build(rust): Move cargo dependencies into root Cargo.toml #118
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: docker_containers | |
| on: | |
| push: | |
| branches: | |
| - master | |
| tags: | |
| - 'v[0-9]+.[0-9]+.[0-9]+' | |
| workflow_dispatch: | |
| jobs: | |
| build_containers: | |
| name: Build docker images | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| build: | |
| - linux_x64_musl | |
| - linux_aarch64 | |
| - linux_armv7 | |
| include: | |
| - build: linux_x64_musl | |
| rust_target_arch: x86_64-unknown-linux-musl | |
| os: ubuntu-latest | |
| docker_architecture: linux/amd64 | |
| - build: linux_aarch64 | |
| rust_target_arch: aarch64-unknown-linux-musl | |
| os: ubuntu-latest | |
| docker_architecture: "linux/arm64" | |
| - build: linux_armv7 | |
| rust_target_arch: armv7-unknown-linux-musleabihf | |
| os: ubuntu-latest | |
| docker_architecture: "linux/arm/v7" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # https://stackoverflow.com/a/73783567/603646 | |
| # https://github.com/docker/buildx/issues/495#issuecomment-918925854 | |
| - name: Set up QEMU | |
| id: qemu | |
| uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3 | |
| with: | |
| image: tonistiigi/binfmt:latest | |
| platforms: all | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3 | |
| - name: Cache Docker layers | |
| uses: actions/cache@v4 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Login to DockerHub | |
| uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3 | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GHCR_TOKEN }} | |
| - name: Prepare | |
| id: prep | |
| run: | | |
| echo "created=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT | |
| echo "title=${GITHUB_REPOSITORY}:${GITHUB_REF//refs\/heads\//}" >> $GITHUB_OUTPUT | |
| echo "revision=${GITHUB_SHA}" >> $GITHUB_OUTPUT | |
| echo "source=${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}" >> $GITHUB_OUTPUT | |
| echo "vendor=${{ github.repository_owner }}" >> $GITHUB_OUTPUT | |
| echo "url=${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/blob/master/README.md" >> $GITHUB_OUTPUT | |
| VERSION=$(date +"%Y%m%d%H%M%S") | |
| echo "version=${VERSION}" >> $GITHUB_OUTPUT | |
| BASE_RUNTIME_IMAGE=alpine | |
| # Keep branch name as is except for master. | |
| if [[ $GITHUB_REF == "refs/heads/"* ]]; then | |
| GITHUB_BRANCH=${GITHUB_REF#refs/heads/} | |
| echo "Using GITHUB_BRANCH=${GITHUB_BRANCH}" | |
| REPO_REF="${GITHUB_BRANCH}" | |
| # Rename github master branch to docker testing tag. | |
| if [ $REPO_REF == "master" ]; then | |
| REPO_REF="testing" | |
| echo "Renaming REPO_REF=${REPO_REF}" | |
| fi | |
| # Trim the first 'v' from tags. | |
| elif [[ $GITHUB_REF == "refs/tags/"* ]]; then | |
| GITHUB_TAG=${GITHUB_REF#refs/tags/} | |
| echo "Using GITHUB_TAG=GITHUB_TAG" | |
| REPO_REF="${GITHUB_TAG:1}" | |
| # If not branch or tag, try to extract whatever it is. | |
| else | |
| REPO_REF="${GITHUB_REF#refs/*/}" | |
| echo "Using REPO_REF=${REPO_REF}" | |
| fi | |
| DOCKER_TAG_PREFIX=${REPO_REF} | |
| echo "tag=${GITHUB_REPOSITORY}:${DOCKER_TAG_PREFIX}-${{ matrix.rust_target_arch }}-${BASE_RUNTIME_IMAGE}" >> $GITHUB_OUTPUT | |
| - name: Build and push | |
| id: docker_build | |
| uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5 | |
| with: | |
| push: true | |
| context: . | |
| platforms: ${{ matrix.docker_architecture }} | |
| tags: | | |
| ${{ steps.prep.outputs.tag }} | |
| ghcr.io/${{ steps.prep.outputs.tag }} | |
| labels: | | |
| org.opencontainers.image.created=${{ steps.prep.outputs.created }} | |
| org.opencontainers.image.title=${{ steps.prep.outputs.title }} | |
| org.opencontainers.image.revision=${{ steps.prep.outputs.revision }} | |
