-
Notifications
You must be signed in to change notification settings - Fork 9
151 lines (145 loc) · 4.8 KB
/
docker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
name: Build docker image for subsequent jobs
on:
push:
tags:
- "*"
# For manually rebuilding the images
workflow_dispatch:
inputs:
octez-tag:
description: "tezos/tezos docker tag to be used"
required: true
type: string
workflow_call:
inputs:
octez-tag:
description: "tezos/tezos docker tag to be used"
required: true
type: string
outputs:
jstz-cli:
description: "jstz docker image tag"
value: ${{ jobs.build-docker.outputs.jstz-cli }}
jstz-rollup:
description: "jstz-rollup docker image tag"
value: ${{ jobs.build-docker.outputs.jstz-rollup }}
jstz-node:
description: "jstz-node docker image tag"
value: ${{ jobs.build-docker.outputs.jstz-node }}
jstzd:
description: "jstzd docker image tag"
value: ${{ jobs.build-docker.outputs.jstzd }}
env:
DOCKER_REGISTRY: ghcr.io
DOCKER_IMAGE_BASE: jstz-dev/jstz
jobs:
build-kernel:
name: Build (Kernel)
runs-on: [x86_64, linux, nix]
steps:
- uses: actions/checkout@v4
- run: nix --version
- name: Format
run: nix --accept-flake-config fmt -- --fail-on-change
- name: Prevent blst
run: nix --accept-flake-config develop -j auto --command sh -c '[ -z "$(cargo tree | grep blst)" ]'
- name: Build
run: nix --accept-flake-config --log-format raw -L build -j auto .#jstz_kernel
- name: Upload kernel
id: upload-kernel
uses: actions/upload-artifact@v4
with:
name: jstz-kernel
path: result/lib/jstz_kernel.wasm
build-docker-arm64:
name: Build (Docker arm64)
needs: [build-kernel]
runs-on: ubuntu-24.04-arm
permissions:
contents: read
packages: write
strategy:
matrix:
include:
- image: jstz-rollup
dockerfile: ./crates/jstz_rollup/Dockerfile
steps:
- uses: jstz-dev/jstz/.github/actions/build-docker-image@huanchengchang-jstz-286
with:
platform: linux
arch: arm64
repo_token: ${{ secrets.GITHUB_TOKEN }}
octez-tag: ${{ inputs.octez-tag }}
docker_registry: ${{ env.DOCKER_REGISTRY }}
docker_registry_username: ${{ github.actor }}
docker_registry_password: ${{ secrets.GITHUB_TOKEN }}
docker_image_base: ${{ env.DOCKER_IMAGE_BASE }}
image: ${{ matrix.image }}
dockerfile: ${{ matrix.dockerfile }}
kernel_artefact_name: jstz-kernel
build-docker-amd64:
name: Build (Docker amd64)
needs: [build-kernel]
runs-on: ubuntu-24.04
permissions:
contents: read
packages: write
strategy:
matrix:
include:
- image: jstz-rollup
dockerfile: ./crates/jstz_rollup/Dockerfile
steps:
- uses: jstz-dev/jstz/.github/actions/build-docker-image@huanchengchang-jstz-286
with:
platform: linux
arch: amd64
repo_token: ${{ secrets.GITHUB_TOKEN }}
octez-tag: ${{ inputs.octez-tag }}
docker_registry: ${{ env.DOCKER_REGISTRY }}
docker_registry_username: ${{ github.actor }}
docker_registry_password: ${{ secrets.GITHUB_TOKEN }}
docker_image_base: ${{ env.DOCKER_IMAGE_BASE }}
image: ${{ matrix.image }}
dockerfile: ${{ matrix.dockerfile }}
kernel_artefact_name: jstz-kernel
merge:
runs-on: ubuntu-latest
needs:
- build-docker-amd64
- build-docker-arm64
strategy:
matrix:
include:
- image: jstz-rollup
steps:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: ${{ runner.temp }}/digests/${{ matrix.image }}
pattern: digests-${{ matrix.image }}-*
merge-multiple: true
- name: Login to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata
id: meta
uses: docker/metadata-action@v3
with:
images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }}
tags: |
type=ref,event=tag
{{sha}}
- name: Create manifest list and push
working-directory: ${{ runner.temp }}/digests/${{ matrix.image }}
run: |
docker buildx imagetools create -t ${{ fromJson(steps.meta.outputs.json).tags[0] }} \
$(printf '${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }}@sha256:%s ' *)
- name: Inspect image
run: |
docker buildx imagetools inspect ${{ fromJson(steps.meta.outputs.json).tags[0] }}