Skip to content

Commit

Permalink
feat: Publish container images to GitHub ghcr.io (#473)
Browse files Browse the repository at this point in the history 
* ghcr

* fix name

* ghcr

* ghcr

* ghcr

* ghcr

* ghcr

* ghcr update action

* ghcr update action

* ghcr update action

* ghcr update action

* ghcr update action

* ghcr update action

* ghcr classic

* ghcr classic

* ghcr: better naming and tidy up

* ghcr classic fix chmod

* tidy up

* tidy up

* if-no-files-found: error
  • Loading branch information
@xlionjuan
xlionjuan authored Sep 30, 2024
1 parent b37033d commit 3b386b6
Showing 1 changed file with 329 additions and 0 deletions.
329 changes: 329 additions & 0 deletions .github/workflows/ghcr.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,329 @@
name: Build and publish to ghcr.io

on:
workflow_dispatch:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'
- '[0-9]+.[0-9]+.[0-9]+'
- 'v[0-9]+.[0-9]+.[0-9]+-[0-9]+'
- '[0-9]+.[0-9]+.[0-9]+-[0-9]+'

env:
CARGO_TERM_COLOR: always
LATEST_TAG: latest

permissions:
contents: read
packages: write # So need to set "secrets.GITHUB_TOKEN"

jobs:

# Binary build
build:
name: Build - ${{ matrix.job.name }}
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
job:
- { name: "amd64", target: "x86_64-unknown-linux-musl" }
- { name: "arm64v8", target: "aarch64-unknown-linux-musl" }
- { name: "armv7", target: "armv7-unknown-linux-musleabihf" }
- { name: "i386", target: "i686-unknown-linux-musl" }
#- { name: "amd64fb", target: "x86_64-unknown-freebsd" }

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Install Rust toolchain
uses: dtolnay/rust-toolchain@v1
with:
toolchain: "1.70.0"
targets: ${{ matrix.job.target }}
components: "rustfmt"

- uses: Swatinem/rust-cache@v2
with:
prefix-key: ${{ matrix.job.os }}

- name: Build
uses: actions-rs/cargo@v1
with:
command: build
args: --release --all-features --target=${{ matrix.job.target }}
use-cross: true

- name: Exec chmod
run: chmod -v a+x target/${{ matrix.job.target }}/release/*

- name: Publish Artifacts
uses: actions/upload-artifact@v4
with:
name: binaries-linux-${{ matrix.job.name }}
path: |
target/${{ matrix.job.target }}/release/hbbr
target/${{ matrix.job.target }}/release/hbbs
target/${{ matrix.job.target }}/release/rustdesk-utils
if-no-files-found: error

# Build and push single-arch Docker images to ghcr.io
create-s6-overlay-images:
name: Docker push - ${{ matrix.job.name }}
needs: build
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
job:
- { name: "amd64", docker_platform: "linux/amd64", s6_platform: "x86_64" }
- { name: "arm64v8", docker_platform: "linux/arm64", s6_platform: "aarch64" }
- { name: "armv7", docker_platform: "linux/arm/v7", s6_platform: "armhf" }
- { name: "i386", docker_platform: "linux/386", s6_platform: "i686" }

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Download binaries
uses: actions/download-artifact@v4
with:
pattern: binaries-linux-${{ matrix.job.name }}
path: docker/rootfs/usr/bin
merge-multiple: true

- name: Make binaries executable
run: chmod -v a+x docker/rootfs/usr/bin/*

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Log in to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}-s6

- name: Get git tag
id: vars
run: |
T=${GITHUB_REF#refs/*/}
M=${T%%.*}
echo "GIT_TAG=$T" >> $GITHUB_ENV
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: "./docker"
platforms: ${{ matrix.job.docker_platform }}
push: true
provenance: false
build-args: |
S6_ARCH=${{ matrix.job.s6_platform }}
tags: |
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-${{ matrix.job.name }}
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
labels: ${{ steps.meta.outputs.labels }}

# Set up minifest and tag for pushed image
create-s6-overlay-images-manifest:
name: Manifest for s6-overlay images
needs: create-s6-overlay-images
runs-on: ubuntu-24.04

steps:
- name: Log in to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Get git tag
id: vars
run: |
T=${GITHUB_REF#refs/*/}
M=${T%%.*}
echo "GIT_TAG=$T" >> $GITHUB_ENV
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
# Create and push manifest for :ve.rs.ion tag
- name: Create and push manifest (:ve.rs.ion)
uses: Noelware/docker-manifest-action@master
if: github.event_name != 'workflow_dispatch'
with:
base-image: ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-amd64,
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-armv7,
ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-i386
push: true

# Create and push manifest for :major tag
- name: Create and push manifest (:major)
uses: Noelware/docker-manifest-action@master
with:
base-image: ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-amd64,
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-armv7,
ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-i386
push: true

# Create and push manifest for :latest tag
- name: Create and push manifest (:latest)
uses: Noelware/docker-manifest-action@master
with:
base-image: ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-amd64,
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-armv7,
ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-i386
push: true

# Build and push single-arch Docker images to ghcr.io
create-classic-images:
name: Docker push - ${{ matrix.job.name }}
needs: build
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
job:
- { name: "amd64", docker_platform: "linux/amd64" }
- { name: "arm64v8", docker_platform: "linux/arm64" }
- { name: "armv7", docker_platform: "linux/arm/v7" }
- { name: "i386", docker_platform: "linux/386" }

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Download binaries
uses: actions/download-artifact@v4
with:
pattern: binaries-linux-${{ matrix.job.name }}
path: docker-classic
merge-multiple: true

- name: Make binaries executable
run: chmod -v a+x docker-classic/*

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Log in to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}

- name: Get git tag
id: vars
run: |
T=${GITHUB_REF#refs/*/}
M=${T%%.*}
echo "GIT_TAG=$T" >> $GITHUB_ENV
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: "./docker-classic"
platforms: ${{ matrix.job.docker_platform }}
push: true
provenance: false
tags: |
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }}
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-${{ matrix.job.name }}
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }}
labels: ${{ steps.meta.outputs.labels }}

# Set up minifest and tag for pushed image
create-classic-images-manifest:
name: Manifest for classic images
needs: create-classic-images
runs-on: ubuntu-24.04

steps:
- name: Log in to GitHub Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Get git tag
id: vars
run: |
T=${GITHUB_REF#refs/*/}
M=${T%%.*}
echo "GIT_TAG=$T" >> $GITHUB_ENV
echo "MAJOR_TAG=$M" >> $GITHUB_ENV
# Create and push manifest for :ve.rs.ion tag
- name: Create and push manifest (:ve.rs.ion)
uses: Noelware/docker-manifest-action@master
if: github.event_name != 'workflow_dispatch'
with:
base-image: ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-amd64,
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-armv7,
ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-i386
push: true

# Create and push manifest for :major tag
- name: Create and push manifest (:major)
uses: Noelware/docker-manifest-action@master
with:
base-image: ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-amd64,
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-armv7,
ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-i386
push: true

# Create and push manifest for :latest tag
- name: Create and push manifest (:latest)
uses: Noelware/docker-manifest-action@master
with:
base-image: ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}
extra-images: |
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-amd64,
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-arm64v8,
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-armv7,
ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-i386
push: true

0 comments on commit 3b386b6

Please sign in to comment.