So, since we updated to build-push-action@v6 we're now getting a nice
summary of the build on the summary page of the action. It pointed out
that we're caching 0% of our docker build. Since we probably change our
own code more often than we change our dependencies, sharing the initial
yarn install step between builds from cache seems to be a good idea.
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[docker/build-push-action](https://togithub.com/docker/build-push-action)
| action | major | `v5` -> `v6` |
---
### Release Notes
<details>
<summary>docker/build-push-action (docker/build-push-action)</summary>
###
[`v6`](https://togithub.com/docker/build-push-action/compare/v5...v6)
[Compare
Source](https://togithub.com/docker/build-push-action/compare/v5...v6)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "after 7pm every weekday,before 5am
every weekday" in timezone Europe/Madrid, Automerge - At any time (no
schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/Unleash/unleash).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjQyMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Relying on tags to trigger workflows makes it hard to trace what's
happening after a release, currently:
1. We manually trigger a release workflow
2. The release workflow executes and tags the new release in code
3. Several other workflows trigger after matching the tag doing
different things: build docker images, tarballs and other things.
This creates a loose dependency between the workflows which are actually
part of the same "release workflow" which makes it difficult to spot
when one or other dependent workflow fails because the dependency is
indirect through the tagging mechanism.
This PR switches to a more direct approach using [workflow
calls](https://docs.github.com/en/actions/using-workflows/reusing-workflows).
This will create a graph as shown in the following graph:
![](https://docs.github.com/assets/cb-34427/mw-1440/images/help/actions/reusable-workflows-ci-cd.webp)
making it easier to track and identify any problem.
The "drawback" of this approach is that previously we could trigger all
dependent workflows at once by creating a tag matching the expected
pattern without manually triggering a new release. This limitation can
be overcome by adding a manual workflow_dispatch to the workflows using
the tag trigger.
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [docker/metadata-action](https://togithub.com/docker/metadata-action)
| action | major | `v4` -> `v5` |
---
### Release Notes
<details>
<summary>docker/metadata-action (docker/metadata-action)</summary>
### [`v5`](https://togithub.com/docker/metadata-action/compare/v4...v5)
[Compare
Source](https://togithub.com/docker/metadata-action/compare/v4...v5)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "after 7pm every weekday,before 5am
every weekday" in timezone Europe/Madrid, Automerge - At any time (no
schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/Unleash/unleash).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjI2MS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [docker/login-action](https://togithub.com/docker/login-action) |
action | major | `v2` -> `v3` |
---
### Release Notes
<details>
<summary>docker/login-action (docker/login-action)</summary>
### [`v3`](https://togithub.com/docker/login-action/compare/v2...v3)
[Compare
Source](https://togithub.com/docker/login-action/compare/v2...v3)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "after 7pm every weekday,before 5am
every weekday" in timezone Europe/Madrid, Automerge - At any time (no
schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/Unleash/unleash).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjI2MS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[docker/build-push-action](https://togithub.com/docker/build-push-action)
| action | major | `v4` -> `v5` |
---
### Release Notes
<details>
<summary>docker/build-push-action (docker/build-push-action)</summary>
###
[`v5`](https://togithub.com/docker/build-push-action/compare/v4...v5)
[Compare
Source](https://togithub.com/docker/build-push-action/compare/v4...v5)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "after 7pm every weekday,before 5am
every weekday" in timezone Europe/Madrid, Automerge - At any time (no
schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/Unleash/unleash).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjI2MS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
We're getting security advisories against the node version we're using.
This PR bumps everything to 18.18.2/18.x again. And we'll trust our
excellent monitoring on detecting performance regressions again
We are pinning node to version 18.17.1 as we have seen some performance
degregation on node 18.18.0 on arm64. We will investigate this further
at a later point. This is to mitigate the issue.
Our next step in pinpointing the issue will be to compare between
running on musl vs libc on arm64.
### What
To reduce the work needed, this PR adds paths-ignore to avoid building
unnecessary workflows.
Co-authored-by: Gastón Fournier <gaston@getunleash.io>
## About the changes
Reduce the build time of OSS docker image from
[~30m](https://github.com/Unleash/unleash/actions/workflows/docker_publish.yaml)
to [under
15m](https://github.com/Unleash/unleash/actions/runs/5222180536/jobs/9427342758)
1. Build frontend outside docker multiplatform.
2. Allow `frontend/build` to be copied to the image by removing this
from `.dockerignore`
3. Run with `--ignore-scripts` to avoid building the frontend on the
`prepare` script, but this requires us to run all the prepare scripts
manually (except the frontend build).
**Note:** we need to build frontend in the `prepare` script to be able
to have source code dependencies
## Manual Testing
Manually downloaded from
https://hub.docker.com/r/unleashorg/unleash-server/tags?page=1 and
compared both `unleash` folders from main and the version built with the
new process
https://github.com/Unleash/unleash/actions/runs/5223078089/jobs/9429430190#step:5:48
![Screenshot from 2023-06-10
21-11-33](https://github.com/Unleash/unleash/assets/455064/60a41739-904d-480d-8d80-bf17b7a70432)
No major difference was spotted (only expected changes due to
development done in main)
**Command used to extract the contents:**
```
cd /tmp
mkdir main && cd main
docker pull unleashorg/unleash-server:main-edge-18-alpine
docker export $(docker create unleashorg/unleash-server:main-edge-18-alpine) > container.tar && tar xvf container.tar
mkdir ../new-process && cd ../new-process
docker pull unleashorg/unleash-server:sha-ccac902-18-alpine
docker export $(docker create unleashorg/unleash-server:sha-ccac902-18-alpine) > container.tar && tar xvf container.tar
meld ./unleash ../main/unleash
```