Skip to content
stable

stable #1602

Sign in to view logs

stable

stable #1602

Workflow file for this run

.github/workflows/stable.yml at 3d5eadc
name: stable
on:
schedule:
- cron: '0 12 * * *' # everyday at noon
push:
branches:
- 'main'
pull_request:
branches:
- 'main'
concurrency:
group: ${{ github.ref }}-stable
cancel-in-progress: true
env:
REGISTRY_IMAGE: clux/muslrust
jobs:
check-stable:
name: 'Check if workflow should continue'
outputs:
CONTINUE_BUILD: ${{ steps.check-stable-tag.outputs.CONTINUE_BUILD }}
runs-on: 'ubuntu-latest'
steps:
- uses: actions/checkout@v4
- name: 'Check if we need a new stable'
id: check-stable-tag
shell: bash
run: |
pip3 install --user toml
if python3 check_stable.py; then
echo 'Stable tag missing; running all build steps'
echo 'CONTINUE_BUILD=YES' >> "${GITHUB_OUTPUT}"
else
echo 'Stable tag found; skipping all build steps'
fi
build:
name: 'Stable Build'
needs: [check-stable]
if: ${{ needs.check-stable.outputs.CONTINUE_BUILD == 'YES' }}
runs-on: 'ubuntu-latest'
strategy:
fail-fast: false
matrix:
platform: [linux/amd64, linux/arm64]
include:
- platform: linux/amd64
arch: amd64
target_dir: x86_64-unknown-linux-musl
- platform: linux/arm64
arch: arm64
target_dir: aarch64-unknown-linux-musl
steps:
- uses: actions/checkout@v4
- uses: extractions/setup-just@v3
- name: Login to DockerHub
uses: docker/login-action@v3
if: ${{ github.repository_owner == 'clux' }}
with:
username: clux
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY_IMAGE }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build stable image
id: build
uses: docker/build-push-action@v6
with:
context: .
platforms: ${{ matrix.platform }}
labels: ${{ steps.meta.outputs.labels }}
push: false
load: true
tags: rustmusl-temp
build-args: |
CHANNEL=stable
- name: Run tests
shell: bash
run: |
docker buildx build --platform ${{ matrix.platform }} --output type=docker -t test-runner - < Dockerfile.test-runner
TARGET_DIR=${{ matrix.target_dir }} PLATFORM=${{ matrix.platform }} just test-ci
# The date/channel/version are expected to be the same on both architectures and are needed for the merge step.
# We store them here since it makes the merge step a bit easier - it doesn't need to figure out which of the
# architectures it can run (to extract the rust version). The problem is that it appears we can't run images
# that were built by docker buildx (the build-push-action step) locally. They get pushed to dockerhub but are
# only identifiable by their digest and it appears docker does not let us select an image that way.
# Not the most elegant, but it works.
- name: Store tag info
shell: bash
run: |
mkdir -p /tmp/tags
RUST_DATE="$(date +"%Y-%m-%d")"
RUST_CHANNEL=stable
RUST_VER="$(docker run --platform ${{ matrix.platform }} rustmusl-temp rustc --version | grep -oE "[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]")"
echo $RUST_DATE > /tmp/tags/rust-date
echo $RUST_CHANNEL > /tmp/tags/rust-channel
echo $RUST_VER > /tmp/tags/rust-ver
- name: Tag and push
if: ${{ github.repository_owner == 'clux' }}
shell: bash
run: |
RUST_DATE=$(cat /tmp/tags/rust-date)
RUST_CHANNEL=$(cat /tmp/tags/rust-channel)
RUST_VER=$(cat /tmp/tags/rust-ver)
TAG_NAME="${{ matrix.arch }}-${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}"
docker tag rustmusl-temp ${{ env.REGISTRY_IMAGE }}:$TAG_NAME
docker push ${{ env.REGISTRY_IMAGE }}:$TAG_NAME
# TODO: want to do this, but need digest, which might not be trivial to get outside build-push-action
# - name: Attest docker.io
# if: ${{ github.repository_owner == 'clux' }}
# uses: actions/attest-build-provenance@v2.3.0
# with:
# subject-name: docker.io/${{ env.REGISTRY_IMAGE }}
# subject-digest: ${{ steps.push_stable.outputs.digest }}
# push-to-registry: true
- name: Upload tags
uses: actions/upload-artifact@v4
with:
name: tags-${{matrix.arch}}
path: /tmp/tags
if-no-files-found: error
retention-days: 1
overwrite: true
merge:
name: 'Stable merge'
runs-on: ubuntu-latest
if: github.repository_owner == 'clux'
needs:
- build
steps:
- name: Download tags
uses: actions/download-artifact@v4
with:
path: /tmp/tags
pattern: tags-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY_IMAGE }}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: clux
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Create manifest list and push multi-platform images
shell: bash
run: |
RUST_DATE=$(cat /tmp/tags/rust-date)
RUST_CHANNEL=$(cat /tmp/tags/rust-channel)
RUST_VER=$(cat /tmp/tags/rust-ver)
# The two already published image tags to associate additional tags to:
AMD64="${{ env.REGISTRY_IMAGE }}:amd64-${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}"
ARM64="${{ env.REGISTRY_IMAGE }}:arm64-${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}"
EXTRA_TAGS=(
"${RUST_CHANNEL}"
"${RUST_CHANNEL}-${RUST_DATE}"
"${RUST_VER}-${RUST_CHANNEL}"
"${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}"
)
# Assign each tag to the two source image tags:
for TAG in "${EXTRA_TAGS[@]}"; do
docker buildx imagetools create --tag "${{ env.REGISTRY_IMAGE }}:${TAG}" "${AMD64}" "${ARM64}"
done
- name: Inspect image
run: |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:latest