Separate CI job for publishing docker manifest

2024-04-22 16:07:26 +01:00 · 2024-04-22 16:07:26 +01:00 · 77d73583f6
commit 77d73583f6
parent b8a748815a
1 changed files with 290 additions and 304 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -92,20 +92,18 @@ jobs:
              run: |
                  ./bin/nix-build-and-cache .#devShells.x86_64-linux.default.inputDerivation

-
            - name: Perform continuous integration
              run: direnv exec . engage

-
-
    build-static:
        name: Static Artifacts
        runs-on: ubuntu-latest
        needs: tests
        strategy:
-      max-parallel: 3
+            max-parallel: 8
            matrix:
-        target: [
+                target:
+                    [
                        "x86_64-unknown-linux-musl",
                        "x86_64-unknown-linux-musl-jemalloc",
                        "aarch64-unknown-linux-musl",
@ -174,7 +172,6 @@ jobs:
              run: |
                  ./bin/nix-build-and-cache .#devShells.x86_64-linux.default.inputDerivation

-
            - name: Build static artifacts
              run: |
                  ./bin/nix-build-and-cache .#static-${{ matrix.target }}
@ -196,17 +193,15 @@ jobs:
                  path: target/debian/${{ matrix.target }}.deb
                  if-no-files-found: error

-
-
    build-oci:
        name: OCI Artifacts and Publish
        runs-on: ubuntu-latest
        needs: tests
        strategy:
-      max-parallel: 3
+            max-parallel: 8
            matrix:
-        oci-target: [
-          #"x86_64-unknown-linux-gnu",
+                oci-target:
+                    [
                        "x86_64-unknown-linux-musl",
                        "x86_64-unknown-linux-musl-jemalloc",
                        "aarch64-unknown-linux-musl",
@ -275,7 +270,6 @@ jobs:
              run: |
                  ./bin/nix-build-and-cache .#devShells.x86_64-linux.default.inputDerivation

-
            - name: Build OCI images
              run: |
                  ./bin/nix-build-and-cache .#oci-image-${{ matrix.oci-target }}
@ -294,25 +288,19 @@ jobs:
        name: Create and Push Docker Manifest
        runs-on: ubuntu-latest
        needs: build-oci
-
+        if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/dev'
        steps:
-      - name: Extract and load OCI Images
-        run: |
-          unzip oci-image-x86_64-unknown-linux-musl-jemalloc.zip
-          docker load -i oci-image-x86_64-unknown-linux-musl-jemalloc.tar.gz
-          unzip oci-image-aarch64-unknown-linux-musl-jemalloc.zip
-          docker load -i oci-image-aarch64-unknown-linux-musl-jemalloc.tar.gz
-
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        env:
-          DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
-          DOCKER_USERNAME: ${{ vars.DOCKER_USERNAME }}
-        if: ${{ (github.event_name != 'pull_request') && (env.DOCKER_USERNAME != '') && (env.DOCKERHUB_TOKEN != '') }}
+            - name: Download OCI Images Artifacts
+              uses: actions/download-artifact@v4
              with:
-          # username is not really a secret
-          username: ${{ vars.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
+                  merge-multiple: true
+
+            - name: Load OCI Images and tag
+              run: |
+                  ID_AARCH64=$(docker load -i oci-image-aarch64-unknown-linux-musl-jemalloc.tar.gz | sed -n 's/Loaded image: \(.*\)/\1/p')
+                  docker tag $ID_AARCH64 conduwuit:${{ github.sha }}-aarch64-jemalloc
+                  ID_X86_64=$(docker load -i oci-image-x86_64-unknown-linux-musl-jemalloc.tar.gz | sed -n 's/Loaded image: \(.*\)/\1/p')
+                  docker tag $ID_X86_64 conduwuit:${{ github.sha }}-x86_64-jemalloc

            - name: Login to GitHub Container Registry
              uses: docker/login-action@v3
@ -321,48 +309,46 @@ jobs:
                  username: ${{ github.actor }}
                  password: ${{ secrets.GITHUB_TOKEN }}

