diff --git a/.github/workflows/ghcr.yml b/.github/workflows/ghcr.yml new file mode 100644 index 00000000..5069e261 --- /dev/null +++ b/.github/workflows/ghcr.yml @@ -0,0 +1,329 @@ +name: Build and publish to ghcr.io + +on: + workflow_dispatch: + push: + tags: + - 'v[0-9]+.[0-9]+.[0-9]+' + - '[0-9]+.[0-9]+.[0-9]+' + - 'v[0-9]+.[0-9]+.[0-9]+-[0-9]+' + - '[0-9]+.[0-9]+.[0-9]+-[0-9]+' + +env: + CARGO_TERM_COLOR: always + LATEST_TAG: latest + +permissions: + contents: read + packages: write # So need to set "secrets.GITHUB_TOKEN" + +jobs: + + # Binary build + build: + name: Build - ${{ matrix.job.name }} + runs-on: ubuntu-24.04 + strategy: + fail-fast: false + matrix: + job: + - { name: "amd64", target: "x86_64-unknown-linux-musl" } + - { name: "arm64v8", target: "aarch64-unknown-linux-musl" } + - { name: "armv7", target: "armv7-unknown-linux-musleabihf" } + - { name: "i386", target: "i686-unknown-linux-musl" } + #- { name: "amd64fb", target: "x86_64-unknown-freebsd" } + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install Rust toolchain + uses: dtolnay/rust-toolchain@v1 + with: + toolchain: "1.70.0" + targets: ${{ matrix.job.target }} + components: "rustfmt" + + - uses: Swatinem/rust-cache@v2 + with: + prefix-key: ${{ matrix.job.os }} + + - name: Build + uses: actions-rs/cargo@v1 + with: + command: build + args: --release --all-features --target=${{ matrix.job.target }} + use-cross: true + + - name: Exec chmod + run: chmod -v a+x target/${{ matrix.job.target }}/release/* + + - name: Publish Artifacts + uses: actions/upload-artifact@v4 + with: + name: binaries-linux-${{ matrix.job.name }} + path: | + target/${{ matrix.job.target }}/release/hbbr + target/${{ matrix.job.target }}/release/hbbs + target/${{ matrix.job.target }}/release/rustdesk-utils + if-no-files-found: error + + # Build and push single-arch Docker images to ghcr.io + create-s6-overlay-images: + name: Docker push - ${{ matrix.job.name }} + needs: build + runs-on: ubuntu-24.04 + strategy: + fail-fast: false + matrix: + job: + - { name: "amd64", docker_platform: "linux/amd64", s6_platform: "x86_64" } + - { name: "arm64v8", docker_platform: "linux/arm64", s6_platform: "aarch64" } + - { name: "armv7", docker_platform: "linux/arm/v7", s6_platform: "armhf" } + - { name: "i386", docker_platform: "linux/386", s6_platform: "i686" } + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Download binaries + uses: actions/download-artifact@v4 + with: + pattern: binaries-linux-${{ matrix.job.name }} + path: docker/rootfs/usr/bin + merge-multiple: true + + - name: Make binaries executable + run: chmod -v a+x docker/rootfs/usr/bin/* + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }}-s6 + + - name: Get git tag + id: vars + run: | + T=${GITHUB_REF#refs/*/} + M=${T%%.*} + echo "GIT_TAG=$T" >> $GITHUB_ENV + echo "MAJOR_TAG=$M" >> $GITHUB_ENV + + - name: Build and push Docker image + uses: docker/build-push-action@v6 + with: + context: "./docker" + platforms: ${{ matrix.job.docker_platform }} + push: true + provenance: false + build-args: | + S6_ARCH=${{ matrix.job.s6_platform }} + tags: | + ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-${{ matrix.job.name }} + ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-${{ matrix.job.name }} + ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-${{ matrix.job.name }} + labels: ${{ steps.meta.outputs.labels }} + + # Set up minifest and tag for pushed image + create-s6-overlay-images-manifest: + name: Manifest for s6-overlay images + needs: create-s6-overlay-images + runs-on: ubuntu-24.04 + + steps: + - name: Log in to GitHub Container Registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Get git tag + id: vars + run: | + T=${GITHUB_REF#refs/*/} + M=${T%%.