Build and push kmake image to AWS ECR #113
Conversation
quic-viskuma
force-pushed
the
main
branch
2 times, most recently
from
3bc4a47 to
2a0dbde
Compare
hasiburr-qti
left a comment
hasiburr-qti
left a comment
There was a problem hiding this comment.
Suggestion:
We could significantly improve the safety and flexibility of this workflow by adding an optional input like kmake-image-pr-number.
If provided, the workflow would build the image from the PR’s head ref (using actions/checkout with ref:); if not, it would default to main.
This Enables testing Docker images from PRs before merge, without committing to main.
Avoids unnecessary prod image rebuilds and rollbacks when issues are caught late.
Keeps the existing flow unchanged for standard prod builds (opt‑in behavior only).
Aligns well with GitHub Actions’ native PR ref support and common CI best practices.
This would give us a clean pre‑merge validation path for image changes while keeping the prod workflow stable and simple. Having in mind that there won't be frequent changes to kmake-image repo but still this looks a robust way.
| - name: Checkout repository | ||
| run: | | ||
| git clone "$GIT_REPO_URL" repo | ||
| cd repo |
There was a problem hiding this comment.
| - name: Checkout repository | |
| run: | | |
| git clone "$GIT_REPO_URL" repo | |
| cd repo | |
| - name: Checkout repository | |
| uses: actions/checkout@v5 | |
| with: | |
| repository: qualcomm-linux/kmake-image | |
| fetch-depth: 0 | |
| ref: <can depend> |
There was a problem hiding this comment.
cd into repo dir won't persist on next steps, better to use checkout action
| --repository-name "$TECH_TEAM_NAMESPACE/$IMAGE_NAME" \ | ||
| --tags Key=environment,Value="$ENVIRONMENT_VALUE" |
There was a problem hiding this comment.
$TECH_TEAM_NAMESPACE, $IMAGE_NAME, and $ENVIRONMENT_VALUE.
These are not defined in the github environment, but accessed directly without ${{ inputs.<VAR_NAME>}} so the ECR check/create step will fail.
There was a problem hiding this comment.
already parsed the inputs in first step
|
|
||
| - name: Push Docker image to ECR | ||
| run: | | ||
| docker push "$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$IMAGE_REF" |
There was a problem hiding this comment.
we can create a github step summary pointing out the job status. (optional)
| - name: Build Docker image | ||
| working-directory: repo | ||
| run: | | ||
| docker build -f "$DOCKERFILE_PATH" \ |
There was a problem hiding this comment.
Better to specify these labels to image as these are a part of input:
--label "org.opencontainers.image.source=$GIT_REPO_URL" \
--label "org.opencontainers.image.revision=${CHECKOUT_REF}" \ (if we are going with the checkout specific ref based approach)
This change adds a workflow to build the kmake Docker image and push it to AWS Elastic Container Registry (ECR). The image will be available for use in pre-merge Docker pulls, ensuring consistent environments during testing and integration. Signed-off-by: Vishal Kumar <viskuma@qti.qualcomm.com>
2 participants
This change adds a workflow to build the kmake Docker image and push it to AWS Elastic Container Registry (ECR). The image will be available for use in pre-merge Docker pulls, ensuring consistent environments during testing and integration.