@@ -36,165 +36,173 @@ jobs:
36
36
aarch : aarch64
37
37
target_dir : aarch64-unknown-linux-musl
38
38
steps :
39
- - uses : actions/checkout@v4
40
- - uses : extractions/setup-just@v2
41
-
42
- - name : Login to DockerHub
43
- uses : docker/login-action@v3
44
- with :
45
- username : clux
46
- password : ${{ secrets.DOCKERHUB_TOKEN }}
47
-
48
- - name : Check if we need a new stable
49
- id : stablecheck
50
- shell : bash
51
- run : |
52
- pip3 install --user toml
53
- if python3 check_stable.py; then
54
- echo "Stable tag missing; running all build steps"
55
- echo '::set-output name=BUILD::YES'
56
- else
57
- echo "Stable tag found; skipping all build steps"
58
- fi
59
-
60
- - name : Prepare
61
- run : |
62
- platform=${{ matrix.platform }}
63
- echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
64
-
65
- - name : Docker meta
66
- id : meta
67
- uses : docker/metadata-action@v5
68
- with :
69
- images : ${{ env.REGISTRY_IMAGE }}
70
-
71
- - name : Set up QEMU
72
- uses : docker/setup-qemu-action@v3
73
-
74
- - name : Set up Docker Buildx
75
- uses : docker/setup-buildx-action@v3
76
-
77
- - name : Build stable image
78
- id : build
79
- uses : docker/build-push-action@v6
80
- with :
81
- context : .
82
- platforms : ${{ matrix.platform }}
83
- labels : ${{ steps.meta.outputs.labels }}
84
- file : ${{ matrix.dockerfile }}
85
- push : false
86
- load : true
87
- tags : rustmusl-temp
88
- build-args : |
89
- CHANNEL=stable
90
- AARCH=${{ matrix.aarch }}
91
- if : ${{ steps.stablecheck.outputs.BUILD }}
92
-
93
- - name : Run tests
94
- if : ${{ steps.stablecheck.outputs.BUILD }}
95
- shell : bash
96
- run : |
97
- docker buildx build --platform ${{ matrix.platform }} --output type=docker -t test-runner - < Dockerfile.test-runner
98
- TARGET_DIR=${{ matrix.target_dir }} PLATFORM=${{ matrix.platform }} just test-ci
99
-
100
- # The date/channel/version are expected to be the same on both architectures and are needed for the merge step.
101
- # We store them here since it makes the merge step a bit easier - it doesn't need to figure out which of the
102
- # architectures it can run (to extract the rust version). The problem is that it appears we can't run images
103
- # that were built by docker buildx (the build-push-action step) locally. They get pushed to dockerhub but are
104
- # only identifiable by their digest and it appears docker does not let us select an image that way.
105
- # Not the most elegant, but it works.
106
- - name : Store tag info
107
- if : ${{ steps.stablecheck.outputs.BUILD }}
108
- shell : bash
109
- run : |
110
- mkdir -p /tmp/tags
111
- RUST_DATE="$(date +"%Y-%m-%d")"
112
- RUST_CHANNEL=stable
113
- RUST_VER="$(docker run --platform ${{ matrix.platform }} rustmusl-temp rustc --version | grep -oE "[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]")"
114
-
115
- echo $RUST_DATE > /tmp/tags/rust-date
116
- echo $RUST_CHANNEL > /tmp/tags/rust-channel
117
- echo $RUST_VER > /tmp/tags/rust-ver
118
-
119
- - name : Tag and push
120
- if : ${{ steps.stablecheck.outputs.BUILD }}
121
- shell : bash
122
- run : |
123
- RUST_DATE=$(cat /tmp/tags/rust-date)
124
- RUST_CHANNEL=$(cat /tmp/tags/rust-channel)
125
- RUST_VER=$(cat /tmp/tags/rust-ver)
126
-
127
- TAG_NAME="${{ matrix.arch }}-${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}"
128
-
129
- docker tag rustmusl-temp ${{ env.REGISTRY_IMAGE }}:$TAG_NAME
130
- docker push ${{ env.REGISTRY_IMAGE }}:$TAG_NAME
131
-
132
- - name : Upload tags
133
- if : ${{ steps.stablecheck.outputs.BUILD }}
134
- uses : actions/upload-artifact@v4
135
- with :
136
- name : tags-${{matrix.arch}}
137
- path : /tmp/tags
138
- if-no-files-found : error
139
- retention-days : 1
140
- overwrite : true
39
+ - uses : actions/checkout@v4
40
+ - uses : extractions/setup-just@v2
41
+
42
+ - name : Login to DockerHub
43
+ uses : docker/login-action@v3
44
+ with :
45
+ username : clux
46
+ password : ${{ secrets.DOCKERHUB_TOKEN }}
47
+
48
+ - name : Check if we need a new stable
49
+ id : stablecheck
50
+ shell : bash
51
+ run : |
52
+ pip3 install --user toml
53
+ if python3 check_stable.py; then
54
+ echo "Stable tag missing; running all build steps"
55
+ echo '::set-output name=BUILD::YES'
56
+ else
57
+ echo "Stable tag found; skipping all build steps"
58
+ fi
59
+
60
+ - name : Prepare
61
+ run : |
62
+ platform=${{ matrix.platform }}
63
+ echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
64
+
65
+ - name : Docker meta
66
+ id : meta
67
+ uses : docker/metadata-action@v5
68
+ with :
69
+ images : ${{ env.REGISTRY_IMAGE }}
70
+
71
+ - name : Set up QEMU
72
+ uses : docker/setup-qemu-action@v3
73
+
74
+ - name : Set up Docker Buildx
75
+ uses : docker/setup-buildx-action@v3
76
+
77
+ - name : Build stable image
78
+ id : build
79
+ uses : docker/build-push-action@v6
80
+ with :
81
+ context : .
