From 9f17d55e4bc2f2ec16f64d266e10ecb7184e1c9b Mon Sep 17 00:00:00 2001 From: Sven-Hendrik Haase Date: Thu, 15 Sep 2022 05:24:32 +0200 Subject: Build container images using podman --- .github/workflows/build-release-binaries.yml | 181 -------------------- .github/workflows/build-release.yml | 240 +++++++++++++++++++++++++++ .github/workflows/ci.yml | 7 +- Containerfile | 3 + Containerfile.alpine | 3 + Dockerfile | 18 -- Dockerfile.alpine | 19 --- 7 files changed, 248 insertions(+), 223 deletions(-) delete mode 100644 .github/workflows/build-release-binaries.yml create mode 100644 .github/workflows/build-release.yml create mode 100644 Containerfile create mode 100644 Containerfile.alpine delete mode 100644 Dockerfile delete mode 100644 Dockerfile.alpine diff --git a/.github/workflows/build-release-binaries.yml b/.github/workflows/build-release-binaries.yml deleted file mode 100644 index ff36c7a..0000000 --- a/.github/workflows/build-release-binaries.yml +++ /dev/null @@ -1,181 +0,0 @@ -name: Build release binaries (and publish them if this is a tag) - -on: [push, pull_request] - -jobs: - binaries: - name: ${{ matrix.os }} for ${{ matrix.target }} - runs-on: ${{ matrix.os }} - timeout-minutes: 30 - strategy: - matrix: - target: - - x86_64-unknown-linux-musl - - aarch64-unknown-linux-musl - - armv7-unknown-linux-musleabihf - - arm-unknown-linux-musleabihf - - mips-unknown-linux-musl - - mipsel-unknown-linux-musl - - mips64-unknown-linux-gnuabi64 - - mips64el-unknown-linux-gnuabi64 - - riscv64gc-unknown-linux-gnu - - x86_64-pc-windows-msvc - - x86_64-apple-darwin - - x86_64-unknown-freebsd - include: - - os: ubuntu-latest - target: x86_64-unknown-linux-musl - artifact_name: target/x86_64-unknown-linux-musl/release/miniserve - release_name: x86_64-unknown-linux-musl - cross: true - strip: true - compress: true - cargo_flags: "" - - os: ubuntu-latest - target: aarch64-unknown-linux-musl - artifact_name: target/aarch64-unknown-linux-musl/release/miniserve - release_name: aarch64-unknown-linux-musl - cross: true - strip: false - compress: true - cargo_flags: "" - - os: ubuntu-latest - target: armv7-unknown-linux-musleabihf - artifact_name: target/armv7-unknown-linux-musleabihf/release/miniserve - release_name: armv7-unknown-linux-musleabihf - cross: true - strip: false - compress: true - cargo_flags: "" - - os: ubuntu-latest - target: arm-unknown-linux-musleabihf - artifact_name: target/arm-unknown-linux-musleabihf/release/miniserve - release_name: arm-unknown-linux-musleabihf - cross: true - strip: false - compress: true - cargo_flags: "" - - os: ubuntu-latest - target: mips-unknown-linux-musl - artifact_name: target/mips-unknown-linux-musl/release/miniserve - release_name: mips-unknown-linux-musl - cross: true - strip: false - compress: true - cargo_flags: "--no-default-features" - - os: ubuntu-latest - target: mipsel-unknown-linux-musl - artifact_name: target/mipsel-unknown-linux-musl/release/miniserve - release_name: mipsel-unknown-linux-musl - cross: true - strip: false - compress: true - cargo_flags: "--no-default-features" - - os: ubuntu-latest - target: mips64-unknown-linux-gnuabi64 - artifact_name: target/mips64-unknown-linux-gnuabi64/release/miniserve - release_name: mips64-unknown-linux-gnuabi64 - cross: true - strip: false - compress: false - cargo_flags: "--no-default-features" - - os: ubuntu-latest - target: mips64el-unknown-linux-gnuabi64 - artifact_name: target/mips64el-unknown-linux-gnuabi64/release/miniserve - release_name: mips64el-unknown-linux-gnuabi64 - cross: true - strip: false - compress: false - cargo_flags: "--no-default-features" - - os: ubuntu-latest - target: riscv64gc-unknown-linux-gnu - artifact_name: target/riscv64gc-unknown-linux-gnu/release/miniserve - release_name: riscv64gc-unknown-linux-gnu - cross: true - strip: false - compress: false - cargo_flags: "--no-default-features" - - os: windows-latest - target: x86_64-pc-windows-msvc - artifact_name: target/x86_64-pc-windows-msvc/release/miniserve.exe - release_name: x86_64-pc-windows-msvc.exe - cross: false - strip: