From b751aa121062dd2c072bce29a3342f1416b74ba5 Mon Sep 17 00:00:00 2001 From: Kirill Sizov Date: Wed, 20 Jul 2022 14:11:05 +0300 Subject: [PATCH] Update tokens for workflows (#9) * update tokens for workflows * rename ci images --- .github/workflows/comment.yml | 8 +-- .github/workflows/full.yml | 105 +++++++++++++++++++-------------- .github/workflows/main.yml | 93 ++++++++++++++++------------- .github/workflows/schedule.yml | 99 ++++++++++++------------------- 4 files changed, 155 insertions(+), 150 deletions(-) diff --git a/.github/workflows/comment.yml b/.github/workflows/comment.yml index 47f4d67a..140c3339 100644 --- a/.github/workflows/comment.yml +++ b/.github/workflows/comment.yml @@ -33,7 +33,7 @@ jobs: uses: actions/github-script@v3 with: script: | - core.setFailed('User that send comment with run command is not collaborator') + core.setFailed('User that send comment with /check command is not collaborator') - name: Get branch name id: get-ref @@ -60,9 +60,9 @@ jobs: with: ref: ${{ needs.verify_author.outputs.ref }} secrets: - DOCKERHUB_WORKSPACE: ${{ secrets.DOCKERHUB_WORKSPACE }} - DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + DOCKERHUB_CI_WORKSPACE: ${{ secrets.DOCKERHUB_CI_WORKSPACE }} + DOCKERHUB_CI_USERNAME: ${{ secrets.DOCKERHUB_CI_USERNAME }} + DOCKERHUB_CI_TOKEN: ${{ secrets.DOCKERHUB_CI_TOKEN }} send_status: runs-on: ubuntu-latest diff --git a/.github/workflows/full.yml b/.github/workflows/full.yml index 87dac508..c216a363 100644 --- a/.github/workflows/full.yml +++ b/.github/workflows/full.yml @@ -6,15 +6,16 @@ on: type: string required: true secrets: - DOCKERHUB_WORKSPACE: + DOCKERHUB_CI_WORKSPACE: required: true - DOCKERHUB_USERNAME: + DOCKERHUB_CI_USERNAME: required: true - DOCKERHUB_TOKEN: + DOCKERHUB_CI_TOKEN: required: true env: SERVER_IMAGE_TEST_REPO: cvat_server + UI_IMAGE_TEST_REPO: cvat_ui WORKFLOW_RUN_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} jobs: @@ -57,8 +58,8 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} - name: CVAT server. Getting cache from the default branch uses: actions/cache@v3 @@ -66,11 +67,25 @@ jobs: path: /tmp/cvat_cache_server key: ${{ runner.os }}-build-server-${{ needs.search_cache.outputs.sha }} + - name: Getting CVAT UI cache from the default branch + uses: actions/cache@v3 + with: + path: /tmp/cvat_cache_ui + key: ${{ runner.os }}-build-ui-${{ needs.search_cache.outputs.sha }} + - name: CVAT server. Extract metadata (tags, labels) for Docker id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + tags: | + type=raw,value=${{ inputs.ref }} + + - name: CVAT UI. Extract metadata (tags, labels) for Docker + id: meta-ui + uses: docker/metadata-action@master + with: + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.UI_IMAGE_TEST_REPO }} tags: | type=raw,value=${{ inputs.ref }} @@ -87,6 +102,16 @@ jobs: tags: ${{ steps.meta-server.outputs.tags }} labels: ${{ steps.meta-server.outputs.labels }} + - name: CVAT UI. Build and push + uses: docker/build-push-action@v3 + with: + cache-from: type=local,src=/tmp/cvat_cache_ui + context: . + file: Dockerfile.ui + push: true + tags: ${{ steps.meta-ui.outputs.tags }} + labels: ${{ steps.meta-ui.outputs.labels }} + unit_testing: needs: [build, search_cache] runs-on: ubuntu-latest @@ -102,12 +127,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@master - - name: Getting CVAT UI cache from the default branch - uses: actions/cache@v3 - with: - path: /tmp/cvat_cache_ui - key: ${{ runner.os }}-build-ui-${{ needs.search_cache.outputs.sha }} - - name: Getting CVAT Elasticsearch cache from the default branch uses: actions/cache@v3 with: @@ -120,15 +139,6 @@ jobs: path: /tmp/cvat_cache_logstash key: ${{ runner.os }}-build-logstash-${{ needs.search_cache.outputs.sha }} - - name: Building CVAT UI image - uses: docker/build-push-action@v2 - with: - context: . - file: ./Dockerfile.ui - cache-from: type=local,src=/tmp/cvat_cache_ui - tags: openvino/cvat_ui:latest - load: true - - name: Building CVAT Elasticsearch uses: docker/build-push-action@v2 with: @@ -153,21 +163,32 @@ jobs: id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + tags: | + type=raw,value=${{ inputs.ref }} + + - name: CVAT server. Extract metadata (tags, labels) for Docker + id: meta-ui + uses: docker/metadata-action@master + with: + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.UI_IMAGE_TEST_REPO }} tags: | type=raw,value=${{ inputs.ref }} - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} - - name: Pull CVAT server image + - name: Pull CVAT images run: | docker pull ${{ steps.meta-server.outputs.tags }} docker tag ${{ steps.meta-server.outputs.tags }} openvino/cvat_server + docker pull ${{ steps.meta-ui.outputs.tags }} + docker tag ${{ steps.meta-ui.outputs.tags }} openvino/cvat_ui + - name: Running OPA tests run: | curl -L -o opa https://openpolicyagent.org/downloads/v0.34.2/opa_linux_amd64_static @@ -236,40 +257,36 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@master - - name: Getting CVAT UI cache from the default branch - uses: actions/cache@v3 - with: - path: /tmp/cvat_cache_ui - key: ${{ runner.os }}-build-ui-${{ needs.search_cache.outputs.sha }} - - - name: Building CVAT UI image - uses: docker/build-push-action@v2 - with: - context: . - file: ./Dockerfile.ui - cache-from: type=local,src=/tmp/cvat_cache_ui - tags: openvino/cvat_ui:latest - load: true - - name: CVAT server. Extract metadata (tags, labels) for Docker id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + tags: | + type=raw,value=${{ inputs.ref }} + + - name: CVAT UI. Extract metadata (tags, labels) for Docker + id: meta-ui + uses: docker/metadata-action@master + with: + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.UI_IMAGE_TEST_REPO }} tags: | type=raw,value=${{ inputs.ref }} - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} - - name: Pull CVAT server image + - name: Pull CVAT images run: | docker pull ${{ steps.meta-server.outputs.tags }} docker tag ${{ steps.meta-server.outputs.tags }} openvino/cvat_server + docker pull ${{ steps.meta-ui.outputs.tags }} + docker tag ${{ steps.meta-ui.outputs.tags }} openvino/cvat_ui + - name: Run CVAT instance run: | docker-compose \ diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d83a60ab..ee737d58 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -12,6 +12,7 @@ on: env: SERVER_IMAGE_TEST_REPO: cvat_server + UI_IMAGE_TEST_REPO: cvat_ui jobs: search_cache: @@ -56,8 +57,8 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} - name: CVAT server. Getting cache from the default branch uses: actions/cache@v3 @@ -65,11 +66,23 @@ jobs: path: /tmp/cvat_cache_server key: ${{ runner.os }}-build-server-${{ needs.search_cache.outputs.sha }} + - name: CVAT UI. Getting cache from the default branch + uses: actions/cache@v3 + with: + path: /tmp/cvat_cache_ui + key: ${{ runner.os }}-build-ui-${{ needs.search_cache.outputs.sha }} + - name: CVAT server. Extract metadata (tags, labels) for Docker id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + + - name: CVAT UI. Extract metadata (tags, labels) for Docker + id: meta-ui + uses: docker/metadata-action@master + with: + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.UI_IMAGE_TEST_REPO }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 @@ -84,6 +97,16 @@ jobs: tags: ${{ steps.meta-server.outputs.tags }} labels: ${{ steps.meta-server.outputs.labels }} + - name: CVAT UI. Build and push + uses: docker/build-push-action@v3 + with: + cache-from: type=local,src=/tmp/cvat_cache_ui + context: . + file: Dockerfile.ui + push: true + tags: ${{ steps.meta-ui.outputs.tags }} + labels: ${{ steps.meta-ui.outputs.labels }} + unit_testing: needs: [build, search_cache] runs-on: ubuntu-latest @@ -94,41 +117,35 @@ jobs: with: python-version: '3.8' - - name: Getting CVAT UI cache from the default branch - uses: actions/cache@v3 - with: - path: /tmp/cvat_cache_ui - key: ${{ runner.os }}-build-ui-${{ needs.search_cache.outputs.sha }} - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Building CVAT UI image - uses: docker/build-push-action@v2 - with: - context: . - file: ./Dockerfile.ui - cache-from: type=local,src=/tmp/cvat_cache_ui - tags: openvino/cvat_ui:latest - load: true - - name: CVAT server. Extract metadata (tags, labels) for Docker id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + + - name: CVAT UI. Extract metadata (tags, labels) for Docker + id: meta-ui + uses: docker/metadata-action@master + with: + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.UI_IMAGE_TEST_REPO }} - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} - - name: Pull CVAT server image + - name: Pull CVAT images run: | docker pull ${{ steps.meta-server.outputs.tags }} docker tag ${{ steps.meta-server.outputs.tags }} openvino/cvat_server + docker pull ${{ steps.meta-ui.outputs.tags }} + docker tag ${{ steps.meta-ui.outputs.tags }} openvino/cvat_ui + - name: Running OPA tests run: | curl -L -o opa https://openpolicyagent.org/downloads/v0.34.2/opa_linux_amd64_static @@ -186,41 +203,35 @@ jobs: steps: - uses: actions/checkout@v2 - - name: Getting CVAT UI cache from the default branch - uses: actions/cache@v3 - with: - path: /tmp/cvat_cache_ui - key: ${{ runner.os }}-build-ui-${{ needs.search_cache.outputs.sha }} - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Building CVAT UI image - uses: docker/build-push-action@v2 - with: - context: . - file: ./Dockerfile.ui - cache-from: type=local,src=/tmp/cvat_cache_ui - tags: openvino/cvat_ui:latest - load: true - - name: CVAT server. Extract metadata (tags, labels) for Docker id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + + - name: CVAT UI. Extract metadata (tags, labels) for Docker + id: meta-ui + uses: docker/metadata-action@master + with: + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.UI_IMAGE_TEST_REPO }} - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} - - name: Pull CVAT server image + - name: Pull CVAT images run: | docker pull ${{ steps.meta-server.outputs.tags }} docker tag ${{ steps.meta-server.outputs.tags }} openvino/cvat_server + docker pull ${{ steps.meta-ui.outputs.tags }} + docker tag ${{ steps.meta-ui.outputs.tags }} openvino/cvat_ui + - uses: actions/setup-node@v2 with: node-version: '16.x' diff --git a/.github/workflows/schedule.yml b/.github/workflows/schedule.yml index fad86ca1..baaf45d8 100644 --- a/.github/workflows/schedule.yml +++ b/.github/workflows/schedule.yml @@ -6,7 +6,7 @@ on: env: SERVER_IMAGE_TEST_REPO: cvat_server - UI_IMAGE_TEST_REPO: cvat_ui + UI_IMAGE_TEST_REPO: instrumentation_cvat_ui jobs: check_updates: @@ -69,7 +69,7 @@ jobs: echo ::set-output name=default_branch::${DEFAULT_BRANCH} echo ::set-output name=sha::${SHA} - build_server: + build: needs: search_cache runs-on: ubuntu-latest steps: @@ -78,8 +78,8 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} - name: CVAT server. Getting cache from the default branch uses: actions/cache@v3 @@ -87,11 +87,25 @@ jobs: path: /tmp/cvat_cache_server