Skip to content

Handle case where the sniffer could fail to start if the metrics port was taken by another process on the same node, due to hostNetwork #1225

Handle case where the sniffer could fail to start if the metrics port was taken by another process on the same node, due to hostNetwork

Handle case where the sniffer could fail to start if the metrics port was taken by another process on the same node, due to hostNetwork #1225

Workflow file for this run

name: Build
concurrency:
group: "${{ github.repository }}${{ github.ref }}"
cancel-in-progress: true
on:
pull_request:
types:
- opened
- synchronize
push:
branches:
- main
- develop
env:
REGISTRY: us-central1-docker.pkg.dev/main-383408/otterize
jobs:
build:
if: (github.event_name == 'push' && github.repository == 'otterize/network-mapper') || github.event.pull_request.head.repo.full_name == 'otterize/network-mapper'
name: Build
runs-on: ubuntu-latest
outputs:
registry: ${{ steps.registry.outputs.registry }} # workaround since env is not available outside of steps, i.e. in calling external workflows like we later do in e2e-test
strategy:
matrix:
service:
- mapper
- sniffer
- kafka-watcher
steps:
- id: registry
run: echo "registry=${{ env.REGISTRY }}" >> "$GITHUB_OUTPUT"
- name: Checkout
uses: actions/checkout@v2
with:
submodules: recursive
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
with:
driver-opts: network=host
- name: Login to GCR
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: _json_key_base64
password: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON }}
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: otterize
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Test & Build production image
uses: docker/build-push-action@v2
with:
context: src/
file: build/${{ matrix.service }}.Dockerfile
tags: ${{ env.REGISTRY }}/${{ matrix.service }}:${{ github.sha }}
push: true
network: host
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
"VERSION=0.0.${{ github.run_id }}"
build-iamlive:
name: Build (IAMLive)
runs-on: ubuntu-latest
steps:
- name: Checkout IAMLive fork
uses: actions/checkout@v2
with:
repository: otterize/iamlive
path: iamlive
ref: main
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@master
with:
driver-opts: network=host
- name: Login to GCR
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: _json_key_base64
password: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON }}
- name: Test & Build production image
uses: docker/build-push-action@v2
with:
context: iamlive/
file: iamlive/Dockerfile
tags: ${{ env.REGISTRY }}/iamlive:${{ github.sha }}
push: true
network: host
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
"VERSION=0.0.${{ github.run_id }}"
e2e-test:
uses: ./.github/workflows/e2e-test.yaml
name: Trigger e2e tests
# Must pass the secrets as the called workflow does not have access to the same context
secrets:
B64_GCLOUD_SERVICE_ACCOUNT_JSON: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON }}
with:
registry: ${{ needs.build.outputs.registry }}
mapper-tag: ${{ github.sha }}
sniffer-tag: ${{ github.sha }}
mapper-image: mapper
sniffer-image: sniffer
needs:
- build
tag-latest:
name: Tag latest
if: github.ref == 'refs/heads/main'
needs: e2e-test
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: GCP auth
uses: 'google-github-actions/auth@v1'
with:
credentials_json: ${{ secrets.B64_GCLOUD_SERVICE_ACCOUNT_JSON }}
- name: Set up Cloud SDK
uses: 'google-github-actions/setup-gcloud@v1'
# Push the Docker image to AWS ECR
- name: Tag Images as latest
run: |-
retag_image_as_latest() { if [[ $(gcloud container images add-tag "${{ env.REGISTRY }}/$1:${{ github.sha }}" "${{ env.REGISTRY }}/$1:latest" --quiet) ]]; then echo "Failed tagging $1 as latest"; exit 1; fi } # using --quiet to avoid prompt
retag_image_as_latest mapper
retag_image_as_latest sniffer
retag_image_as_latest kafka-watcher