.outputs.report }}" >> report.md
echo "## Registry" >> report.md
echo "${{ steps.registry-coverage-report.outputs.report }}" >> report.md
- name: Add Coverage PR Comment
if: success() || failure()
uses: marocchino/sticky-pull-request-comment@v2
with:
recreate: true
header: coverage-diff-report
path: report.md
push_images:
needs: [build_ilc, registry_tests, e2e_tests]
name: Push images to registry
runs-on: ubuntu-latest
steps:
- name: Docker registry auth
run: echo "${{ secrets.DOCKER_HUB_BROTHERS_TOKEN }}" | docker login --username brothers --password-stdin
- name: Calculate tags
id: tags
run: |
BRANCH=$(echo ${GITHUB_REF} | cut -d '/' -f 3-99)
LATEST=$([ "$BRANCH" == "master" ] && echo "latest,${GITHUB_SHA:0:7}," || echo "")
DOCKER_TAGS="$LATEST${BRANCH//\//_}"
echo "Tags that will be used: $DOCKER_TAGS"
echo ::set-output name=docker_tags::$DOCKER_TAGS
- name: Install regctl
run: |
curl -L https://github.com/regclient/regclient/releases/download/v0.3.10/regctl-linux-amd64 > ./regctl
chmod 755 ./regctl
- name: Push images
run: |
TAGS="${{ steps.tags.outputs.docker_tags }}"
for i in ${TAGS//,/ }
do
./regctl image copy namecheap/ilc_tmp:reg_${GITHUB_SHA:0:7} namecheap/ilc_registry:$i
./regctl image copy namecheap/ilc_tmp:${GITHUB_SHA:0:7} namecheap/ilc:$i
done
build_docs:
needs: [push_images]
name: Build documentation
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master'
steps:
- uses: actions/checkout@v4
- name: Build the Docker image
run: |
docker build -t ilc-mkdocs - < ./.mkdocs/Dockerfile
- name: Generate docs and publish to GitHub Pages
run: docker run --rm -v ${PWD}:/docs ilc-mkdocs gh-deploy --force