CI: speedup build by 2.4x. restore nightly build (#3772)

* setup docker buildx * add snyk integration * add go cache for docker build * cancel redundant job if there is new commit into same PR or branch
2024-11-21 14:44:00 +00:00 · 2023-02-06 21:12:16 -05:00 · 2023-02-06 21:12:16 -05:00 · 6f24fa2055
commit 6f24fa2055
parent 977c642934
5 changed files with 38 additions and 11 deletions
--- a/.github/workflows/codeql-analysis-js.yml
+++ b/.github/workflows/codeql-analysis-js.yml
@ -13,6 +13,10 @@ on:
  schedule:
    - cron: "30 18 * * 2"

+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+  
 jobs:
  analyze:
    name: Analyze
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -30,6 +30,10 @@ on:
  schedule:
    - cron: "30 18 * * 2"

+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
 jobs:
  analyze:
    name: Analyze
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -17,6 +17,10 @@ on:
 permissions:
  contents: read

+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
 jobs:
  lint:
    name: lint
@ -74,12 +78,18 @@ jobs:
        uses: actions/checkout@v3

      - name: Setup Go
+        id: go
        uses: actions/setup-go@v3
        with:
          go-version: 1.19.5
          check-latest: true
          cache: true

+      - uses: actions/cache@v3
+        with:
+          path: gocache-for-docker
+          key:  gocache-docker-${{ runner.os }}-${{ steps.go.outputs.go-version }}-${{ hashFiles('go.mod') }}
+
      - name: Build
        run: |
          make victoria-metrics-crossbuild
--- a/.github/workflows/nightly-build.yml
+++ b/.github/workflows/nightly-build.yml
@ -12,28 +12,37 @@ jobs:
    name: Build
    runs-on: ubuntu-latest
    steps:
-      -
-        name: Login to Docker Hub
+      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      -
-        name: Setup Go
+      - name: Setup Go
        uses: actions/setup-go@main
        with:
          go-version: 1.19.5
        id: go
-      -
-        name: Setup docker scan
+
+      - name: Setup docker scan
        run: |
          mkdir -p ~/.docker/cli-plugins && \
          curl https://github.com/docker/scan-cli-plugin/releases/latest/download/docker-scan_linux_amd64 -L -s -S -o ~/.docker/cli-plugins/docker-scan &&\
          chmod +x ~/.docker/cli-plugins/docker-scan
-      -
-        name: Code checkout
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      
+      - name: Code checkout
        uses: actions/checkout@master
-      -
-        name: Publish
+
+      - uses: actions/cache@v3
+        with:
+          path: gocache-for-docker
+          key: gocache-docker-${{ runner.os }}-${{ steps.go.outputs.go-version }}-${{ hashFiles('go.mod') }}
+
+      - name: build & publish
        run: |
+          docker scan --login --token "$SNYK_TOKEN" --accept-license
          LATEST_TAG=nightly PKG_TAG=nightly make publish
+        env: 
+          SNYK_TOKEN: ${{ secrets.SNYK_AUTH_TOKEN }}
--- a/deployment/docker/builder/Dockerfile
+++ b/deployment/docker/builder/Dockerfile
@ -3,7 +3,7 @@ FROM $go_builder_image
 STOPSIGNAL SIGINT
 RUN apk add git gcc musl-dev make wget --no-cache && \
    mkdir /opt/cross-builder && \
-    wget https://musl.cc/aarch64-linux-musl-cross.tgz -O /opt/cross-builder/aarch64-musl.tgz && \
+    wget https://musl.cc/aarch64-linux-musl-cross.tgz -O /opt/cross-builder/aarch64-musl.tgz --no-verbose && \
    cd /opt/cross-builder && \
    tar zxf aarch64-musl.tgz -C ./  && \
    rm /opt/cross-builder/aarch64-musl.tgz