1010jobs :
1111 build-docker-ci-dev :
1212 name : Build Docker Container used by Actions
13- runs-on : ubuntu-latest
13+ strategy :
14+ matrix :
15+ include :
16+ - runner : [self-hosted, skylake40]
17+ rust_target : x86_64-unknown-linux-gnu
18+ docker_arch : amd64
19+ docker_platform : linux/amd64
20+ - runner : blacksmith-16vcpu-ubuntu-2204-arm
21+ rust_target : aarch64-unknown-linux-gnu
22+ docker_arch : arm64
23+ docker_platform : linux/arm64
24+ runs-on : ${{ matrix.runner }}
1425
1526 steps :
1627 - name : Checkout Repository
1728 uses : actions/checkout@v4
1829
30+ - name : Prepare Platform Environment Variable
31+ run : |
32+ platform=${{ matrix.docker_platform }}
33+ echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
34+
35+ name : Docker meta
36+ id : meta
37+ uses : docker/metadata-action@v5
38+ with :
39+ images : |
40+ ${{ env.IMAGE_NAME }}
41+
1942name : Set up Docker Buildx
2043 uses : docker/setup-buildx-action@v3
2144 with :
@@ -28,12 +51,75 @@ jobs:
2851 username : ${{ github.actor }}
2952 password : ${{ secrets.GITHUB_TOKEN }}
3053
31- - name : Build and push Multi-Arch Docker Image
54+ - name : Build and push by digest
55+ id : build
56+ uses : docker/build-push-action@v6
57+ with :
58+ context : .
59+ file : deploy/build.Dockerfile
60+ platforms : ${{ matrix.docker_platform }}
61+ labels : ${{ steps.meta.outputs.labels }}
62+ tags : ${{ env.IMAGE_NAME }}
63+ outputs : type=image,push-by-digest=true,name-canonical=true,push=true
64+ cache-from : type=gha
65+ cache-to : type=gha,mode=max
66+
67+ - name : Export digest
68+ run : |
69+ rm -rf ${{ runner.temp }}/digests
70+ mkdir -p ${{ runner.temp }}/digests
71+ digest="${{ steps.build.outputs.digest }}"
72+ touch "${{ runner.temp }}/digests/${digest#sha256:}"
73+
74+ name : Upload digest
75+ uses : actions/upload-artifact@v4
76+ with :
77+ name : digests-${{ env.PLATFORM_PAIR }}
78+ path : ${{ runner.temp }}/digests/*
79+ if-no-files-found : error
80+ retention-days : 7
81+
82+ # One problem with this workflow is the unknown/unknown architecture
83+ # it adds in the github UI. It's a github bug:
84+ # https://github.com/orgs/community/discussions/45969
85+ merge-manifests :
86+ name : Merge Docker Manifests
87+ runs-on : ubuntu-latest
88+ needs : build-docker-ci-dev
89+ steps :
90+ - name : Download digests
91+ uses : actions/download-artifact@v4
92+ with :
93+ path : ${{ runner.temp }}/digests
94+ pattern : digests-*
95+ merge-multiple : true
96+
97+ - name : Login to GHCR
98+ uses : docker/login-action@v3
99+ with :
100+ registry : ${{ env.REGISTRY }}
101+ username : ${{ github.actor }}
102+ password : ${{ secrets.GITHUB_TOKEN }}
103+
104+ - name : Set up Docker Buildx
105+ uses : docker/setup-buildx-action@v3
106+ with :
107+ version : latest
108+
109+ - name : Docker meta
110+ id : meta
111+ uses : docker/metadata-action@v5
112+ with :
113+ images : ${{ env.IMAGE_NAME }}
114+ tags : |
115+ type=sha,format=long
116+
117+ name : Create manifest list and push
118+ working-directory : ${{ runner.temp }}/digests
119+ run : |
120+ docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
121+ $(printf '${{ env.IMAGE_NAME }}@sha256:%s ' *)
122+
123+ name : Inspect image
32124 run : |
33- docker buildx build \
34- --platform linux/amd64,linux/arm64 \
35- -t ${{ env.IMAGE_NAME }}:latest \
36- -t ${{ env.IMAGE_NAME }}:${{ github.sha }} \
37- -f build.Dockerfile . \
38- --push
39- working-directory : deploy
125+ docker buildx imagetools inspect ${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}
0 commit comments