From 0dbc37463964e6985910a58008113e4c90eb506d Mon Sep 17 00:00:00 2001
From: Dan Cline <6798349+Rjected@users.noreply.github.com>
Date: Mon, 14 Oct 2024 18:38:15 -0400
Subject: [PATCH] feat(ci): add workflow for git sha container builds (#11721)

---
 .github/workflows/docker-git.yml | 44 ++++++++++++++++++++++++++++++++
 .github/workflows/docker.yml     |  1 -
 Makefile                         | 17 ++++++++++++
 3 files changed, 61 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/docker-git.yml

diff --git a/.github/workflows/docker-git.yml b/.github/workflows/docker-git.yml
new file mode 100644
index 000000000..2e3ad59ae
--- /dev/null
+++ b/.github/workflows/docker-git.yml
@@ -0,0 +1,44 @@
+# Publishes the Docker image, only to be used with `workflow_dispatch`. The
+# images from this workflow will be tagged with the git sha of the branch used
+# and will NOT tag it as `latest`.
+
+name: docker-git
+
+on:
+  workflow_dispatch: {}
+
+env:
+  REPO_NAME: ${{ github.repository_owner }}/reth
+  IMAGE_NAME: ${{ github.repository_owner }}/reth
+  OP_IMAGE_NAME: ${{ github.repository_owner }}/op-reth
+  CARGO_TERM_COLOR: always
+  DOCKER_IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/reth
+  OP_DOCKER_IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/op-reth
+  DOCKER_USERNAME: ${{ github.actor }}
+  GIT_SHA: ${{ github.sha }}
+
+jobs:
+  build:
+    name: build and push
+    runs-on: ubuntu-20.04
+    permissions:
+      packages: write
+      contents: read
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@stable
+      - uses: Swatinem/rust-cache@v2
+        with:
+          cache-on-failure: true
+      - uses: taiki-e/install-action@cross
+      - name: Log in to Docker
+        run: |
+          echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io --username ${DOCKER_USERNAME} --password-stdin
+      - name: Set up Docker builder
+        run: |
+          docker run --privileged --rm tonistiigi/binfmt --install arm64,amd64
+          docker buildx create --use --name cross-builder
+      - name: Build and push the git-sha-tagged reth image
+        run: make PROFILE=maxperf GIT_SHA=$GIT_SHA docker-build-push-git-sha
+      - name: Build and push the git-sha-tagged op-reth image
+        run: make IMAGE_NAME=$OP_IMAGE_NAME DOCKER_IMAGE_NAME=$OP_DOCKER_IMAGE_NAME GIT_SHA=$GIT_SHA PROFILE=maxperf op-docker-build-push-git-sha
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index 2af324a39..7b6f0d51e 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -3,7 +3,6 @@
 name: docker
 
 on:
-  workflow_dispatch: {}
   push:
     tags:
       - v*
diff --git a/Makefile b/Makefile
index 4d897c7ee..908f1ef24 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,7 @@
 # Heavily inspired by Lighthouse: https://github.com/sigp/lighthouse/blob/693886b94176faa4cb450f024696cb69cda2fe58/Makefile
 .DEFAULT_GOAL := help
 
+GIT_SHA ?= $(shell git rev-parse HEAD)
 GIT_TAG ?= $(shell git describe --tags --abbrev=0)
 BIN_DIR = "dist/bin"
 
@@ -199,6 +200,14 @@ ef-tests: $(EF_TESTS_DIR) ## Runs Ethereum Foundation tests.
 docker-build-push: ## Build and push a cross-arch Docker image tagged with the latest git tag.
 	$(call docker_build_push,$(GIT_TAG),$(GIT_TAG))
 
+# Note: This requires a buildx builder with emulation support. For example:
+#
+# `docker run --privileged --rm tonistiigi/binfmt --install amd64,arm64`
+# `docker buildx create --use --driver docker-container --name cross-builder`
+.PHONY: docker-build-push-git-sha
+docker-build-push-git-sha: ## Build and push a cross-arch Docker image tagged with the latest git sha.
+	$(call docker_build_push,$(GIT_SHA),$(GIT_SHA))
+
 # Note: This requires a buildx builder with emulation support. For example:
 #
 # `docker run --privileged --rm tonistiigi/binfmt --install amd64,arm64`
@@ -243,6 +252,14 @@ endef
 op-docker-build-push: ## Build and push a cross-arch Docker image tagged with the latest git tag.
 	$(call op_docker_build_push,$(GIT_TAG),$(GIT_TAG))
 
+# Note: This requires a buildx builder with emulation support. For example:
+#
+# `docker run --privileged --rm tonistiigi/binfmt --install amd64,arm64`
+# `docker buildx create --use --driver docker-container --name cross-builder`
+.PHONY: op-docker-build-push-git-sha
+op-docker-build-push-git-sha: ## Build and push a cross-arch Docker image tagged with the latest git sha.
+	$(call op_docker_build_push,$(GIT_SHA),$(GIT_SHA))
+
 # Note: This requires a buildx builder with emulation support. For example:
 #
 # `docker run --privileged --rm tonistiigi/binfmt --install amd64,arm64`