diff --git a/.github/workflows/publish-webapp.yml b/.github/workflows/publish-webapp.yml index b977ef0a19..6ba6652ab2 100644 --- a/.github/workflows/publish-webapp.yml +++ b/.github/workflows/publish-webapp.yml @@ -43,9 +43,10 @@ jobs: ref_without_tag=ghcr.io/triggerdotdev/trigger.dev image_tags=$ref_without_tag:${{ steps.get_tag.outputs.tag }} - # if tag is a semver, also tag it as v3 + # if tag is a semver, also tag it as v4 if [[ "${{ steps.get_tag.outputs.is_semver }}" == true ]]; then - image_tags=$image_tags,$ref_without_tag:v3 + # TODO: switch to v4 tag on GA + image_tags=$image_tags,$ref_without_tag:v4-beta fi echo "image_tags=${image_tags}" >> "$GITHUB_OUTPUT" diff --git a/.github/workflows/publish-worker-v4.yml b/.github/workflows/publish-worker-v4.yml index ee27e6f862..4a2853da08 100644 --- a/.github/workflows/publish-worker-v4.yml +++ b/.github/workflows/publish-worker-v4.yml @@ -14,6 +14,7 @@ on: - "re2-prod-*" permissions: + id-token: write packages: write contents: read @@ -35,6 +36,9 @@ jobs: env: DOCKER_BUILDKIT: "1" steps: + - name: 🏭 Setup Depot CLI + uses: depot/setup-action@v1 + - name: ⬇️ Checkout git repo uses: actions/checkout@v4 @@ -49,26 +53,26 @@ jobs: fi echo "repo=${repo}" >> "$GITHUB_OUTPUT" - - id: get_tag + - name: "#️⃣ Get image tag" + id: get_tag uses: ./.github/actions/get-image-tag with: tag: ${{ inputs.image_tag }} - - name: 🐋 Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + - name: 📛 Set tags to push + id: set_tags + run: | + ref_without_tag=ghcr.io/triggerdotdev/${{ steps.get_repository.outputs.repo }} + image_tags=$ref_without_tag:${{ steps.get_tag.outputs.tag }} - # ..to avoid rate limits when pulling images - - name: 🐳 Login to DockerHub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + # if tag is a semver, also tag it as v4 + if [[ "${{ steps.get_tag.outputs.is_semver }}" == true ]]; then + # TODO: switch to v4 tag on GA + image_tags=$image_tags,$ref_without_tag:v4-beta + fi - - name: 🚢 Build Container Image - run: | - docker build -t infra_image -f ./apps/${{ matrix.package }}/Containerfile . + echo "image_tags=${image_tags}" >> "$GITHUB_OUTPUT" - # ..to push image - name: 🐙 Login to GitHub Container Registry uses: docker/login-action@v3 with: @@ -76,20 +80,10 @@ jobs: username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - - name: 🐙 Push to GitHub Container Registry - run: | - docker tag infra_image "$REGISTRY/$REPOSITORY:$IMAGE_TAG" - docker push "$REGISTRY/$REPOSITORY:$IMAGE_TAG" - env: - REGISTRY: ghcr.io/triggerdotdev - REPOSITORY: ${{ steps.get_repository.outputs.repo }} - IMAGE_TAG: ${{ steps.get_tag.outputs.tag }} - - # - name: 🐙 Push 'v3' tag to GitHub Container Registry - # if: steps.get_tag.outputs.is_semver == 'true' - # run: | - # docker tag infra_image "$REGISTRY/$REPOSITORY:v3" - # docker push "$REGISTRY/$REPOSITORY:v3" - # env: - # REGISTRY: ghcr.io/triggerdotdev - # REPOSITORY: ${{ steps.get_repository.outputs.repo }} + - name: 🐳 Build image and push to GitHub Container Registry + uses: depot/build-push-action@v1 + with: + file: ./apps/${{ matrix.package }}/Containerfile + platforms: linux/amd64,linux/arm64 + tags: ${{ steps.set_tags.outputs.image_tags }} + push: true diff --git a/apps/supervisor/Containerfile b/apps/supervisor/Containerfile index d1a8e567cc..b0b1ba9271 100644 --- a/apps/supervisor/Containerfile +++ b/apps/supervisor/Containerfile @@ -19,6 +19,7 @@ COPY --from=pruner --chown=node:node /app/out/pnpm-workspace.yaml ./pnpm-workspa RUN corepack enable && corepack prepare --activate FROM base AS deps-fetcher +RUN apk add --no-cache python3-dev py3-setuptools make g++ gcc linux-headers RUN --mount=type=cache,id=pnpm,target=/root/.local/share/pnpm/store pnpm fetch --frozen-lockfile FROM deps-fetcher AS dev-deps