82
+ platforms : ${{ matrix.platform }}
83
+ labels : ${{ steps.meta.outputs.labels }}
84
+ file : ${{ matrix.dockerfile }}
85
+ push : false
86
+ load : true
87
+ tags : rustmusl-temp
88
+ build-args : |
89
+ CHANNEL=stable
90
+ AARCH=${{ matrix.aarch }}
91
+ if : ${{ steps.stablecheck.outputs.BUILD }}
92
+
93
+ - name : Run tests
94
+ if : ${{ steps.stablecheck.outputs.BUILD }}
95
+ shell : bash
96
+ run : |
97
+ docker buildx build --platform ${{ matrix.platform }} --output type=docker -t test-runner - < Dockerfile.test-runner
98
+ TARGET_DIR=${{ matrix.target_dir }} PLATFORM=${{ matrix.platform }} just test-ci
99
+
100
+ # The date/channel/version are expected to be the same on both architectures and are needed for the merge step.
101
+ # We store them here since it makes the merge step a bit easier - it doesn't need to figure out which of the
102
+ # architectures it can run (to extract the rust version). The problem is that it appears we can't run images
103
+ # that were built by docker buildx (the build-push-action step) locally. They get pushed to dockerhub but are
104
+ # only identifiable by their digest and it appears docker does not let us select an image that way.
105
+ # Not the most elegant, but it works.
106
+ - name : Store tag info
107
+ if : ${{ steps.stablecheck.outputs.BUILD }}
108
+ shell : bash
109
+ run : |
110
+ mkdir -p /tmp/tags
111
+ RUST_DATE="$(date +"%Y-%m-%d")"
112
+ RUST_CHANNEL=stable
113
+ RUST_VER="$(docker run --platform ${{ matrix.platform }} rustmusl-temp rustc --version | grep -oE "[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]")"
114
+
115
+ echo $RUST_DATE > /tmp/tags/rust-date
116
+ echo $RUST_CHANNEL > /tmp/tags/rust-channel
117
+ echo $RUST_VER > /tmp/tags/rust-ver
118
+
119
+ - name : Tag and push
120
+ if : ${{ steps.stablecheck.outputs.BUILD }}
121
+ shell : bash
122
+ run : |
123
+ RUST_DATE=$(cat /tmp/tags/rust-date)
124
+ RUST_CHANNEL=$(cat /tmp/tags/rust-channel)
125
+ RUST_VER=$(cat /tmp/tags/rust-ver)
126
+
127
+ TAG_NAME="${{ matrix.arch }}-${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}"
128
+
129
+ docker tag rustmusl-temp ${{ env.REGISTRY_IMAGE }}:$TAG_NAME
130
+ docker push ${{ env.REGISTRY_IMAGE }}:$TAG_NAME
131
+
132
+ - name : Attest docker.io
133
+ if : ${{ steps.stablecheck.outputs.BUILD }}
134
+ uses : actions/attest-build-provenance@v2.3.0
135
+ with :
136
+ subject-name : docker.io/${{ env.REGISTRY_IMAGE }}
137
+ subject-digest : ${{ steps.push_stable.outputs.digest }}
138
+ push-to-registry : true
139
+
140
+ - name : Upload tags
141
+ if : ${{ steps.stablecheck.outputs.BUILD }}
142
+ uses : actions/upload-artifact@v4
143
+ with :
144
+ name : tags-${{matrix.arch}}
145
+ path : /tmp/tags
146
+ if-no-files-found : error
147
+ retention-days : 1
148
+ overwrite : true
141
149
142
150
merge :
143
151
name : ' Stable merge'
144
152
runs-on : ubuntu-latest
145
153
needs :
146
154
- build
147
155
steps :
148
- - uses : actions/checkout@v4
149
- - name : Check if we need a new stable
150
- id : stablecheck
151
- shell : bash
152
- run : |
153
- pip3 install --user toml
154
- if python3 check_stable.py; then
155
- echo "Stable tag missing; running all build steps"
156
- echo '::set-output name=BUILD::YES'
157
- else
158
- echo "Stable tag found; skipping all build steps"
159
- fi
160
-
