CI: Use arm64 runner

hanazuki · hanazuki · commit ecf0671c711d · 2025-10-03T20:54:55.000Z
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -42,45 +42,78 @@ jobs:
       env:
         TEST_BUCKET_NAME: hanazuki-s3tftpd-test
 
-  docker:
+  docker-build:
     needs:
       - test
-    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - runner: ubuntu-24.04
+            platforms: linux/amd64
+          - runner: ubuntu-24.04-arm
+            platforms: linux/arm64,linux/arm/v7
+    runs-on: ${{ matrix.runner }}
+    permissions:
+      contents: read
+      packages: write
     steps:
-    - id: config
-      shell: bash
-      run: |
-        push=false
-        tags=
-        if [[ $GITHUB_EVENT_NAME == push ]]; then
-          if [[ $GITHUB_REF == refs/heads/master ]]; then
-            push=true
-            tags="ghcr.io/${GITHUB_REPOSITORY}:testing"
-          elif [[ $GITHUB_REF == refs/tags/v* ]]; then
-            push=true
-            tags="ghcr.io/${GITHUB_REPOSITORY}:${GITHUB_REF#refs/tags/v}"$'\n'"ghcr.io/${GITHUB_REPOSITORY}:latest"
-          fi
-        fi
-        cat <<EOF >>"$GITHUB_OUTPUT"
-        push=$push
-        tags<<TAGS
-        $tags
-        TAGS
-        EOF
-    - uses: docker/setup-qemu-action@v3
     - uses: docker/setup-buildx-action@v3
     - uses: docker/login-action@v3
       with:
         registry: ghcr.io
         username: ${{ github.repository_owner }}
         password: ${{ github.token }}
-    - uses: docker/build-push-action@v5
+    - id: build-push
+      uses: docker/build-push-action@v5
       with:
-        push: ${{ steps.config.outputs.push }}
-        tags: ${{ steps.config.outputs.tags }}
-        platforms: linux/amd64,linux/arm64
+        platforms: ${{ matrix.platforms }}
         labels: |
           org.opencontainers.image.source=${{ github.event.repository.html_url }}
           org.opencontainers.image.revision=${{ github.sha }}
+        outputs: type=image,name=ghcr.io/hanazuki/s3tftpd,push-by-digest=true,name-canonical=true,push=true
         cache-from: type=gha
         cache-to: type=gha,mode=max
+    - name: Export digests
+      run: |
+        mkdir -p "${RUNNER_TEMP}/digests"
+        printenv DIGEST > "${RUNNER_TEMP}/digests/${RUNNER}"
+      env:
+        RUNNER_TEMP: ${{ runner.temp }}
+        DIGEST: ${{ steps.build-push.outputs.digest }}
+        RUNNER: ${{ matrix.runner }}
+    - name: Upload digests'
+      uses: actions/upload-artifact@v4
+      with:
+        name: digests-${{ matrix.runner }}
+        path: ${{ runner.temp }}/digests/*
+        if-no-files-found: error
+        retention-days: 1
+
+  docker-merge:
+    needs: docker-build
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+    steps:
+    - uses: actions/download-artifact@v4
+      with:
+        path: ${{ runner.temp }}/digests
+        pattern: digests-*
+        merge-multiple: true
+    - shell: bash
+      run: |
+        tags=(-t "${REPO}:${SHA}")
+        if [[ $GITHUB_EVENT_NAME == push ]]; then
+          if [[ $GITHUB_REF == refs/heads/master ]]; then
+            tags=(-t "${REPO}:testing")
+          elsif [[ $GITHUB_REF == refs/tags/v* ]]; then
+            tags=(-t "${REPO}:${GITHUB_REF#refs/tags/v}" -t "${REPO}:latest")
+          fi
+        fi
+
+        cat "${RUNNER_TEMP}"/digests/* | xargs -I{} printf "%s@%s" "${REPO}" {} | docker buildx imagetools create -f /dev/stdin "${tags[@]}"
+        docker buildx imagetools inspect "${REPO}:${SHA}"
+      env:
+        RUNNER_TEMP: ${{ runner.temp }}
+        REPO: ghcr.io/${{ github.repository }}
+        SHA: ${{ github.sha }}
