feat(docker): push dragonfly image to gcp artifact registry (#4716)

* feat(docker): push dragonfly image to gcp aritfact registry --------- Signed-off-by: Abhradeep Chakraborty <abhradeep@dragonflydb.io>
2025-05-11 18:35:46 +02:00 · 2025-03-25 14:20:01 +05:30 · 2025-03-25 14:20:01 +05:30 · 30ce734cd2
commit 30ce734cd2
parent 2a3a1567b9
3 changed files with 125 additions and 64 deletions
--- a/.github/actions/multi-registry-docker-login/action.yml
+++ b/.github/actions/multi-registry-docker-login/action.yml
@ -0,0 +1,26 @@
+name: 'Multi-Registry Docker Login'
+description: 'Authenticate with both GHCR and Google Artifact Registry'
+inputs:
+  GITHUB_TOKEN:
+    description: 'GitHub token for GHCR'
+    required: true
+  GCP_SA_KEY:
+    description: 'Google Service Account JSON key'
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Login to GHCR
+      uses: docker/login-action@v3
+      with:
+        registry: ghcr.io
+        username: ${{ github.repository_owner }}
+        password: ${{ inputs.GITHUB_TOKEN }}
+
+    - name: Login to Google Artifact Registry
+      uses: docker/login-action@v3
+      with:
+        registry: us-central1-docker.pkg.dev
+        username: _json_key
+        password: ${{ inputs.GCP_SA_KEY }}
--- a/.github/workflows/docker-dev-release.yml
+++ b/.github/workflows/docker-dev-release.yml
@ -5,13 +5,13 @@ on:
    - cron: '15 0 * * *'
  workflow_dispatch:

-
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true

 env:
  image: ghcr.io/dragonflydb/dragonfly-dev
+  GCS_IMAGE: us-central1-docker.pkg.dev/dragonflydb-public/dragonfly-registry/dragonfly-dev

 jobs:
  build_and_tag:
@ -36,14 +36,16 @@ jobs:
        with:
          fetch-depth: 1
          submodules: true
+
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
+
+      - name: Login to Registries
+        uses: ./.github/actions/multi-registry-docker-login
        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
+
      - name: Get Build Information
        id: build_info
        run: |
@ -55,8 +57,9 @@ jobs:
        with:
          images: |
            ${{ env.image }}
+            ${{ env.GCS_IMAGE }}
          tags: |
-            type=sha,enable=true,prefix=${{ matrix.flavor}}-,suffix=-${{ matrix.os.arch }},format=short            
+            type=sha,enable=true,prefix=${{ matrix.flavor}}-,suffix=-${{ matrix.os.arch }},format=short
          labels: |
            org.opencontainers.image.vendor=DragonflyDB LTD
            org.opencontainers.image.title=Dragonfly Development Image
@ -77,25 +80,23 @@ jobs:
          load: true  # Load the build images into the local docker.
      - name: Test Image
        run: |
-          image_tag=${{ steps.metadata.outputs.tags }}
          echo ${{ steps.build.outputs.digest }}
-          image_digest=${{ env.image }}@${{ steps.build.outputs.digest }}
-          
+          image_tags=(${{ steps.metadata.outputs.tags }})
+
          # install redis-tools
          sudo apt-get install redis-tools -y
-          
-          docker image inspect ${image_tag}
-          echo "Testing ${{ matrix.flavor }} image"

-          # docker run with port-forwarding
-          docker run -d -p 6379:6379 ${image_tag}
-          sleep 5
-          if [[ $(redis-cli -h localhost ping) != "PONG" ]]; then
-            echo "Redis ping failed"
-            exit 1
-          fi
-          echo "Redis ping succeeded"
-          exit 0
+          for image_tag in "${image_tags[@]}"; do
+            echo "Testing image: ${image_tag}"
+            docker image inspect ${image_tag}
+            echo "Testing ${{ matrix.flavor }} image"
+
+            # docker run with port-forwarding
+            docker run -d -p 6379:6379 ${image_tag}
+            sleep 5
+            redis-cli -h localhost ping | grep -q "PONG" || exit 1
+            docker stop $(docker ps -q --filter ancestor=${image_tag})
+          done

    outputs:
      # matrix jobs outputs override each other, but we use the same sha
@ -109,23 +110,36 @@ jobs:
      matrix:
        flavor: [alpine,ubuntu]
    steps:
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
+      - name: checkout
+        uses: actions/checkout@v4
+
+      - name: Login to Registries
+        uses: ./.github/actions/multi-registry-docker-login
        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
+
      - name: Merge and Push
        run: |
-            flavor_tag=${{ env.image }}:${{matrix.flavor}}
-            sha_tag=${flavor_tag}-${{ needs.build_and_tag.outputs.sha }}
-            
-            # Create and push the manifest like dragonfly-dev:alpine-<sha>
-            docker manifest create ${sha_tag} --amend ${sha_tag}-amd64 --amend ${sha_tag}-arm64
-            docker manifest push ${sha_tag}
+            # Function to create and push manifests for a given registry
+            create_and_push_manifests() {
+              local registry=$1
+              local flavor=$2
+              local sha=$3

