From 0137fbd0b502b2f44f0f49d023f6af98f72902c3 Mon Sep 17 00:00:00 2001
From: Daniel Gak Anagrov <dani_gak@hotmail.com>
Date: Tue, 26 Aug 2025 15:35:14 +0200
Subject: [PATCH] chore: bumb blacksmith build and push action version (#5309)

* chore: bumb blacksmith

* feat: try bump up all machines

* fix: docker builder

* fix: unpin version, fix dockerfiles

* fix: unpin version, fix dockerfiles

* fix: py version
---
 .github/workflows/builds.yml                  | 60 ++++++++++++-------
 .github/workflows/get-version.yml             |  2 +-
 .../manual-trigger-test-deployment.yml        |  2 +-
 .github/workflows/npm.yml                     |  2 +-
 .github/workflows/publish.yml                 |  6 +-
 .github/workflows/tests.yml                   | 24 ++++----
 packages/fileimport-service/Dockerfile        |  2 +-
 packages/preview-service/Dockerfile           |  2 +-
 8 files changed, 61 insertions(+), 39 deletions(-)

diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml
index 32a80ea41..08815402e 100644
--- a/.github/workflows/builds.yml
+++ b/.github/workflows/builds.yml
@@ -28,7 +28,7 @@ on:
 
 jobs:
   docker-build-server:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Server
     steps:
       - name: Login to Docker Hub
@@ -50,8 +50,10 @@ jobs:
             TAGS="$TAGS,${{ inputs.IMAGE_PREFIX }}/speckle-server:latest"
           fi
           echo "TAGS=$TAGS" >> "$GITHUB_OUTPUT"
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         with:
           push: true
           tags: ${{ steps.set-tags.outputs.TAGS }}
@@ -75,8 +77,10 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push w/ version tag
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         if: ${{ inputs.PUBLISH }}
         with:
           push: true
@@ -85,7 +89,7 @@ jobs:
           build-args: |
             SPECKLE_SERVER_VERSION=${{ inputs.IMAGE_VERSION_TAG }}
       - name: Check frontend-2 build
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         if: ${{ !inputs.PUBLISH }}
         with:
           push: true
@@ -93,7 +97,7 @@ jobs:
           file: ./packages/frontend-2/Dockerfile
 
   docker-build-preview-service:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Preview service
     steps:
       - name: Login to Docker Hub
@@ -107,15 +111,17 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         with:
           push: true
           tags: ${{ inputs.IMAGE_PREFIX }}/speckle-preview-service:${{ inputs.IMAGE_VERSION_TAG }}
           file: ./packages/preview-service/Dockerfile
 
   docker-build-webhook-service:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Webhook service
     steps:
       - name: Login to Docker Hub
@@ -129,15 +135,17 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         with:
           push: true
           tags: ${{ inputs.IMAGE_PREFIX }}/speckle-webhook-service:${{ inputs.IMAGE_VERSION_TAG }}
           file: ./packages/webhook-service/Dockerfile
 
   docker-build-fileimport-service:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: File import service
     steps:
       - name: Login to Docker Hub
@@ -151,15 +159,17 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         with:
           push: true
           tags: ${{ inputs.IMAGE_PREFIX }}/speckle-fileimport-service:${{ inputs.IMAGE_VERSION_TAG }}
           file: ./packages/fileimport-service/Dockerfile
 
   docker-build-ifc-import-service:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: IFC import service
     steps:
       - name: Login to Docker Hub
@@ -173,15 +183,17 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         with:
           push: true
           tags: ${{ inputs.IMAGE_PREFIX }}/speckle-ifc-import-service:${{ inputs.IMAGE_VERSION_TAG }}
           file: ./packages/ifc-import-service/Dockerfile
 
   docker-build-test-deploy:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Test deploy util
     steps:
       - name: Login to Docker Hub
@@ -195,15 +207,17 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         with:
           push: true
           tags: ${{ inputs.IMAGE_PREFIX }}/speckle-test-deployment:${{ inputs.IMAGE_VERSION_TAG }}
           file: ./utils/test-deployment/Dockerfile
 