-      - name: Create and Push Manifest to Docker Hub
+            - name: Create and push Manifest to GitHub
              run: |
-          DOCKER_IMAGE_NAME="docker.io/${{ github.repository }}"
-          BRANCH_NAME="${{ github.ref_name }}"
-          SHA_TAG="${BRANCH_NAME}-${{ github.sha }}"
-          BRANCH_TAG=$BRANCH_NAME
-
-          if [ "$BRANCH_NAME" == "main" ]; then
+                  REPO_GHCR="ghcr.io/${{ github.repository }}"
+                  SHA_TAG="${{ github.ref_name }}-${{ github.sha }}"
+                  BRANCH_TAG="${{ github.ref_name }}"
+                  if [ "$BRANCH_TAG" == "main" ]; then
                    BRANCH_TAG="latest"
                  fi

-          # Create and push SHA specific manifest
-          docker manifest create $DOCKER_IMAGE_NAME:$SHA_TAG \
-            --amend $DOCKER_IMAGE_NAME:${{ github.sha }}-x86_64-jemalloc \
-            --amend $DOCKER_IMAGE_NAME:${{ github.sha }}-aarch64-jemalloc
-          docker manifest push $DOCKER_IMAGE_NAME:$SHA_TAG
+                  docker manifest create $REPO_GHCR:$SHA_TAG \
+                    --amend conduwuit:${{ github.sha }}-x86_64-jemalloc \
+                    --amend conduwuit:${{ github.sha }}-aarch64-jemalloc
+                  docker manifest push $REPO_GHCR:$SHA_TAG

-          # Update and push branch or latest manifest
-          docker manifest create $DOCKER_IMAGE_NAME:$BRANCH_TAG \
-            --amend $DOCKER_IMAGE_NAME:${{ github.sha }}-x86_64-jemalloc \
-            --amend $DOCKER_IMAGE_NAME:${{ github.sha }}-aarch64-jemalloc
-          docker manifest push $DOCKER_IMAGE_NAME:$BRANCH_TAG
+                  docker manifest create $REPO_GHCR:$BRANCH_TAG \
+                    --amend conduwuit:${{ github.sha }}-x86_64-jemalloc \
+                    --amend conduwuit:${{ github.sha }}-aarch64-jemalloc
+                  docker manifest push $REPO_GHCR:$BRANCH_TAG

-      - name: Create and Push Manifest to GitHub Container Registry
+            - name: Login to Docker Hub
+              uses: docker/login-action@v3
+              with:
+                  username: ${{ secrets.DOCKER_USERNAME }}
+                  password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+            - name: Create and push manifest to Docker Hub
              run: |
-          GHCR_IMAGE_NAME="ghcr.io/${{ github.repository }}"
-          BRANCH_NAME="${{ github.ref_name }}"
-          SHA_TAG="${BRANCH_NAME}-${{ github.sha }}"
-          BRANCH_TAG=$BRANCH_NAME
-
-          if [ "$BRANCH_NAME" == "main" ]; then
+                  REPO_DOCKER="docker.io/${{ github.repository }}"
+                  SHA_TAG="${{ github.ref_name }}-${{ github.sha }}"
+                  BRANCH_TAG="${{ github.ref_name }}"
+                  if [ "$BRANCH_TAG" == "main" ]; then
                    BRANCH_TAG="latest"
                  fi

-          # Create and push SHA specific manifest
-          docker manifest create $GHCR_IMAGE_NAME:$SHA_TAG \
-            --amend $GHCR_IMAGE_NAME:${{ github.sha }}-x86_64-jemalloc \
-            --amend $GHCR_IMAGE_NAME:${{ github.sha }}-aarch64-jemalloc
-          docker manifest push $GHCR_IMAGE_NAME:$SHA_TAG
+                  docker manifest create $REPO_DOCKER:$SHA_TAG \
+                    --amend conduwuit:${{ github.sha }}-x86_64-jemalloc \
+                    --amend conduwuit:${{ github.sha }}-aarch64-jemalloc
+                  docker manifest push $REPO_DOCKER:$SHA_TAG

-          # Update and push branch or latest manifest
-          docker manifest create $GHCR_IMAGE_NAME:$BRANCH_TAG \
-            --amend $GHCR_IMAGE_NAME:${{ github.sha }}-x86_64-jemalloc \
-            --amend $GHCR_IMAGE_NAME:${{ github.sha }}-aarch64-jemalloc
-          docker manifest push $GHCR_IMAGE_NAME:$BRANCH_TAG
+                  docker manifest create $REPO_DOCKER:$BRANCH_TAG \
+                    --amend conduwuit:${{ github.sha }}-x86_64-jemalloc \
+                    --amend conduwuit:${{ github.sha }}-aarch64-jemalloc
+                  docker manifest push $REPO_DOCKER:$BRANCH_TAG