search

kciter / aws-ecr-action

This Action allows you to create Docker images and push into a ECR repository.
MIT License
146 stars 116 forks source link

perf: build and deploy action image to gcr #18

Closed codfish closed 3 years ago

codfish commented 3 years ago

Love the action and use it very heavily at work! Thanks so much.

Similar to the request here: https://github.com/kciter/aws-ecr-action/issues/17

Problem: Currently this action takes about 35-40 seconds just to build before it can ever be used. This just adds time to everyones CI/CD workflows unnecessarily.

Solution: This PR builds the action image and publishes to GCR. Downstream consumers/users of the action like myself can then just do:

-  - uses: kciter/aws-ecr-action@master
+  - uses: docker://ghcr.io/kciter/aws-ecr-action:latest

This allows our workflows to simply pull the image instead of building the image ourselves on every run.

‼️ This should drop the time from 35-40s to about 4s.

Action items you need to take for this to work:

  1. Go create a personal access token https://github.com/settings/tokens (GITHUB_TOKEN will not have proper perms for this action)
  2. Give it the proper scope: https://share.getcloudapp.com/2Nuw17BL
  3. Go into the repo's Secrets settings area and create a new secret named GCR_TOKEN and set it to the personal access token you just created. https://github.com/kciter/aws-ecr-action/settings/secrets/actions
  4. That's it!

You can add fanciness in the future to publish different versions and things, but i think this would be a fantastic first step to optimize things greatly!

kciter commented 3 years ago

@codfish Thank you. 😄

codfish commented 3 years ago

@kciter looks like it published which is great, but for some reason looking like it's not public. Should be showing up here https://github.com/kciter?tab=packages. When i test it in my projects it's giving me:

/usr/bin/docker pull ghcr.io/kciter/aws-ecr-action:latest
Error response from daemon: Head https://ghcr.io/v2/kciter/aws-ecr-action/manifests/latest: unauthorized
Warning: Docker pull failed with exit code 1, back off 9.429 seconds before retry.
/usr/bin/docker pull ghcr.io/kciter/aws-ecr-action:latest
Error response from daemon: Head https://ghcr.io/v2/kciter/aws-ecr-action/manifests/latest: unauthorized
Warning: Docker pull failed with exit code 1, back off 2.972 seconds before retry.
/usr/bin/docker pull ghcr.io/kciter/aws-ecr-action:latest
Error response from daemon: Head https://ghcr.io/v2/kciter/aws-ecr-action/manifests/latest: unauthorized

I'll look into it, but just wanted to bring it to your attention in case you might realize why its happening

kciter commented 3 years ago

@codfish Oh, my mistake. It is issue fixed now.

codfish commented 3 years ago

FYI @kciter

There's an issue with GitHub Actions when using default inputs: https://github.com/codfish/docker-action-issue/pull/1

I created a community ticket for this issue: https://github.community/t/when-using-prebuilt-image-uses-docker-inputs-not-explicitly-set-in-with-arent-sent-in-docker-run/174666

Hack to get around this GitHub Actions bug (seemingly): explicitly set the inputs in with to their default values even though it shouldn't be necessary. In this case, specifically add the dockerfile and path params. otherwise the docker build command fails

 - name: Build and push image to ECR
   uses: docker://ghcr.io/kciter/aws-ecr-action:latest
   with:
     access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
     secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
     account_id: ${{ env.AWS_ACCOUNT_ID }}
     region: ${{ env.AWS_REGION }}
     repo: ${{ env.REPO_NAME }}
     create_repo: true
     tags: ${{ env.DOCKER_TAGS }}
+    dockerfile: Dockerfile
+    path: .