   docker-build-monitor-deployment:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: monitor container
     steps:
       - name: Login to Docker Hub
@@ -217,15 +231,17 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         with:
           push: true
           tags: ${{ inputs.IMAGE_PREFIX }}/speckle-monitor-deployment:${{ inputs.IMAGE_VERSION_TAG }}
           file: ./packages/monitor-deployment/Dockerfile
 
   docker-build-docker-compose-ingress:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Docker compose ingress
     steps:
       - name: Login to Docker Hub
@@ -239,15 +255,17 @@ jobs:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         with:
           push: true
           tags: ${{ inputs.IMAGE_PREFIX }}/speckle-docker-compose-ingress:${{ inputs.IMAGE_VERSION_TAG }}
           file: ./utils/docker-compose-ingress/Dockerfile
 
   docker-frontend-2-sourcemaps:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Frontend2 sourcemaps
     if: ${{ inputs.PUBLISH }}
     env:
@@ -258,7 +276,9 @@ jobs:
       - uses: actions/checkout@v4.2.2
         with:
           fetch-depth: 0
-      - uses: useblacksmith/build-push-action@v1
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
+      - uses: useblacksmith/build-push-action@v2
         with:
           setup-only: true
           cache-from: type=registry,ref=${{ inputs.IMAGE_PREFIX }}/speckle-frontend-2:buildcache-sourcemaps
diff --git a/.github/workflows/get-version.yml b/.github/workflows/get-version.yml
index 41dfd9c65..561a63d93 100644
--- a/.github/workflows/get-version.yml
+++ b/.github/workflows/get-version.yml
@@ -12,7 +12,7 @@ jobs:
     outputs:
       IMAGE_VERSION_TAG: ${{ steps.export-step.outputs.IMAGE_VERSION_TAG }}
     name: Get version
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     steps:
       - uses: actions/checkout@v4.2.2
         with:
diff --git a/.github/workflows/manual-trigger-test-deployment.yml b/.github/workflows/manual-trigger-test-deployment.yml
index ccf380794..8d1d92312 100644
--- a/.github/workflows/manual-trigger-test-deployment.yml
+++ b/.github/workflows/manual-trigger-test-deployment.yml
@@ -4,7 +4,7 @@ on: workflow_dispatch
 
 jobs:
   verify-non-prod:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     if: github.ref != 'refs/heads/main'
     steps:
       - run: echo "This is a non-production deployment."
diff --git a/.github/workflows/npm.yml b/.github/workflows/npm.yml
index 08f365f07..bceff02da 100644
--- a/.github/workflows/npm.yml
+++ b/.github/workflows/npm.yml
@@ -11,7 +11,7 @@ on:
 jobs:
   publish:
     name: Publish to npm
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     env:
       NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
       IMAGE_VERSION_TAG: ${{ inputs.IMAGE_VERSION_TAG }}
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 86f2ff040..ce51e69aa 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -21,7 +21,7 @@ on:
         required: true
 jobs:
   helm-chart-oci:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Helm chart oci
     container:
       image: speckle/pre-commit-runner:latest
@@ -38,7 +38,7 @@ jobs:
         run: ./.github/workflows/scripts/publish_helm_chart_oci.sh
 
   helm-chart-commit:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Helm chart commit
     container:
       image: bitnami/python:3.12.0
@@ -65,7 +65,7 @@ jobs:
         working-directory: speckle
 
   viewer-sandbox-cloudflare-pages:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Viewer sandbox cloudflare pages
     env:
       CLOUDFLARE_ACCOUNT_ID: ${{ inputs.CLOUDFLARE_ACCOUNT_ID }}
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index da731a990..a4f8a2965 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -32,7 +32,7 @@ on:
 jobs:
   lint-and-prettier:
     name: Lint and prettier
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     continue-on-error: ${{ inputs.CONTINUE_ON_ERROR }}
     steps:
       - uses: actions/checkout@v4.2.2
@@ -55,7 +55,7 @@ jobs:
 
   pre-commit:
     name: Precommit check
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     continue-on-error: ${{ inputs.CONTINUE_ON_ERROR }}
     container:
       image: speckle/pre-commit-runner:latest
@@ -74,7 +74,7 @@ jobs:
 
