✨ Test image build on Dockerfile change

sjd78 · sjd78 · commit f3f025110618 · 2024-05-10T15:41:37.000-04:00
If the workflow is run from a PR, and the PR includes a change to the `Dockerfile`, then run image builds for all of our target platforms. The images are built but not pushed to any repository. We want to be reasonably sure that any `Dockerfile` change will not cause the image-build-and-push on PR merge workflow to break. Doing the image build here should show up most problems much earlier. For example, a npm version update in the build container could break github action `nofiles` or network access capabilities for the npm install. In future, it may be reasonable to extend this check to happen when other core build related changes are made (package-lock.json, package.json). See konveyor#1742, konveyor#1746, and konveyor#1781 for some other examples of when this check could have caught issues before a PR merge. Supports: konveyor#1883 Signed-off-by: Scott J Dickerson <sdickers@redhat.com>
diff --git a/.github/workflows/ci-Dockerfile.yml b/.github/workflows/ci-Dockerfile.yml
@@ -0,0 +1,91 @@
+name: CI (test image build for a PR with a Dockerfile change)
+
+on:
+  pull_request:
+    branches:
+      - "main"
+      - "release-*"
+
+jobs:
+  checks:
+    runs-on: ubuntu-latest
+    outputs:
+      should-test: ${{ steps.check-dockerfile.outputs.should-test }}
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: What files changed?
+        id: changed
+        uses: tj-actions/changed-files@v44
+        with:
+          files: |
+            Dockerfile
+
+      - name: Check if the `Dockerfile` has been changed in a PR
+        id: check-dockerfile
+        env:
+          IS_PR: ${{ !!github.event.pull_request }}
+          ANY_MODIFIED: ${{ steps.changed.outputs.any_modified }}
+        run: |
+          TEST_IMAGE_BUILD=$(
+            if [[ $IS_PR == true ]] && [[ $ANY_MODIFIED == true ]]; then
+              echo "true"
+            else
+              echo "false"
+            fi
+          )
+
+          echo "is-pr=$IS_PR" >> "$GITHUB_OUTPUT"
+          echo "changed=${ANY_MODIFIED:-false}" >> "$GITHUB_OUTPUT"
+          echo "should-test=$TEST_IMAGE_BUILD" >> "$GITHUB_OUTPUT"
+
+      - name: Summarize findings
+        run: |
+          cat >> "$GITHUB_STEP_SUMMARY" <<EOF
+          ## Findings
+          PR triggered? \`${{ steps.check-dockerfile.outputs.is-pr }}\`
+          PR includes a Dockerfile change? \`${{ steps.check-dockerfile.outputs.changed }}\`
+          Should the image build be tested? \`${{ steps.check-dockerfile.outputs.should-test }}\`
+          EOF
+
+  #
+  # Based on:
+  #   - image-build.yaml
+  #   - konveyor/release-tools/.github/workflows/build-push-images.yaml@main
+  #
+  # Only test the image build, no push to quay is required.
+  #
+  test-image-build:
+    runs-on: ubuntu-latest
+    needs: checks
+    if: ${{ needs.checks.outputs.should-test == 'true' }}
+
+    strategy:
+      fail-fast: true
+      matrix:
+        architecture:
+          - amd64
+          - arm64
+
+    steps:
+      - name: Checkout merge commit for PR${{ github.event.pull_request.number }}
+        uses: actions/checkout@v4
+
+      - name: Setup QEMU to be able to build on platform ${{ matrix.architecture }}
+        if: ${{ matrix.architecture != 'amd64' }}
+        uses: docker/setup-qemu-action@master
+        with:
+          platforms: ${{ matrix.architecture }}
+
+      - name: Test build image on ${{ matrix.architecture }}
+        id: test-build
+        uses: redhat-actions/buildah-build@main
+        with:
+          image: "tackle2-ui"
+          tags: pr${{ github.event.pull_request.number }}-${{ matrix.architecture }}
+          extra-args: "--no-cache --rm --ulimit nofile=4096:4096"
+          archs: ${{ matrix.architecture }}
+          labels: ""
+          containerfiles: "./Dockerfile"
+          context: "."
diff --git a/.github/workflows/ci-repo.yml b/.github/workflows/ci-repo.yml
@@ -17,10 +17,11 @@ on:
   workflow_dispatch:
 
 jobs:
-  unit-test-lookup-image:
+  unit-test-lookups:
     runs-on: ubuntu-latest
     outputs:
       builder-image: ${{ steps.grepBuilder.outputs.builder }}
+
     steps:
       - uses: actions/checkout@v4
 
@@ -33,10 +34,10 @@ jobs:
 
   unit-test:
     runs-on: ubuntu-latest
-    needs: unit-test-lookup-image
+    needs: unit-test-lookups
 
     # Use the same container as the Dockerfile's "FROM * as builder"
-    container: ${{ needs.unit-test-lookup-image.outputs.builder-image }}
+    container: ${{ needs.unit-test-lookups.outputs.builder-image }}
 
     steps:
       - uses: actions/checkout@v4
