Build docker images through CI (#207) #230
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker build and push | |
| on: | |
| push: | |
| branches: | |
| - unstable | |
| - stable | |
| - interop1 | |
| tags: | |
| - v* | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| # Enable self-hosted runners for the sigp repo only. | |
| SELF_HOSTED_RUNNERS: ${{ github.repository == 'sigp/anchor' }} | |
| RUST_VERSION: '1.85.1' | |
| # Deny warnings in CI | |
| RUSTFLAGS: "-D warnings -C debuginfo=0" | |
| # Prevent Github API rate limiting | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/anchor | |
| jobs: | |
| extract-version: | |
| uses: ./.github/workflows/extract-version.yml | |
| build-docker: | |
| name: build-docker | |
| # TODO: we don't have self-hosted runners available for anchor at the moment | |
| # runs-on: ${{ github.repository == 'sigp/anchor' && fromJson('["self-hosted", "linux", "release"]') || 'ubuntu-24.04' }} | |
| runs-on: ubuntu-24.04 | |
| strategy: | |
| matrix: | |
| # cpu_arch: [aarch64, x86_64] | |
| cpu_arch: [x86_64] | |
| include: | |
| - profile: maxperf | |
| needs: [extract-version] | |
| env: | |
| VERSION: ${{ needs.extract-version.outputs.VERSION }} | |
| VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }} | |
| steps: | |
| - name: Map aarch64 to arm64 short arch | |
| if: startsWith(matrix.cpu_arch, 'aarch64') | |
| run: echo "SHORT_ARCH=arm64" >> $GITHUB_ENV | |
| - name: Map x86_64 to amd64 short arch | |
| if: startsWith(matrix.cpu_arch, 'x86_64') | |
| run: echo "SHORT_ARCH=amd64" >> $GITHUB_ENV | |
| - name: Checkout sources | |
| uses: actions/checkout@v4 | |
| # - name: Retrieve Docker credentials from Vault | |
| # uses: hashicorp/vault-action@v2 | |
| # with: | |
| # url: https://vault.sigp.io | |
| # method: github | |
| # githubToken: ${{ secrets.GH_TOKEN }} | |
| # secrets: | | |
| # spesi_kv/data/dev/docker/anchor DOCKER_USERNAME ; | |
| # spesi_kv/data/dev/docker/anchor DOCKER_PASSWORD | |
| - name: Dockerhub login | |
| run: | | |
| echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin | |
| - name: Setup QEMU | |
| if: env.SELF_HOSTED_RUNNERS == 'false' | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Setup Docker Buildx | |
| if: env.SELF_HOSTED_RUNNERS == 'false' | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build and push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| platforms: linux/${{ env.SHORT_ARCH }} | |
| labels: | | |
| git.revision=${{ github.sha }} | |
| git.branch=${{ github.ref }} | |
| git.tag=${{ github.ref }} | |
| git.repository=${{ github.repository }} | |
| push: true | |
| tags: | | |
| ${{ env.IMAGE_NAME }}:${{ env.VERSION }}${{ env.VERSION_SUFFIX}}-${{ env.SHORT_ARCH }} | |
| build-args: | | |
| RUST_VERSION=${{ env.RUST_VERSION }} | |
| docker-multiarch-manifest: | |
| name: docker-multiarch-manifest | |
| runs-on: ubuntu-24.04 | |
| needs: [build-docker, extract-version] | |
| env: | |
| # We need to enable experimental docker features in order to use `docker manifest` | |
| DOCKER_CLI_EXPERIMENTAL: enabled | |
| VERSION: ${{ needs.extract-version.outputs.VERSION }} | |
| VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }} | |
| steps: | |
| - name: Dockerhub login | |
| run: | | |
| echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin | |
| - name: Create and push multiarch manifest | |
| run: | | |
| docker buildx imagetools create -t ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX} \ | |
| ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX}-amd64; | |
| # ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX}-arm64; |