true - compress: true - cargo_flags: "" - - os: macos-latest - target: x86_64-apple-darwin - artifact_name: target/x86_64-apple-darwin/release/miniserve - release_name: x86_64-apple-darwin - cross: false - strip: true - compress: true - cargo_flags: "" - - os: ubuntu-latest - target: x86_64-unknown-freebsd - artifact_name: target/x86_64-unknown-freebsd/release/miniserve - release_name: x86_64-unknown-freebsd - cross: true - strip: false - compress: false - cargo_flags: "" - - steps: - - name: Checkout code - uses: actions/checkout@v2 - - - name: Setup Rust toolchain - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - target: ${{ matrix.target }} - - - name: cargo build - uses: actions-rs/cargo@v1 - with: - command: build - args: --release --locked --target=${{ matrix.target }} ${{ matrix.cargo_flags }} - use-cross: ${{ matrix.cross }} - - - name: Compress binaries - uses: svenstaro/upx-action@v2 - with: - file: ${{ matrix.artifact_name }} - args: --lzma - strip: ${{ matrix.strip }} - if: ${{ matrix.compress }} - - - name: Upload artifact - uses: actions/upload-artifact@v2 - with: - name: ${{ matrix.target }} - path: ${{ matrix.artifact_name }} - - ### - # Below this line, steps will only be run if a tag was pushed. - ### - - - name: Get tag name - id: tag_name - run: | - echo ::set-output name=current_version::${GITHUB_REF#refs/tags/v} - shell: bash - if: startsWith(github.ref, 'refs/tags/v') - - - name: Get CHANGELOG.md entry - id: changelog_reader - uses: mindsers/changelog-reader-action@v1 - with: - version: ${{ steps.tag_name.outputs.current_version }} - path: ./CHANGELOG.md - if: startsWith(github.ref, 'refs/tags/v') - - - name: Publish - uses: svenstaro/upload-release-action@v2 - with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: ${{ matrix.artifact_name }} - tag: ${{ github.ref }} - asset_name: miniserve-$tag-${{ matrix.release_name }} - body: ${{ steps.changelog_reader.outputs.log_entry }} - if: startsWith(github.ref, 'refs/tags/v') diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml new file mode 100644 index 0000000..9c5e0cb --- /dev/null +++ b/.github/workflows/build-release.yml @@ -0,0 +1,240 @@ +name: Build/publish release + +on: [push, pull_request] + +jobs: + publish: + name: Binary ${{ matrix.target }} (on ${{ matrix.os }}) + runs-on: ${{ matrix.os }} + outputs: + version: ${{ steps.extract_version.outputs.version }} + strategy: + matrix: + include: + - os: ubuntu-latest + target: x86_64-unknown-linux-musl + cross: true + compress: true + cargo_flags: "" + - os: ubuntu-latest + target: x86_64-unknown-linux-gnu + cross: true + compress: true + cargo_flags: "" + - os: ubuntu-latest + target: aarch64-unknown-linux-musl + cross: true + compress: true + cargo_flags: "" + - os: ubuntu-latest + target: aarch64-unknown-linux-gnu + cross: true + compress: true + cargo_flags: "" + - os: ubuntu-latest + target: armv7-unknown-linux-musleabihf + cross: true + compress: true + cargo_flags: "" + - os: ubuntu-latest + target: armv7-unknown-linux-gnueabihf + cross: true + compress: true + cargo_flags: "" + - os: ubuntu-latest + target: arm-unknown-linux-musleabihf + cross: true + compress: true + cargo_flags: "" + - os: ubuntu-latest + target: mips-unknown-linux-musl + cross: true + compress: true + cargo_flags: "--no-default-features" + - os: ubuntu-latest + target: mipsel-unknown-linux-musl + cross: true + compress: true + cargo_flags: "--no-default-features" + - os: ubuntu-latest + target: mips64-unknown-linux-gnuabi64 + cross: true + compress: false + cargo_flags: "--no-default-features" + - os: ubuntu-latest + target: mips64el-unknown-linux-gnuabi64 + cross: true + compress: false + cargo_flags: "--no-default-features" + - os: ubuntu-latest + target: riscv64gc-unknown-linux-gnu + cross: true + compress: false + cargo_flags: "--no-default-features" + - os: windows-latest + target: x86_64-pc-windows-msvc + cross: false + compress: true + cargo_flags: "" + - os: macos-latest + target: x86_64-apple-darwin + cross: false + compress: true + cargo_flags: "" + - os: ubuntu-latest + target: x86_64-unknown-freebsd + cross: true + compress: false + cargo_flags: "" + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Setup Rust toolchain + uses: actions-rs/toolchain@v1 + with: + toolchain: stable + target: ${{ matrix.target }} + override: true + + - run: sudo apt install musl-tools + if: startsWith(matrix.os, 'ubuntu') + + - name: cargo build + uses: actions-rs/cargo@v1 + with: + command: build + args: --release --locked --target=${{ matrix.target }} ${{ matrix.cargo_flags }} + use-cross: ${{ matrix.cross }} + + - name: Set exe extension for Windows + run: echo "EXE=.exe" >> $env:GITHUB_ENV + if: startsWith(matrix.os, 'windows') + + - name: Compress binaries + uses: svenstaro/upx-action@v2 + with: + file: target/${{ matrix.target }}/release/miniserve${{ env.EXE }} + args: --best --lzma + strip: false # We're stripping already in Cargo.toml + if: ${{ matrix.compress }} + + - name: Upload artifact + uses: actions/upload-artifact@v3 + with: + name: ${{ matrix.target }} + path: target/${{ matrix.target }}/release/miniserve${{ env.EXE }} + + - name: Get version from tag + id: extract_version + run: | + echo ::set-output name=version::${GITHUB_REF_NAME#v} + shell: bash + + - name: Install CHANGELOG parser + uses: taiki-e/install-action@parse-changelog + + - name: Get CHANGELOG entry + run: parse-changelog CHANGELOG.md ${{ steps.extract_version.outputs.version }} | tee changelog_entry + if: startsWith(github.ref_name, 'v') && github.ref_type == 'tag' + shell: bash + + - name: Read changelog entry from file + id: changelog_entry + uses: juliangruber/read-file-action@v1 + with: + path: ./changelog_entry + if: startsWith(github.ref_name, 'v') && github.ref_type == 'tag' + + - name: Release + uses: svenstaro/upload-release-action@v2 + with: + repo_token: ${{ secrets.GITHUB_TOKEN }} + file: target/${{ matrix.target }}/release/miniserve${{ env.EXE }} + tag: ${{ github.ref_name }} + asset_name: miniserve-${{ steps.extract_version.outputs.version }}-${{ matrix.target }}${{ env.EXE }} + body: ${{ steps.changelog_entry.outputs.content }} + if: startsWith(github.ref_name, 'v') && github.ref_type == 'tag' + + container-images: + name: Publish images + runs-on: ubuntu-latest + needs: publish + # Run for tags and pushes to the default branch + if: (startsWith(github.ref_name, 'v') && github.ref_type == 'tag') || github.event.repository.default_branch == github.ref_name + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Download artifact aarch64-unknown-linux-gnu + uses: actions/download-artifact@v3 + with: + name: aarch64-unknown-linux-gnu + path: target/aarch64-unknown-linux-gnu/release + + - name: Download artifact x86_64-unknown-linux-gnu + uses: actions/download-artifact@v3 + with: + name: x86_64-unknown-linux-gnu + path: target/x86_64-unknown-linux-gnu/release + + - name: Download artifact armv7-unknown-linux-gnueabihf + uses: actions/download-artifact@v3 + with: + name: armv7-unknown-linux-gnueabihf + path: target/armv7-unknown-linux-gnueabihf/release + + - name: Download artifact aarch64-unknown-linux-musl + uses: actions/download-artifact@v3 + with: + name: aarch64-unknown-linux-musl + path: target/aarch64-unknown-linux-musl/release + + - name: Download artifact x86_64-unknown-linux-musl + uses: actions/download-artifact@v3 + with: + name: x86_64-unknown-linux-musl + path: target/x86_64-unknown-linux-musl/release + + - name: Download artifact armv7-unknown-linux-musleabihf + uses: actions/download-artifact@v3 + with: + name: armv7-unknown-linux-musleabihf + path: target/armv7-unknown-linux-musleabihf/release + + - name: podman login + run: podman login --username ${{ secrets.DOCKERHUB_USERNAME }} --password ${{ secrets.DOCKERHUB_TOKEN }} docker.io + + - name: podman build linux/arm64 + run: podman build --format docker --platform linux/arm64/v8 --manifest miniserve -f Containerfile target/aarch64-unknown-linux-gnu/release + + - name: podman build linux/amd64 + run: podman build --format docker --platform linux/amd64 --manifest miniserve -f Containerfile