feat: added docker support in ci

ALT-F4-LLC · Jul 26, 2024 · ac569bc · ac569bc
1 parent 8ba9f50
commit ac569bc
Show file tree

Hide file tree

Showing 7 changed files with 102 additions and 47 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -1,3 +1,4 @@
+.buildx
 .direnv
 .envrc
 .github

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
@@ -0,0 +1,58 @@
+name: docker
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+env:
+  IMAGE_NAME: ${{ github.repository }}
+  REGISTRY: ghcr.io
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      attestations: write
+      contents: read
+      id-token: write
+      packages: write
+    steps:
+      - uses: docker/setup-qemu-action@v3
+
+      - uses: docker/setup-buildx-action@v3
+
+      - if: github.event_name != 'pull_request'
+        uses: docker/login-action@3
+        with:
+          password: ${{ secrets.GITHUB_TOKEN }}
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+
+      - id: meta
+        uses: docker/metadata-action@5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=edge,branch=main
+            type=ref,event=pr
+            type=ref,event=tag
+
+      - uses: actions/checkout@v4
+
+      - id: push
+        uses: docker/build-push-action@6
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          labels: ${{ steps.meta.outputs.labels }}
+          push: github.event_name != 'pull_request'
+          tags: ${{ steps.meta.outputs.tags }}
+
+      - uses: actions/attest-build-provenance@v1
+        with:
+          push-to-registry: github.event_name != 'pull_request'
+          subject-digest: ${{ steps.push.outputs.digest }}
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
diff --git a/.github/workflows/flake.yaml → .github/workflows/nix.yaml b/.github/workflows/flake.yaml → .github/workflows/nix.yaml
@@ -1,4 +1,4 @@
-name: flake
+name: nix
 
 on:
   pull_request:

diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
+/.buildx
 /.direnv
 /result
 /target

diff --git a/Dockerfile b/Dockerfile
@@ -1,33 +1,3 @@
-FROM docker.io/library/debian:12.6-slim@sha256:f528891ab1aa484bf7233dbcc84f3c806c3e427571d75510a9d74bb5ec535b33 AS sandbox
-
-RUN apt-get update && apt-get install -y \
-    # autoconf \
-    # automake \
-    # binutils \
-    # bison \
-    # byacc \
-    # coreutils \
-    # dpkg-dev \
-    # file \
-    # g++ \
-    # gawk \
-    # help2man \
-    # libc6-dev \
-    # libssl-dev \
-    # libtool \
-    # m4 \
-    # make \
-    # perl \
-    # rsync \
-    # texinfo \
-    ca-certificates \
-    gcc \
-    libssl-dev \
-    pkg-config \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-
 FROM docker.io/library/rust:1.79.0@sha256:4c45f61ebe054560190f232b7d883f174ff287e1a0972c8f6d7ab88da0188870 AS build
 
 RUN apt-get update \
@@ -66,4 +36,4 @@ RUN apt-get update && apt-get install -y \
 
 COPY --from=build /usr/src/app/target/release/vorpal /usr/local/bin/vorpal
 
-ENTRYPOINT ["/usr/local/bin/vorpal"]
+ENTRYPOINT ["vorpal"]
diff --git a/Dockerfile.sandbox b/Dockerfile.sandbox
@@ -0,0 +1,28 @@
+FROM docker.io/library/debian:12.6-slim@sha256:f528891ab1aa484bf7233dbcc84f3c806c3e427571d75510a9d74bb5ec535b33
+
+RUN apt-get update && apt-get install -y \
+    # autoconf \
+    # automake \
+    # binutils \
+    # bison \
+    # byacc \
+    # coreutils \
+    # dpkg-dev \
+    # file \
+    # g++ \
+    # gawk \
+    # help2man \
+    # libc6-dev \
+    # libssl-dev \
+    # libtool \
+    # m4 \
+    # make \
+    # perl \
+    # rsync \
+    # texinfo \
+    ca-certificates \
+    gcc \
+    libssl-dev \
+    pkg-config \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
diff --git a/justfile b/justfile
@@ -1,3 +1,5 @@
+docker_build_cache := `echo "$PWD/.buildx"`
+
 _default:
     just --list
 
@@ -7,24 +9,19 @@ build:
 
 # build image (docker)
 build-image tag="dev":
-    #!/usr/bin/env bash
-    set -euxo pipefail
-    docker buildx build \
-        --tag "altf4llc/vorpal-build:{{ tag }}" \
-        --target "build" \
-        .
     docker buildx build \
-        --cache-from "altf4llc/vorpal-build:{{ tag }}" \
-        --tag "altf4llc/vorpal:{{ tag }}" \
+        --cache-from "type=local,src={{ docker_build_cache }}" \
+        --cache-to "type=local,dest={{ docker_build_cache }},mode=max" \
+        --tag "docker.io/altf4llc/vorpal:{{ tag }}" \
         .
 
-# build sandbox image (docker)
+# build image sandbox (docker)
 build-image-sandbox tag="dev":
-    #!/usr/bin/env bash
-    set -euxo pipefail
     docker buildx build \
+        --cache-from "type=local,src={{ docker_build_cache }}" \
+        --cache-to "type=local,dest={{ docker_build_cache }},mode=max" \
+        --file "Dockerfile.sandbox" \
         --tag "altf4llc/vorpal-sandbox:{{ tag }}" \
-        --target "sandbox" \
         .
 
 # check flake (nix)
@@ -34,9 +31,6 @@ check:
 # clean environment
 clean: down
     rm -rf target
-    rm -rf /var/lib/vorpal/key
-    rm -rf /var/lib/vorpal/sandbox
-    rm -rf /var/lib/vorpal/store
 
 down:
     docker compose down --remove-orphans --rmi=local --volumes
@@ -60,6 +54,9 @@ logs:
 package profile="default":
     nix build --json --no-link --print-build-logs ".#{{ profile }}"
 
+package-buildx-cache:
+    tar --create --gzip --file buildx.tar.gz --verbose .buildx
+
 start-agent workers: build
     sudo ./target/debug/vorpal services agent --workers "{{ workers }}"
-Original file line number
+Diff line change
@@ -1,3 +1,4 @@
+    .buildx
     .direnv
     .envrc
     .github
@@ Expand Down @@