From 6f24fa20557b126ebdd9720a6036d58b4d39557f Mon Sep 17 00:00:00 2001
From: Max Golionko <8kirk8@gmail.com>
Date: Mon, 6 Feb 2023 21:12:16 -0500
Subject: [PATCH] CI: speedup build by 2.4x. restore nightly build (#3772)

* setup docker buildx
* add snyk integration
* add go cache for docker build
* cancel redundant job if there is new commit into same PR or branch
---
 .github/workflows/codeql-analysis-js.yml |  4 ++++
 .github/workflows/codeql-analysis.yml    |  4 ++++
 .github/workflows/main.yml               | 10 ++++++++
 .github/workflows/nightly-build.yml      | 29 ++++++++++++++++--------
 deployment/docker/builder/Dockerfile     |  2 +-
 5 files changed, 38 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/codeql-analysis-js.yml b/.github/workflows/codeql-analysis-js.yml
index 072034159f..cfb6931793 100644
--- a/.github/workflows/codeql-analysis-js.yml
+++ b/.github/workflows/codeql-analysis-js.yml
@@ -13,6 +13,10 @@ on:
   schedule:
     - cron: "30 18 * * 2"
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+  
 jobs:
   analyze:
     name: Analyze
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 94e9f3c484..8ecc3067c4 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -30,6 +30,10 @@ on:
   schedule:
     - cron: "30 18 * * 2"
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
 jobs:
   analyze:
     name: Analyze
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 0135ab4eee..b99f4dc8d7 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -17,6 +17,10 @@ on:
 permissions:
   contents: read
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
 jobs:
   lint:
     name: lint
@@ -74,12 +78,18 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Setup Go
+        id: go
         uses: actions/setup-go@v3
         with:
           go-version: 1.19.5
           check-latest: true
           cache: true
 
+      - uses: actions/cache@v3
+        with:
+          path: gocache-for-docker
+          key:  gocache-docker-${{ runner.os }}-${{ steps.go.outputs.go-version }}-${{ hashFiles('go.mod') }}
+
       - name: Build
         run: |
           make victoria-metrics-crossbuild
diff --git a/.github/workflows/nightly-build.yml b/.github/workflows/nightly-build.yml
index 310a6b3ec4..81ff42ac59 100644
--- a/.github/workflows/nightly-build.yml
+++ b/.github/workflows/nightly-build.yml
@@ -12,28 +12,37 @@ jobs:
     name: Build
     runs-on: ubuntu-latest
     steps:
-      -
-        name: Login to Docker Hub
+      - name: Login to Docker Hub
         uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      -
-        name: Setup Go
+      - name: Setup Go
         uses: actions/setup-go@main
         with:
           go-version: 1.19.5
         id: go
-      -
-        name: Setup docker scan
+
+      - name: Setup docker scan
         run: |
           mkdir -p ~/.docker/cli-plugins && \
           curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
           chmod +x ~/.docker/cli-plugins/docker-scan
-      -
-        name: Code checkout
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      
+      - name: Code checkout
         uses: actions/checkout@master
-      -
-        name: Publish
+
+      - uses: actions/cache@v3
+        with:
+          path: gocache-for-docker
+          key: gocache-docker-${{ runner.os }}-${{ steps.go.outputs.go-version }}-${{ hashFiles('go.mod') }}
+
+      - name: build & publish
         run: |
+          docker scan --login --token "$SNYK_TOKEN" --accept-license
           LATEST_TAG=nightly PKG_TAG=nightly make publish
+        env: 
+          SNYK_TOKEN: ${{ secrets.SNYK_AUTH_TOKEN }}
diff --git a/deployment/docker/builder/Dockerfile b/deployment/docker/builder/Dockerfile
index e182951332..0efb33b914 100644
--- a/deployment/docker/builder/Dockerfile
+++ b/deployment/docker/builder/Dockerfile
@@ -3,7 +3,7 @@ FROM $go_builder_image
 STOPSIGNAL SIGINT
 RUN apk add git gcc musl-dev make wget --no-cache && \
     mkdir /opt/cross-builder && \
-    wget https://musl.cc/aarch64-linux-musl-cross.tgz -O /opt/cross-builder/aarch64-musl.tgz && \
+    wget https://musl.cc/aarch64-linux-musl-cross.tgz -O /opt/cross-builder/aarch64-musl.tgz --no-verbose && \
     cd /opt/cross-builder && \
     tar zxf aarch64-musl.tgz -C ./  && \
     rm /opt/cross-builder/aarch64-musl.tgz