   test-frontend-2:
     name: Frontend
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     continue-on-error: ${{ inputs.CONTINUE_ON_ERROR }}
     steps:
       - uses: actions/checkout@v4.2.2
@@ -92,7 +92,7 @@ jobs:
 
   test-viewer:
     name: Viewer
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     continue-on-error: ${{ inputs.CONTINUE_ON_ERROR }}
     steps:
       - uses: actions/checkout@v4.2.2
@@ -119,7 +119,7 @@ jobs:
 
   test-shared:
     name: Shared
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     continue-on-error: ${{ inputs.CONTINUE_ON_ERROR }}
     steps:
       - uses: actions/checkout@v4.2.2
@@ -156,7 +156,7 @@ jobs:
 
   test-objectsender:
     name: Object Sender
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     continue-on-error: ${{ inputs.CONTINUE_ON_ERROR }}
     steps:
       - uses: actions/checkout@v4.2.2
@@ -180,7 +180,7 @@ jobs:
 
   test-ui-components:
     name: UI Components
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     continue-on-error: ${{ inputs.CONTINUE_ON_ERROR }}
     steps:
       - uses: actions/checkout@v4.2.2
@@ -207,7 +207,7 @@ jobs:
 
   test-preview-service:
     name: Preview service
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     continue-on-error: ${{ inputs.CONTINUE_ON_ERROR }}
     container:
       image: ghcr.io/specklesystems/speckle-ubuntu-chromium:latest
@@ -255,7 +255,7 @@ jobs:
           retention-days: 5
 
   docker-build-postgres-container:
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     name: Docker build postgres container
     steps:
       - name: Login to Docker Hub
@@ -263,8 +263,10 @@ jobs:
         with:
           username: ${{ inputs.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Setup Docker Builder
+        uses: useblacksmith/setup-docker-builder@v1
       - name: Build and push
-        uses: useblacksmith/build-push-action@v1
+        uses: useblacksmith/build-push-action@v2
         with:
           push: true
           tags: speckle/speckle-postgres:${{ inputs.IMAGE_VERSION_TAG }}
@@ -455,7 +457,7 @@ jobs:
     needs: [docker-build-postgres-container]
     continue-on-error: ${{ inputs.CONTINUE_ON_ERROR }}
     if: false # disabled
-    runs-on: blacksmith
+    runs-on: blacksmith-4vcpu-ubuntu-2404
     services:
       redis:
         image: redis:7.2.4
diff --git a/packages/fileimport-service/Dockerfile b/packages/fileimport-service/Dockerfile
index cd86829c6..22cf91c31 100644
--- a/packages/fileimport-service/Dockerfile
+++ b/packages/fileimport-service/Dockerfile
@@ -58,7 +58,7 @@ RUN yarn workspaces foreach -W run build
 RUN apt-get update -y \
     && DEBIAN_FRONTEND=noninteractive apt-get install -y \
      --no-install-recommends \
-     python3.12=3.12.3-1ubuntu0.7 \
+     python3.12=3.12.3-1ubuntu0.8 \
      python3-pip=24.0+dfsg-1ubuntu1.2 \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/*
diff --git a/packages/preview-service/Dockerfile b/packages/preview-service/Dockerfile
index 19ad1a473..f6c4b3262 100644
--- a/packages/preview-service/Dockerfile
+++ b/packages/preview-service/Dockerfile
@@ -92,7 +92,7 @@ RUN groupadd -g 30000 -r pptruser && \
     useradd -r -g pptruser -G audio,video -u 800 pptruser && \
     mkdir -p /home/pptruser/Downloads && \
     chown -R pptruser:pptruser /home/pptruser && \
-    chown -R pptruser:pptruser ./node_modules && \
+    if [ -d ./node_modules ]; then chown -R pptruser:pptruser ./node_modules; else true; fi && \
     chown -R pptruser:pptruser ./package.json
 
 # overriding this value via `--build-arg CACHE_BUST=$(date +%s)` will cause the latest google chrome to be fetched