161
- - name : Download tags
162
- if : ${{ steps.stablecheck.outputs.BUILD }}
163
- uses : actions/download-artifact@v4
164
- with :
165
- path : /tmp/tags
166
- pattern : tags-*
167
- merge-multiple : true
168
-
169
- - name : Set up Docker Buildx
170
- uses : docker/setup-buildx-action@v3
171
-
172
- - name : Docker meta
173
- id : meta
174
- uses : docker/metadata-action@v5
175
- with :
176
- images : ${{ env.REGISTRY_IMAGE }}
177
-
178
- - name : Login to Docker Hub
179
- uses : docker/login-action@v3
180
- with :
181
- username : clux
182
- password : ${{ secrets.DOCKERHUB_TOKEN }}
183
-
184
- - name : Create manifest list and push multi-platform images
185
- if : ${{ steps.stablecheck.outputs.BUILD }}
186
- run : |
187
- RUST_DATE=$(cat /tmp/tags/rust-date)
188
- RUST_CHANNEL=$(cat /tmp/tags/rust-channel)
189
- RUST_VER=$(cat /tmp/tags/rust-ver)
190
-
191
- for tag in ${RUST_CHANNEL} ${RUST_CHANNEL}-${RUST_DATE} ${RUST_VER}-${RUST_CHANNEL} ${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}; do
192
- docker buildx imagetools create -t ${{ env.REGISTRY_IMAGE }}:$tag \
193
- ${{ env.REGISTRY_IMAGE }}:amd64-${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE} \
194
- ${{ env.REGISTRY_IMAGE }}:arm64-${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}
195
- done
196
-
197
- - name : Inspect image
198
- if : ${{ steps.stablecheck.outputs.BUILD }}
199
- run : |
200
- docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:latest
156
+ - uses : actions/checkout@v4
157
+ - name : Check if we need a new stable
158
+ id : stablecheck
159
+ shell : bash
160
+ run : |
161
+ pip3 install --user toml
162
+ if python3 check_stable.py; then
163
+ echo "Stable tag missing; running all build steps"
164
+ echo '::set-output name=BUILD::YES'
165
+ else
166
+ echo "Stable tag found; skipping all build steps"
167
+ fi
168
+
169
+ - name : Download tags
170
+ if : ${{ steps.stablecheck.outputs.BUILD }}
171
+ uses : actions/download-artifact@v4
172
+ with :
173
+ path : /tmp/tags
174
+ pattern : tags-*
175
+ merge-multiple : true
176
+
177
+ - name : Set up Docker Buildx
178
+ uses : docker/setup-buildx-action@v3
179
+
180
+ - name : Docker meta
181
+ id : meta
182
+ uses : docker/metadata-action@v5
183
+ with :
184
+ images : ${{ env.REGISTRY_IMAGE }}
185
+
186
+ - name : Login to Docker Hub
187
+ uses : docker/login-action@v3
188
+ with :
189
+ username : clux
190
+ password : ${{ secrets.DOCKERHUB_TOKEN }}
191
+
192
+ - name : Create manifest list and push multi-platform images
193
+ if : ${{ steps.stablecheck.outputs.BUILD }}
194
+ run : |
195
+ RUST_DATE=$(cat /tmp/tags/rust-date)
196
+ RUST_CHANNEL=$(cat /tmp/tags/rust-channel)
197
+ RUST_VER=$(cat /tmp/tags/rust-ver)
198
+
199
+ for tag in ${RUST_CHANNEL} ${RUST_CHANNEL}-${RUST_DATE} ${RUST_VER}-${RUST_CHANNEL} ${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}; do
200
+ docker buildx imagetools create -t ${{ env.REGISTRY_IMAGE }}:$tag \
201
+ ${{ env.REGISTRY_IMAGE }}:amd64-${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE} \
202
+ ${{ env.REGISTRY_IMAGE }}:arm64-${RUST_VER}-${RUST_CHANNEL}-${RUST_DATE}
203
+ done
204
+
205
+ - name : Inspect image
206
+ if : ${{ steps.stablecheck.outputs.BUILD }}
207
+ run : |
208
+ docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:latest
0 commit comments