| org.opencontainers.image.source=${{ steps.prep.outputs.source }} | |
| org.opencontainers.image.vendor=${{ steps.prep.outputs.vendor }} | |
| org.opencontainers.image.url=${{ steps.prep.outputs.url }} | |
| org.opencontainers.image.version=${{ steps.prep.outputs.version }} | |
| file: ./docker/${{ matrix.rust_target_arch }}.Dockerfile | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache | |
| # Disable these, because they create additional manifests, converting the image from a | |
| # manifest into a manifest list, and this breaks creation of the multi-arch manifest list | |
| # during the manifest create command with a not very useful error message | |
| # 'xxx is a manifest list'. | |
| # Presumably this started when this landed | |
| # https://github.com/docker/build-push-action/commit/ed2672fc3300b43c2e53190c739149d7ce8b7dad | |
| sbom: false | |
| provenance: false | |
| - name: Image digest | |
| run: echo ${{ steps.docker_build.outputs.digest }} | |
| publish_containers: | |
| name: Publish docker images | |
| runs-on: ubuntu-22.04 | |
| strategy: | |
| matrix: | |
| registry: [docker.io, ghcr.io] | |
| needs: [build_containers] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Login to DockerHub | |
| if: matrix.registry == 'docker.io' | |
| uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3 | |
| with: | |
| registry: docker.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GitHub Container Registry | |
| if: matrix.registry == 'ghcr.io' | |
| uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GHCR_TOKEN }} | |
| # Creates a manifest list to combine all architectures under one tag | |
| # in the docker registry. | |
| - name: Create manifest list file | |
| env: | |
| DOCKER_CLI_EXPERIMENTAL: enabled | |
| run: | | |
| # Keep branch name as is except for master. | |
| if [[ $GITHUB_REF == "refs/heads/"* ]]; then | |
| GITHUB_BRANCH=${GITHUB_REF#refs/heads/} | |
| echo "Using GITHUB_BRANCH=${GITHUB_BRANCH}" | |
| REPO_REF="${GITHUB_BRANCH}" | |
| # Rename github master branch to docker testing tag. | |
| if [ $REPO_REF == "master" ]; then | |
| REPO_REF="testing" | |
| echo "Renaming REPO_REF=${REPO_REF}" | |
| fi | |
| # Trim the first 'v' from tags. | |
| elif [[ $GITHUB_REF == "refs/tags/"* ]]; then | |
| GITHUB_TAG=${GITHUB_REF#refs/tags/} | |
| echo "Using GITHUB_TAG=GITHUB_TAG" | |
| REPO_REF="${GITHUB_TAG:1}" | |
| # If not branch or tag, try to extract whatever it is. | |
| else | |
| REPO_REF="${GITHUB_REF#refs/*/}" | |
| echo "Using REPO_REF=${REPO_REF}" | |
| fi | |
| TAG_PREFIX="${REPO_REF}" | |
| PROJECT_NAME=${{ matrix.registry }}/${GITHUB_REPOSITORY} | |
| BASE_RUNTIME_IMAGE=alpine | |
| SOURCE=${PROJECT_NAME}:${TAG_PREFIX} | |
| AMD64=${SOURCE}-x86_64-unknown-linux-musl-${BASE_RUNTIME_IMAGE} | |
| ARM64=${SOURCE}-aarch64-unknown-linux-musl-${BASE_RUNTIME_IMAGE} | |
| ARMV7=${SOURCE}-armv7-unknown-linux-musleabihf-${BASE_RUNTIME_IMAGE} | |
| MAIN_TAG_BASE_RUNTIME_IMAGE=${TAG_PREFIX}-${BASE_RUNTIME_IMAGE} | |
| # Push '[branch/tag]-alpine' tag. | |
| docker manifest create ${PROJECT_NAME}:${MAIN_TAG_BASE_RUNTIME_IMAGE} ${AMD64} ${ARM64} ${ARMV7} | |
| docker manifest push ${PROJECT_NAME}:${MAIN_TAG_BASE_RUNTIME_IMAGE} | |
| MAIN_TAG=${TAG_PREFIX} | |
| # Push '[branch/tag]' tag. | |
| docker manifest create ${PROJECT_NAME}:${MAIN_TAG} ${AMD64} ${ARM64} ${ARMV7} | |
| docker manifest push ${PROJECT_NAME}:${MAIN_TAG} | |
| # For any new git tag, update the latest docker tag. | |
| if [[ $GITHUB_TAG ]]; then | |
| docker manifest create ${PROJECT_NAME}:latest ${AMD64} ${ARM64} ${ARMV7} | |
| docker manifest push ${PROJECT_NAME}:latest | |
| fi |