*} + echo "GIT_TAG=$T" >> $GITHUB_ENV + echo "MAJOR_TAG=$M" >> $GITHUB_ENV + + # Create and push manifest for :ve.rs.ion tag + - name: Create and push manifest (:ve.rs.ion) + uses: Noelware/docker-manifest-action@master + if: github.event_name != 'workflow_dispatch' + with: + base-image: ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }} + extra-images: | + ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-amd64, + ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-arm64v8, + ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-armv7, + ghcr.io/${{ github.repository }}-s6:${{ env.GIT_TAG }}-i386 + push: true + + # Create and push manifest for :major tag + - name: Create and push manifest (:major) + uses: Noelware/docker-manifest-action@master + with: + base-image: ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }} + extra-images: | + ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-amd64, + ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-arm64v8, + ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-armv7, + ghcr.io/${{ github.repository }}-s6:${{ env.MAJOR_TAG }}-i386 + push: true + + # Create and push manifest for :latest tag + - name: Create and push manifest (:latest) + uses: Noelware/docker-manifest-action@master + with: + base-image: ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }} + extra-images: | + ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-amd64, + ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-arm64v8, + ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-armv7, + ghcr.io/${{ github.repository }}-s6:${{ env.LATEST_TAG }}-i386 + push: true + + # Build and push single-arch Docker images to ghcr.io + create-classic-images: + name: Docker push - ${{ matrix.job.name }} + needs: build + runs-on: ubuntu-24.04 + strategy: + fail-fast: false + matrix: + job: + - { name: "amd64", docker_platform: "linux/amd64" } + - { name: "arm64v8", docker_platform: "linux/arm64" } + - { name: "armv7", docker_platform: "linux/arm/v7" } + - { name: "i386", docker_platform: "linux/386" } + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Download binaries + uses: actions/download-artifact@v4 + with: + pattern: binaries-linux-${{ matrix.job.name }} + path: docker-classic + merge-multiple: true + + - name: Make binaries executable + run: chmod -v a+x docker-classic/* + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }} + + - name: Get git tag + id: vars + run: | + T=${GITHUB_REF#refs/*/} + M=${T%%.*} + echo "GIT_TAG=$T" >> $GITHUB_ENV + echo "MAJOR_TAG=$M" >> $GITHUB_ENV + + - name: Build and push Docker image + uses: docker/build-push-action@v6 + with: + context: "./docker-classic" + platforms: ${{ matrix.job.docker_platform }} + push: true + provenance: false + tags: | + ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-${{ matrix.job.name }} + ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-${{ matrix.job.name }} + ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-${{ matrix.job.name }} + labels: ${{ steps.meta.outputs.labels }} + + # Set up minifest and tag for pushed image + create-classic-images-manifest: + name: Manifest for classic images + needs: create-classic-images + runs-on: ubuntu-24.04 + + steps: + - name: Log in to GitHub Container Registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Get git tag + id: vars + run: | + T=${GITHUB_REF#refs/*/} + M=${T%%.*} + echo "GIT_TAG=$T" >> $GITHUB_ENV + echo "MAJOR_TAG=$M" >> $GITHUB_ENV + + # Create and push manifest for :ve.rs.ion tag + - name: Create and push manifest (:ve.rs.ion) + uses: Noelware/docker-manifest-action@master + if: github.event_name != 'workflow_dispatch' + with: + base-image: ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }} + extra-images: | + ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-amd64, + ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-arm64v8, + ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-armv7, + ghcr.io/${{ github.repository }}:${{ env.GIT_TAG }}-i386 + push: true + + # Create and push manifest for :major tag + - name: Create and push manifest (:major) + uses: Noelware/docker-manifest-action@master + with: + base-image: ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }} + extra-images: | + ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-amd64, + ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-arm64v8, + ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-armv7, + ghcr.io/${{ github.repository }}:${{ env.MAJOR_TAG }}-i386 + push: true + + # Create and push manifest for :latest tag + - name: Create and push manifest (:latest) + uses: Noelware/docker-manifest-action@master + with: + base-image: ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }} + extra-images: | + ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-amd64, + ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-arm64v8, + ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-armv7, + ghcr.io/${{ github.repository }}:${{ env.LATEST_TAG }}-i386 + push: true