diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 0000000000..3b1701ab93 --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,50 @@ +name: docker + +on: + push: + tags: ["v*"] + branches: ['docker-release'] + workflow_dispatch: + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + docker: + name: docker-${{ matrix.flavor }} + strategy: + fail-fast: false + matrix: + flavor: + - alpine + - deb + - github-actions + - rpm + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ghcr.io/jdx/rtx:${{ matrix.flavor }} + labels: ${{ steps.meta.outputs.labels }} + file: packaging/${{ matrix.flavor }}/Dockerfile diff --git a/.github/workflows/rtx.yml b/.github/workflows/rtx.yml index 0f22f02a14..8fe5be6486 100644 --- a/.github/workflows/rtx.yml +++ b/.github/workflows/rtx.yml @@ -16,6 +16,7 @@ env: jobs: unit: runs-on: ubuntu-22.04 + container: ghcr.io/jdx/rtx:github-actions timeout-minutes: 10 steps: - name: Checkout @@ -24,11 +25,6 @@ jobs: uses: Swatinem/rust-cache@v2 with: save-if: ${{ github.event_name == 'push' && github.ref_name == 'main' }} - - uses: taiki-e/install-action@v2 - with: - tool: nextest,just,cargo-deny,cargo-msrv,cargo-machete - - name: Install direnv/shfmt - run: sudo apt-get update; sudo apt-get install direnv shfmt - name: Run cargo nextest run: cargo nextest run --all-features env: @@ -40,6 +36,7 @@ jobs: coverage: name: coverage-${{matrix.tranche}} + container: ghcr.io/jdx/rtx:github-actions runs-on: ubuntu-latest timeout-minutes: 30 strategy: @@ -49,18 +46,11 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 - - run: rustup toolchain install nightly --component llvm-tools-preview - name: Rust Cache uses: Swatinem/rust-cache@v2 with: shared-key: coverage save-if: ${{ github.event_name == 'push' && github.ref_name == 'main' }} - - uses: taiki-e/install-action@cargo-llvm-cov - - name: Install zsh/fish/direnv - run: sudo apt-get update; sudo apt-get install zsh fish direnv shfmt - - run: npm i -g markdown-magic - - name: Install just - uses: taiki-e/install-action@just - name: Run tests with coverage uses: nick-fields/retry@v2 env: @@ -81,6 +71,7 @@ jobs: build-linux: name: build-${{matrix.target}} + container: ghcr.io/jdx/rtx:github-actions runs-on: ubuntu-22.04 timeout-minutes: 45 strategy: @@ -96,7 +87,6 @@ jobs: with: shared-key: "build-linux-${{matrix.target}}" save-if: ${{ github.event_name == 'push' && github.ref_name == 'main' }} - - uses: taiki-e/install-action@cross - run: scripts/setup-zipsign.sh env: ZIPSIGN: ${{ secrets.ZIPSIGN }} @@ -142,6 +132,7 @@ jobs: if-no-files-found: error e2e-linux: runs-on: ubuntu-22.04 + container: ghcr.io/jdx/rtx:github-actions needs: [build-linux] timeout-minutes: 30 if: github.event_name != 'pull_request' @@ -168,7 +159,7 @@ jobs: runs-on: ubuntu-22.04 needs: [build-linux] timeout-minutes: 10 - container: jdxcode/rtx:rpm + container: ghcr.io/jdx/rtx:rpm if: github.event_name != 'pull_request' steps: - uses: actions/checkout@v4 @@ -191,7 +182,7 @@ jobs: if-no-files-found: error deb: runs-on: ubuntu-22.04 - container: jdxcode/rtx:deb + container: ghcr.io/jdx/rtx:deb timeout-minutes: 10 if: github.event_name != 'pull_request' needs: [build-linux] @@ -216,6 +207,7 @@ jobs: if-no-files-found: error release: runs-on: ubuntu-22.04 + container: ghcr.io/jdx/rtx:github-actions if: startsWith(github.event.ref, 'refs/tags/v') timeout-minutes: 10 permissions: @@ -305,7 +297,7 @@ jobs: formula: rtx bump-alpine: runs-on: ubuntu-22.04 - container: jdxcode/rtx:alpine + container: ghcr.io/jdx/rtx:alpine timeout-minutes: 30 needs: [release] steps: diff --git a/packaging/github-actions/Dockerfile b/packaging/github-actions/Dockerfile new file mode 100644 index 0000000000..e3d04feabf --- /dev/null +++ b/packaging/github-actions/Dockerfile @@ -0,0 +1,41 @@ +FROM ubuntu +LABEL maintainer="jdx" +ENV PATH="/root/.cargo/bin:${PATH}" + +RUN apt-get update \ + && apt-get upgrade -y \ + && apt-get install -y \ + bash \ + build-essential \ + ca-certificates \ + cargo \ + curl \ + direnv \ + fish \ + git \ + gnupg \ + libssl-dev \ + pkg-config \ + shellcheck \ + shfmt \ + sudo \ + && mkdir -p /etc/apt/keyrings \ + && curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \ + && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \ + && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list \ + && apt-get update && apt-get install -y nodejs \ + && node -v \ + && npm i -g markdown-magic \ + && curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | bash -s -- --to /usr/bin \ + && curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | bash \ + && cargo binstall -y \ + cargo-deny \ + cargo-llvm-cov \ + cargo-machete \ + cargo-msrv \ + cross \ + nextest \ + zipsign \ + && rustup toolchain install nightly --component llvm-tools-preview \ + && rustup default stable \ + && apt-get clean diff --git a/scripts/setup-zipsign.sh b/scripts/setup-zipsign.sh index d730168027..a7310512ee 100755 --- a/scripts/setup-zipsign.sh +++ b/scripts/setup-zipsign.sh @@ -6,6 +6,6 @@ if [ -z "$ZIPSIGN" ]; then exit 0 fi -cargo install zipsign +#cargo install zipsign mkdir -p ~/.zipsign echo "$ZIPSIGN" | base64 -d >~/.zipsign/rtx.priv