target/x86_64-unknown-linux-gnu/release + + - name: podman build linux/arm + run: podman build --format docker --platform linux/arm/v7 --manifest miniserve -f Containerfile target/armv7-unknown-linux-gnueabihf/release + + - name: podman manifest push latest + run: podman manifest push miniserve docker.io/svenstaro/miniserve:latest + + - name: podman manifest push tag version + run: podman manifest push miniserve docker.io/svenstaro/miniserve:${{ needs.publish.outputs.version }} + if: startsWith(github.ref_name, 'v') + + - name: podman build linux/arm64 (alpine edition) + run: podman build --format docker --platform linux/arm64/v8 --manifest miniserve-alpine -f Containerfile.alpine target/aarch64-unknown-linux-musl/release + + - name: podman build linux/amd64 (alpine edition) + run: podman build --format docker --platform linux/amd64 --manifest miniserve-alpine -f Containerfile.alpine target/x86_64-unknown-linux-musl/release + + - name: podman build linux/arm (alpine edition) + run: podman build --format docker --platform linux/arm/v7 --manifest miniserve-alpine -f Containerfile.alpine target/armv7-unknown-linux-musleabihf/release + + - name: podman manifest push latest (alpine edition) + run: podman manifest push miniserve-alpine docker.io/svenstaro/miniserve:alpine + + - name: podman manifest push tag version (alpine edition) + run: podman manifest push miniserve-alpine docker.io/svenstaro/miniserve:${{ needs.publish.outputs.version }}-alpine + if: startsWith(github.ref_name, 'v') diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 02d4808..840f43a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,13 +4,11 @@ on: [push, pull_request] jobs: ci: - name: ${{ matrix.rust }} on ${{ matrix.os }} + name: ${{ matrix.os }} runs-on: ${{ matrix.os }} - timeout-minutes: 30 strategy: matrix: os: [ubuntu-latest, windows-latest, macos-latest] - rust: [stable, nightly] steps: - name: Checkout code @@ -20,7 +18,7 @@ jobs: uses: actions-rs/toolchain@v1 with: profile: minimal - toolchain: ${{ matrix.rust }} + toolchain: stable override: true components: rustfmt, clippy @@ -45,4 +43,3 @@ jobs: with: command: clippy args: -- -D warnings - if: matrix.rust == 'nightly' diff --git a/Containerfile b/Containerfile new file mode 100644 index 0000000..3f2d866 --- /dev/null +++ b/Containerfile @@ -0,0 +1,3 @@ +FROM docker.io/ubuntu +COPY --chmod=755 miniserve /app/ +ENTRYPOINT ["/app/miniserve"] diff --git a/Containerfile.alpine b/Containerfile.alpine new file mode 100644 index 0000000..d297f83 --- /dev/null +++ b/Containerfile.alpine @@ -0,0 +1,3 @@ +FROM docker.io/alpine +COPY --chmod=755 miniserve /app/ +ENTRYPOINT ["/app/miniserve"] diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 6fb6d10..0000000 --- a/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -# This Dockerfile results in a super small container containing only the miniserve binary and nothing else. -# Use this in case you don't need any additional tools in the container. -FROM rust as builder - -ENV APP_HOME /usr/src/app/ - -RUN rustup target add x86_64-unknown-linux-musl -RUN apt update && apt-get install -y upx musl-tools - -COPY . $APP_HOME -WORKDIR $APP_HOME -RUN make build-linux - -FROM scratch -COPY --from=builder /usr/src/app/target/x86_64-unknown-linux-musl/release/miniserve /app/ - -EXPOSE 8080 -ENTRYPOINT ["/app/miniserve"] diff --git a/Dockerfile.alpine b/Dockerfile.alpine deleted file mode 100644 index f99d757..0000000 --- a/Dockerfile.alpine +++ /dev/null @@ -1,19 +0,0 @@ -# This Dockerfile results in an Alpine container containing the minishift executable. -# Use this in case you need additional basic tools provided by Alpine in this container. -FROM rust as builder - -ENV APP_HOME /usr/src/app/ - -RUN rustup target add x86_64-unknown-linux-musl -RUN apt update && apt-get install -y upx musl-tools - -COPY . $APP_HOME -WORKDIR $APP_HOME -RUN make build-linux - -FROM alpine -RUN apk add rsync -COPY --from=builder /usr/src/app/target/x86_64-unknown-linux-musl/release/miniserve /app/ - -EXPOSE 8080 -ENTRYPOINT ["/app/miniserve"] -- cgit v1.2.3