Closed Yongci closed 7 months ago
Can you show the full workflow? Seems you're using a self-hosted if BuildKit state is retained on the runner right?
Whenever I change the code, it still uses the cache file to build the image, and the changed code never takes effect?
Are you sure these changes affects your context though? What is the value of ${{ inputs.DOCKERFILE }}
? Would need full workflow logs to understand how it affects your build.
If you can create a simple repro on a public repository that would be ideal. Thanks.
${{ inputs.DOCKERFILE }} = "."
Full workflow YAML:
name: maven-compile
on:
workflow_call:
inputs:
REPOSITORY:
required: true
type: string
description: "Your code repository URL."
REPOSITORY_REF:
required: false
type: string
description: "Your repository branch or tag or SHA string."
JDK_VERSION:
required: true
type: string
default: "8"
description: "Select JDK version."
UNIT_TEST:
required: false
type: string
default: 'false'
description: "If your want to run the unit test."
UNIT_TEST_SCRIPT:
required: false
type: string
default: "npm run test"
description: "Setup your unit test script name or path."
APP_NAME:
required: true
type: string
description: "Your application name."
DOCKERFILE:
required: false
type: string
default: "."
description: "Your Dockerfile path."
PROJECT:
required: false
type: string
default: "hubkube"
description: "You want push to which container registry folder."
BUILD_SCRIPT:
required: false
type: string
default: "./compile.sh"
description: "Your build script path."
SONARQUBE:
required: false
type: string
default: 'false'
description: "If your want to run the SonarQube scan."
CONTAINER_IMAGE_SCAN:
required: false
type: string
default: 'false'
description: "If your want to run the container image scan."
SRC_DIR:
required: true
type: string
description: "Your repository src folder path."
secrets:
PLATFORM_GITHUBBOT_TOKEN:
required: true
description: "Platform team GitHub bot service account token."
PLATFORM_ACR_SECRET:
required: true
description: "Platform team Azure Container Registry password."
SONAR_TOKEN:
required: false
description: "Your SonarQube token."
SONAR_HOST_URL:
required: false
description: "Your SonarQube URL."
SONAR_ROOT_CERT:
required: false
description: "Your SonarQube root certificate."
jobs:
Compile:
env:
CONTAINER_REGISTRY: "xxxxxxx.azurecr.io"
CONTAINER_REGISTRY_PROJECT: ${{ inputs.PROJECT }}
runs-on:
labels:
- "Linux"
- "X64"
- "Ubuntu"
- "self-hosted"
group: "ITCOLO-Platform-Runners"
steps:
- name: "Checkout to your repository branch"
uses: actions/checkout@v3
with:
github-server-url: "https://xxxxxx.com"
repository: ${{ inputs.REPOSITORY }}
ref: ${{ inputs.REPOSITORY_REF }}
token: ${{ secrets.PLATFORM_GITHUBBOT_TOKEN }}
- name: "Set up QEMU VMs"
uses: docker/setup-qemu-action@v2
- name: "Set up the Docker Buildx tool"
uses: docker/setup-buildx-action@v2
with:
platforms: linux/amd64
driver-opts: network=host
- name: "Log into registry ${{ env.CONTAINER_REGISTRY }}"
uses: docker/login-action@v2
with:
registry: ${{ env.CONTAINER_REGISTRY }}
username: ${{ vars.PLATFORM_ACR_USERNAME }}
password: ${{ secrets.PLATFORM_ACR_SECRET }}
- name: "Extract container metadata"
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.CONTAINER_REGISTRY }}/${{ env.CONTAINER_REGISTRY_PROJECT }}/${{ inputs.APP_NAME }}
- name: "List files and clean up the builder cache"
run: |
ls -lah && \
docker builder prune -f
- name: "Build and push container image"
id: build-and-push
uses: docker/build-push-action@v4
with:
context: ${{ inputs.DOCKERFILE }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: "Sign the published container image"
id: sign-image-tag
env:
TAGS: ${{ steps.meta.outputs.tags }}
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: |
#echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
echo "IMAGE_TAGS_DIGEST=${TAGS}@${DIGEST}" | tee >> $GITHUB_OUTPUT
Ok so you're using a self-hosted runner, in this case BuildKit state persists.
COPY --from=build-stage
is not pruned as it's most likely a shared layer because it was exported (as an image). For such case you need to use docker builder prune --all
. You can also check current disk usage with docker buildx du
and docker buildx du --verbose
if you want more info. See https://github.com/docker/buildx/blob/master/docs/reference/buildx_du.md
I'm not sure why you want to prune your builder for each run though. It's more like an administrative task and should not be part of your workflow imo.
Contributing guidelines
I've found a bug, and:
Description
Whenever I change the code, it still uses the cache file to build the image, and the changed code never takes effect? Does anyone know how to solve it?
Expected behaviour
we don't need the build cache
Actual behaviour
Those cache files are hit on every build, weird
Repository URL
No response
Workflow run URL
No response
YAML workflow
Workflow logs
No response
BuildKit logs
No response
Additional info
No response