key: ${{ runner.os }}-build-server-${{ needs.search_cache.outputs.sha }} + - name: CVAT UI. Getting cache from the default branch + uses: actions/cache@v3 + with: + path: /tmp/cvat_cache_ui + key: ${{ runner.os }}-build-ui-${{ needs.search_cache.outputs.sha }} + - name: CVAT server. Extract metadata (tags, labels) for Docker id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + tags: + type=raw,value=nightly + + - name: CVAT UI. Extract metadata (tags, labels) for Docker + id: meta-ui + uses: docker/metadata-action@master + with: + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.UI_IMAGE_TEST_REPO }} tags: type=raw,value=nightly @@ -108,35 +122,6 @@ jobs: tags: ${{ steps.meta-server.outputs.tags }} labels: ${{ steps.meta-server.outputs.labels }} - build_ui: - needs: search_cache - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME_2 }} - password: ${{ secrets.DOCKERHUB_TOKEN_2 }} - - - name: CVAT UI. Getting cache from the default branch - uses: actions/cache@v3 - with: - path: /tmp/cvat_cache_ui - key: ${{ runner.os }}-build-ui-${{ needs.search_cache.outputs.sha }} - - - name: CVAT UI. Extract metadata (tags, labels) for Docker - id: meta-ui - uses: docker/metadata-action@master - with: - images: ${{ secrets.DOCKERHUB_USERNAME_2 }}/${{ env.UI_IMAGE_TEST_REPO }} - tags: - type=raw,value=nightly - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Instrumentation of the code then rebuilding the CVAT UI run: | yarn --frozen-lockfile @@ -153,7 +138,7 @@ jobs: labels: ${{ steps.meta-ui.outputs.labels }} unit_testing: - needs: build_server + needs: build runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 @@ -216,15 +201,15 @@ jobs: id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} tags: type=raw,value=nightly - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} - name: Pull CVAT server image run: | @@ -262,7 +247,7 @@ jobs: docker-compose -f docker-compose.yml -f docker-compose.dev.yml -f docker-compose.ci.yml down -v e2e_testing: - needs: [build_server, build_ui] + needs: build runs-on: ubuntu-latest strategy: fail-fast: false @@ -281,41 +266,33 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} + - name: CVAT server. Extract metadata (tags, labels) for Docker id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} tags: type=raw,value=nightly - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Pull CVAT server image - run: | - docker pull ${{ steps.meta-server.outputs.tags }} - docker tag ${{ steps.meta-server.outputs.tags }} openvino/cvat_server - - name: CVAT UI. Extract metadata (tags, labels) for Docker id: meta-ui uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_USERNAME_2 }}/${{ env.UI_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_USERNAME }}/${{ env.UI_IMAGE_TEST_REPO }} tags: type=raw,value=nightly - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKERHUB_USERNAME_2 }} - password: ${{ secrets.DOCKERHUB_TOKEN_2 }} - - name: Pull CVAT UI image run: | + docker pull ${{ steps.meta-server.outputs.tags }} + docker tag ${{ steps.meta-server.outputs.tags }} openvino/cvat_server + docker pull ${{ steps.meta-ui.outputs.tags }} docker tag ${{ steps.meta-ui.outputs.tags }} openvino/cvat_ui @@ -426,15 +403,15 @@ jobs: id: meta-server uses: docker/metadata-action@master with: - images: ${{ secrets.DOCKERHUB_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} + images: ${{ secrets.DOCKERHUB_CI_WORKSPACE }}/${{ env.SERVER_IMAGE_TEST_REPO }} tags: type=raw,value=nightly - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ secrets.DOCKERHUB_CI_USERNAME }} + password: ${{ secrets.DOCKERHUB_CI_TOKEN }} - name: Pull CVAT server image run: |