search

docker / build-push-action

GitHub Action to build and push Docker images with Buildx
https://github.com/marketplace/actions/build-and-push-docker-images
Apache License 2.0
4.28k stars 548 forks source link

Shared build cache across branches #862

Closed LukeAI closed 1 year ago

LukeAI commented 1 year ago

Hi! I have a large multistage docker build, invoked as below. based on this discussion https://github.com/docker/build-push-action/issues/286 It successfully caches and reuses the different layers as needed - typically the last stage will rerun because of slightly different dependencies defined in the codebase. BUT the build cache is not shared across branches - so the container has to be built from scratch for every new PR which is expensive in terms of time, things it has to download etc.

Is it possible to have the multistage build cache shared across all branches in a repo ? 

      - name: Build docker image
        uses: docker/build-push-action@v4
        with:
          context: .
          builder: ${{ steps.buildx.outputs.name }}
          push: false
          tags: aios-tests
          load: true
          target: aios
          cache-from: |
            type=gha,scope=system-base-nogpu
            type=gha,scope=aios-base
            type=gha,scope=cas-base
            type=gha,scope=spss-base
            type=gha,scope=apm-base
            type=gha,scope=aios-devel
            type=gha,scope=aios-minimal
            type=gha,scope=aios-rosdeps
            type=gha,scope=aios
          cache-to: |
            type=gha,scope=aios
          build-args: |
            "HOST_USER=${{ env.USERNAME }}"
            "HOST_UID=${{ env.UID }}"
            "HOST_GID=${{ env.GID }}"
            "WORKING_DIR=$PWD"
            "PROJECT=${{ env.PROJECT }}"
            "DEVEL=minimal"
crazy-max commented 1 year ago

Is it possible to have the multistage build cache shared across all branches in a repo ?

Don't think so across all branches, there are restrictions with GitHub Cache access: https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#restrictions-for-accessing-a-cache.

for every new PR which is expensive in terms of time, things it has to download etc.

If PR has the base branch with cache populated it should work. Per GitHub docs:

If a workflow run is triggered for a pull request, it can also restore caches created in the base branch, including base branches of forked repositories. For example, if the branch feature-b has the base branch feature-a, a workflow run triggered on a pull request would have access to caches created in the default main branch, the base feature-a branch, and the current feature-b branch.

You can check the GitHub cache scopes in your logs (see GitHub Actions runtime token ACs group). For example this PR https://github.com/docker/build-push-action/pull/830 has the following access: https://github.com/docker/build-push-action/actions/runs/4729816108/jobs/8392750430?pr=830#step:6:19

GitHub Actions runtime token ACs
  refs/pull/830/merge: read/write
  refs/heads/master: read

And as you can see can read cache from its base branch:

image

sschuberth commented 1 year ago

Don't think so across all branches, there are restrictions with GitHub Cache access

What about using GitHub's container registry as a cache instead? Then sharing across branch should work, or?