[CLIENT-3813] CI/CD: Check if custom server image was built for the base image already. Also add workflow to build server docker image for dev tests

.github/actions/run-ee-server/action.yml

@@ -24,6 +24,10 @@ inputs:
     required: true
     description: Specify Docker tag
     default: 'latest'
+  GITHUB_TOKEN:
+    required: true
+    description: GITHUB_TOKEN
+  # Test config setup
   where-is-client-connecting-from:
     required: false
     description: 'docker-host, separate-docker-container, "remote-connection" via DOCKER_HOST'
@@ -46,18 +50,46 @@ runs:
       username: ${{ inputs.registry-username }}
       password: ${{ inputs.registry-password }}
 
-  - run: echo IMAGE_FULL_NAME=${{ inputs.registry-name }}/${{ inputs.image-name }}:${{ inputs.server-tag }} >> $GITHUB_ENV
+  - run: echo BASE_IMAGE_FULL_NAME=${{ inputs.registry-name }}/${{ inputs.image-name }}:${{ inputs.server-tag }} >> $GITHUB_ENV
     shell: bash
 
-  - run: echo NEW_IMAGE_FULL_NAME=${{ env.IMAGE_FULL_NAME }}-python-client-testing >> $GITHUB_ENV
+  - run: echo CUSTOM_IMAGE_FULL_NAME=ghcr.io/${{ env.BASE_IMAGE_FULL_NAME }} >> $GITHUB_ENV
     shell: bash
 
+  - name: Check if we already have a custom image built for this base image
+    id: check-for-custom-image
+    run: |
+      set -x
+      docker pull $BASE_IMAGE_FULL_NAME
+      # If this fails, build the custom image. We don't have a custom image to begin with for this base image tag
+      docker pull $CUSTOM_IMAGE_FULL_NAME
+
+      # TODO: make sure base image layers dont get squeezed together in the custom image
+      get_last_layer_digest_for_this_arch () {
+        # Assuming `docker image inspect` returns the image for this runner's specific CPU arch
+        echo $(docker image inspect -f json $1 | jq '.[0].RootFS.Layers[-1]' -r | sed 's/.*sha256://')
+      }
+      BASE_IMAGE_DIGEST=$(get_last_layer_digest_for_this_arch $BASE_IMAGE_FULL_NAME)
+      CUSTOM_IMAGE_LAYER_DIGESTS=$(docker image inspect -f json $1 | jq '.[0].RootFS.Layers -r)
+      test "$(grep --count <(echo $CUSTOM_IMAGE_LAYER_DIGESTS))" == "1"
+    continue-on-error: true
+    shell: bash
+
+  - name: We need to rebuild image
+    if: ${{ steps.check-for-custom-image.outcome == 'failure' }}
+    uses: docker/login-action@v3
+    with:
+      registry: ghcr.io
+      username: ${{ github.actor }}
+      password: ${{ inputs.GITHUB_TOKEN }}
+
   # QE images are not multi-platform and only support a single platform.
   - name: Allow building images from different platforms other than the native one
+    if: ${{ steps.check-for-custom-image.outcome == 'failure' }}
     uses: docker/setup-qemu-action@v3
 
   # macOS Github runners and Windows self-hosted runners don't have buildx installed by default
-  - if: ${{ runner.os == 'Windows' || runner.os == 'macOS' }}
+  - if: ${{ steps.check-for-custom-image.outcome == 'failure' && (runner.os == 'Windows' || runner.os == 'macOS') }}
     uses: docker/setup-buildx-action@v3
 
   - run: echo CA_CERT_FILE_NAME="ca.cer" >> $GITHUB_ENV
@@ -66,21 +98,31 @@ runs:
   - run: echo TLS_PORT="4333" >> $GITHUB_ENV
     shell: bash
 
+  # - name: Check if a Docker image was already built for this base image
+  #   id: check-if-image-already-built
+  #   # We assume a non zero error code means the image does not exist (or at least it cannot be reached).
+  #   run: |
+  #     skopeo inspect --override-os linux $NEW_IMAGE_FULL_NAME
+  #   shell: bash
+  #   continue-on-error: true
+
   - name: Build Aerospike server Docker image for testing
+    if: ${{ steps.check-for-custom-image.outcome == 'failure' }}
     # We enable TLS standard authentication to verify that the OpenSSL library bundled with the wheel works
     # You can manually verify this by enabling debug logging in the client and checking that the server certificate was verified
     uses: docker/build-push-action@v6
     with:
       # Don't want to use default Git context or else it will clone the whole Python client repo again
       context: .github/workflows/docker-build-context
       build-args: |
-        SERVER_IMAGE=${{ env.IMAGE_FULL_NAME }}
+        SERVER_IMAGE=${{ env.BASE_IMAGE_FULL_NAME }}
         TLS_PORT=${{ env.TLS_PORT }}
-      tags: ${{ env.NEW_IMAGE_FULL_NAME }}
+      tags: ${{ env.CUSTOM_IMAGE_FULL_NAME }}
       # setup-buildx-action configures Docker to use the docker-container build driver
       # This driver doesn't publish an image locally by default
       # so we have to manually enable it
       load: true
+      push: true
 
   - run: echo SERVER_CONTAINER_NAME="aerospike" >> $GITHUB_ENV
     shell: bash

.github/workflows/build-server-ee-image-for-dev-tests.yml

@@ -0,0 +1,58 @@
+on:
+  workflow_dispatch:
+    inputs:
+      base-image-name:
+        type: string
+        description: "Server base image name"
+        required: true
+        default: 'aerospike/aerospike-server-enterprise'
+      base-image-tag:
+        type: string
+        description: "Server base image tag"
+        required: true
+        default: 'latest'
+      new-image-tag:
+        type: string
+        description: "New image tag"
+        required: true
+        default: 'latest'
+
+env:
+  TLS_PORT: 4333
+  REGISTRY: ghcr.io
+
+jobs:
+  build-image:
+    runs-on: ubuntu-24.04
+    steps:
+    - name: Log into Github's Docker registry to upload our custom server Docker image
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Set new Docker image name and tag
+      uses: docker/metadata-action@v5
+      id: meta
+      with:
+        images: ${{ env.REGISTRY }}/aerospike/aerospike-server-enterprise
+        flavor: |
+          latest=false
+          type=raw,value=${{ inputs.new-image-tag }}
+
+    - name: Build Aerospike server EE Docker image for testing
+      uses: docker/build-push-action@v6
+      with:
+        # Don't want to use default Git context or else it will clone the whole Python client repo again
+        context: .github/workflows/docker-build-context
+        build-args: |
+          SERVER_IMAGE=${{ inputs.base-image-name }}:${{ inputs.base-image-tag }}
+          TLS_PORT=${{ env.TLS_PORT }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        # setup-buildx-action configures Docker to use the docker-container build driver
+        # This driver doesn't publish an image locally by default
+        # so we have to manually enable it
+        load: true
+        push: true

.github/workflows/tests.yml

@@ -284,6 +284,7 @@ jobs:
         server-tag: ${{ env.SERVER_TAG }}
         registry-username: ${{ env.REGISTRY_NAME == 'docker.io' && secrets.DOCKER_HUB_BOT_USERNAME || secrets.QE_DOCKER_REGISTRY_USERNAME }}
         registry-password: ${{ env.REGISTRY_NAME == 'docker.io' && secrets.DOCKER_HUB_BOT_PW || secrets.QE_DOCKER_REGISTRY_PASSWORD }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
     - if: ${{ matrix.type == 'dont_validate_keys' }}
       run: crudini --existing=param --set config.conf input-validation validate_keys false