Docker #358
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - ".github/workflows/**" | |
| - "Dockerfile" | |
| pull_request: | |
| branches: | |
| - master | |
| paths: | |
| - ".github/workflows/**" | |
| - "Dockerfile" | |
| release: | |
| types: [published] | |
| permissions: {} | |
| jobs: | |
| build: | |
| name: Docker / Build | |
| runs-on: ${{ matrix.runs-on }} | |
| strategy: | |
| matrix: | |
| arch: [amd64, arm64] | |
| include: | |
| - arch: amd64 | |
| runs-on: blacksmith-8vcpu-ubuntu-2204 | |
| - arch: arm64 | |
| runs-on: blacksmith-8vcpu-ubuntu-2204-arm | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: docker/setup-buildx-action@v3 | |
| with: | |
| cache-binary: false | |
| install: true | |
| version: latest | |
| - name: Build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| platforms: linux/${{ matrix.arch }} | |
| push: false | |
| cache-from: | | |
| type=gha,scope=docker-build-${{ matrix.arch }} | |
| cache-to: | | |
| type=gha,mode=min,scope=docker-build-${{ matrix.arch }} | |
| context: . | |
| build-args: >- | |
| ${{ github.event_name == 'release' && format('VERSION={0}', github.ref_name) || '' }} | |
| push: | |
| name: Docker / Push | |
| needs: [build] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| outputs: | |
| version: ${{ steps.meta.outputs.version }} | |
| steps: | |
| - run: lscpu | |
| - uses: actions/checkout@v4 | |
| with: | |
| persist-credentials: false | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ github.token }} | |
| - uses: docker/setup-buildx-action@v3 | |
| with: | |
| cache-binary: false | |
| install: true | |
| version: latest | |
| - name: Check if release is latest | |
| if: github.event_name == 'release' | |
| id: check_latest | |
| run: | | |
| RELEASE_ID=$(curl -s -H "Authorization: Bearer ${{ github.token }}" \ | |
| "https://api.github.com/repos/${{ github.repository }}/releases/latest" \ | |
| | jq -r '.id') | |
| CURRENT_RELEASE_ID=${{ github.event.release.id }} | |
| echo "is_latest=$([[ "$RELEASE_ID" == "$CURRENT_RELEASE_ID" ]] && echo "true" || echo "false")" >> $GITHUB_OUTPUT | |
| - uses: docker/metadata-action@v5 | |
| id: meta | |
| with: | |
| images: ghcr.io/${{ github.repository_owner }}/polkadot | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=raw,value=latest,enable=${{ github.event_name == 'release' && steps.check_latest.outputs.is_latest == 'true' }} | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=ref,event=tag | |
| - name: Package and Push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| platforms: linux/amd64,linux/arm64 | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| push: true | |
| cache-from: | | |
| type=gha,scope=docker-build-amd64 | |
| type=gha,scope=docker-build-arm64 | |
| context: . | |
| build-args: >- | |
| ${{ github.event_name == 'release' && format('VERSION={0}', github.ref_name) || '' }} | |
| publish-release-assets: | |
| name: Publish Release Assets | |
| needs: push | |
| if: github.event_name == 'release' | |
| runs-on: ${{ matrix.runs-on }} | |
| permissions: | |
| contents: write | |
| strategy: | |
| matrix: | |
| arch: [x86_64, arm64] | |
| include: | |
| - arch: x86_64 | |
| runs-on: ubuntu-24.04 | |
| - arch: arm64 | |
| runs-on: ubuntu-24.04-arm | |
| steps: | |
| - name: Pull Docker image | |
| run: | | |
| docker pull ghcr.io/${{ github.repository_owner }}/polkadot:${{ needs.push.outputs.version }} | |
| - name: Create directory for binaries | |
| run: mkdir -p binaries | |
| - name: Extract binaries from image | |
| run: | | |
| container_id=$(docker create ghcr.io/${{ github.repository_owner }}/polkadot:${{ github.ref_name }}) | |
| docker cp $container_id:/usr/local/bin/polkadot binaries/ | |
| docker cp $container_id:/usr/local/bin/polkadot-execute-worker binaries/ | |
| docker cp $container_id:/usr/local/bin/polkadot-prepare-worker binaries/ | |
| docker rm $container_id | |
| - name: Generate SHA-256 hashes for binaries | |
| working-directory: binaries | |
| run: | | |
| sha256sum polkadot > polkadot.sha256 | |
| sha256sum polkadot-execute-worker > polkadot-execute-worker.sha256 | |
| sha256sum polkadot-prepare-worker > polkadot-prepare-worker.sha256 | |
| - name: Create tarball | |
| run: | | |
| tar -czvf polkadot-${{ github.ref_name }}-${{ matrix.arch }}.tgz -C binaries . | |
| - name: Generate SHA-256 for tarball | |
| run: | | |
| sha256sum polkadot-${{ github.ref_name }}-${{ matrix.arch }}.tgz > polkadot-${{ github.ref_name }}-${{ matrix.arch }}.tgz.sha256 | |
| - name: Upload assets to release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: | | |
| polkadot-${{ github.ref_name }}-${{ matrix.arch }}.tgz | |
| polkadot-${{ github.ref_name }}-${{ matrix.arch }}.tgz.sha256 |