-            # Create and push the manifest like dragonfly-dev:alpine
-            docker manifest create ${flavor_tag} --amend ${sha_tag}-amd64 --amend ${sha_tag}-arm64
-            docker manifest push ${flavor_tag}
-            
+              # Create and push the manifest like dragonfly-dev:alpine-<sha>
+              local sha_tag="${registry}:${flavor}-${sha}"
+              docker manifest create ${sha_tag} --amend ${sha_tag}-amd64 --amend ${sha_tag}-arm64
+              docker manifest push ${sha_tag}
+
+              # Create and push the manifest like dragonfly-dev:alpine
+              local flavor_tag="${registry}:${flavor}"
+              docker manifest create ${flavor_tag} --amend ${sha_tag}-amd64 --amend ${sha_tag}-arm64
+              docker manifest push ${flavor_tag}
+            }
+
+            # GitHub Container Registry manifests
+            create_and_push_manifests "${{ env.image }}" "${{ matrix.flavor }}" "${{ needs.build_and_tag.outputs.sha }}"
+
+            # Google Artifact Registry manifests
+            create_and_push_manifests "${{ env.GCS_IMAGE }}" "${{ matrix.flavor }}" "${{ needs.build_and_tag.outputs.sha }}"
--- a/.github/workflows/docker-release2.yml
+++ b/.github/workflows/docker-release2.yml
@ -22,6 +22,7 @@ env:
  TAG_NAME: ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }}
  IS_PRERELEASE: ${{ github.event.release.prerelease || github.event.inputs.PRERELEASE }}
  IMAGE: ghcr.io/dragonflydb/dragonfly
+  GCS_IMAGE: us-central1-docker.pkg.dev/dragonflydb-public/dragonfly-registry/dragonfly

 jobs:
  build_and_tag:
@ -49,12 +50,12 @@ jobs:
          submodules: true
      - name: Set up Docker Build
        uses: docker/setup-buildx-action@v3
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
+
+      - name: Login to Registries
+        uses: ./.github/actions/multi-registry-docker-login
        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}

      - name: Fetch release asset
        uses: dsaltares/fetch-gh-release-asset@1.1.2
@ -80,6 +81,7 @@ jobs:
        with:
          images: |
            ${{ env.IMAGE }}
+            ${{ env.GCS_IMAGE }}
          flavor: |
            latest=false
            prefix=${{ matrix.flavor}}-
@ -129,35 +131,54 @@ jobs:
      matrix:
        flavor: [ubuntu]
    steps:
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
+      - name: checkout
+        uses: actions/checkout@v4
+
+      - name: Login to Registries
+        uses: ./.github/actions/multi-registry-docker-login
        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}

      - name: Merge and Push
        run: |
-            sha_amd=${{ env.IMAGE }}@${{ needs.build_and_tag.outputs.sha_amd }}
-            sha_arm=${{ env.IMAGE }}@${{ needs.build_and_tag.outputs.sha_arm }}
-            echo "shas: $sha_amd $sha_arm"
+            # Function to create and push manifests for a given registry
+            create_and_push_manifests() {
+              local registry=$1
+              local sha_amd=$2
+              local sha_arm=$3
+              local flavor=$4
+              local tag_name=$5
+              local is_prerelease=$6

-            if [[ "${{ env.IS_PRERELEASE }}" == 'true' ]]; then
-              # Create and push the manifest like dragonfly:alpha-ubuntu
-              tag="${{ env.IMAGE }}:alpha-${{ matrix.flavor }}"
+              if [[ "$is_prerelease" == 'true' ]]; then
+                # Create and push the manifest like dragonfly:alpha-ubuntu
+                tag="${registry}:alpha-${flavor}"
+                docker manifest create ${tag} --amend ${sha_amd} --amend ${sha_arm}
+                docker manifest push ${tag}
+              elif [[ "$flavor" == 'ubuntu' ]]; then
+                tag="${registry}:latest"
+                # Create and push the manifest like dragonfly:latest
+                docker manifest create ${tag} --amend ${sha_amd} --amend ${sha_arm}
+                docker manifest push ${tag}
+              fi
+
+              # Create and push the manifest like dragonfly:v1.26.4
+              tag="${registry}:${tag_name}"
              docker manifest create ${tag} --amend ${sha_amd} --amend ${sha_arm}
              docker manifest push ${tag}
-            elif [[ "${{matrix.flavor}}" == 'ubuntu' ]]; then
-              tag="${{ env.IMAGE }}:latest"
-              # Create and push the manifest like dragonfly:latest
-              docker manifest create ${tag} --amend ${sha_amd} --amend ${sha_arm}
-              docker manifest push ${tag}
-            fi
+            }
+
+            # GitHub Container Registry manifests
+            ghcr_sha_amd=${{ env.IMAGE }}@${{ needs.build_and_tag.outputs.sha_amd }}
+            ghcr_sha_arm=${{ env.IMAGE }}@${{ needs.build_and_tag.outputs.sha_arm }}
+            create_and_push_manifests "${{ env.IMAGE }}" "$ghcr_sha_amd" "$ghcr_sha_arm" "${{ matrix.flavor }}" "${{ env.TAG_NAME }}" "${{ env.IS_PRERELEASE }}"
+
+            # Google Artifact Registry manifests
+            gar_sha_amd=${{ env.GCS_IMAGE }}@${{ needs.build_and_tag.outputs.sha_amd }}
+            gar_sha_arm=${{ env.GCS_IMAGE }}@${{ needs.build_and_tag.outputs.sha_arm }}
+            create_and_push_manifests "${{ env.GCS_IMAGE }}" "$gar_sha_amd" "$gar_sha_arm" "${{ matrix.flavor }}" "${{ env.TAG_NAME }}" "${{ env.IS_PRERELEASE }}"

-            # Create and push the manifest like dragonfly:v1.26.4
-            tag=${{ env.IMAGE }}:${{ env.TAG_NAME }}
-            docker manifest create ${tag} --amend ${sha_amd} --amend ${sha_arm}
-            docker manifest push ${tag}
  release_helm_and_notify:
    needs: [merge_manifest]
    runs-on: ubuntu-latest