studio/tuwunel
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

ci: Publish multi-arch manifest. (fixes #74)

Browse Source 
ci: Toggle package install checks via vars.

docker: Disable provenance attestations which auto-generate manifests.

Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk
2025-06-20 10:52:35 +00:00
parent aa1609d611
commit 31a3676cd8
5 changed files with 201 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
docker/bake.hcl
View File

@@ -16,11 +16,8 @@ variable "repo" {
variable "docker_repo" {
default = "${repo}"
}
variable "docker_tag_preview" {
default = false
}
variable "docker_tag_latest" {
default = false
variable "docker_targets" {
default = "[\"local\"]"
}
variable "git_ref" {
@@ -279,28 +276,24 @@ group "publish" {
]
}
target "github" {
target "ghcr_io" {
name = elem("github", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
"ghcr.io/${repo}:${git_ref_name}-${cargo_profile}-${feat_set}-${sys_target}",
docker_tag_preview? "ghcr.io/${repo}:preview": "",
docker_tag_latest? "ghcr.io/${repo}:latest": "",
]
output = ["type=registry,compression=zstd,mode=min,compression-level=${zstd_image_compress_level}"]
output = ["type=registry,compression=gzip,mode=min,compression-level=${gz_image_compress_level}"]
matrix = cargo_rust_feat_sys
inherits = [
elem("docker", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
}
target "dockerhub" {
target "docker_io" {
name = elem("dockerhub", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
"${docker_repo}:${git_ref_name}-${cargo_profile}-${feat_set}-${sys_target}",
docker_tag_preview? "${docker_repo}:preview": "",
docker_tag_latest? "${docker_repo}:latest": "",
"docker.io/${docker_repo}:${git_ref_name}-${cargo_profile}-${feat_set}-${sys_target}",
]
output = ["type=registry,compression=zstd,mode=min,compression-level=${zstd_image_compress_level}"]
output = ["type=registry,compression=gzip,mode=min,compression-level=${gz_image_compress_level}"]
matrix = cargo_rust_feat_sys
inherits = [
elem("docker", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
@@ -534,7 +527,7 @@ group "installs" {
install_labels = {
"org.opencontainers.image.authors" = "${package_authors}"
"org.opencontainers.image.created" ="${package_last_modified}"
"org.opencontainers.image.created" = "${package_last_modified}"
"org.opencontainers.image.description" = "Matrix Chat Server in Rust"
"org.opencontainers.image.documentation" = "https://github.com/matrix-construct/tuwunel/tree/main/docs/"
"org.opencontainers.image.licenses" = "Apache-2.0"
@@ -546,6 +539,20 @@ install_labels = {
"org.opencontainers.image.version" = "${package_version}"
}
install_annotations = [
"org.opencontainers.image.authors=${package_authors}",
"org.opencontainers.image.created=${package_last_modified}",
"org.opencontainers.image.description=Matrix Chat Server in Rust",
"org.opencontainers.image.documentation=https://github.com/matrix-construct/tuwunel/tree/main/docs/",
"org.opencontainers.image.licenses=Apache-2.0",
"org.opencontainers.image.revision=${package_revision}",
"org.opencontainers.image.source=https://github.com/matrix-construct/tuwunel",
"org.opencontainers.image.title=${package_name}",
"org.opencontainers.image.url=https://github.com/matrix-construct/tuwunel",
"org.opencontainers.image.vendor=matrix-construct",
"org.opencontainers.image.version=${package_version}",
]
target "oci" {
name = elem("oci", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
@@ -580,8 +587,7 @@ target "docker" {
)
}
dockerfile-inline =<<EOF
FROM scratch AS install
COPY --from=input . .
FROM input AS install
EXPOSE 8008 8448
ENTRYPOINT ["tuwunel"]
EOF
@@ -643,7 +649,8 @@ target "install" {
elem_tag("install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
labels = install_labels
output = ["type=docker,compression=zstd,mode=min,compression-level=${zstd_image_compress_level}"]
annotations = install_annotations
output = ["type=docker,compression=uncompressed,mode=max"]
cache_to = ["type=local,compression=zstd,mode=max,compression-level=${cache_compress_level}"]
dockerfile = "${docker_dir}/Dockerfile.install"
target = "install"
@@ -1713,6 +1720,7 @@ target "system" {
cache_to = ["type=local,compression=zstd,mode=max,compression-level=${cache_compress_level}"]
cache_from = ["type=local"]
dockerfile = "${docker_dir}/Dockerfile.system"
platforms = jsondecode(docker_targets)
matrix = sys
context = "."
args = {

7
docker/bake.sh
View File

@@ -16,6 +16,7 @@ default_rust_targets='["x86_64-unknown-linux-gnu"]'
default_sys_names='["debian"]'
default_sys_targets='["x86_64-linux-gnu"]'
default_sys_versions='["testing-slim"]'
default_docker_targets='["local"]'
if test ! -z "$cargo_profile"; then
env_cargo_profiles="[\"${cargo_profile}\"]"
@@ -45,6 +46,10 @@ if test ! -z "$sys_version"; then
env_sys_versions="[\"${sys_version}\"]"
fi
if test ! -z "$docker_target"; then
env_docker_targets="[\"${docker_target}\"]"
fi
set -a
bake_target="${bake_target:-$@}"
cargo_profiles="${env_cargo_profiles:-$default_cargo_profiles}"
@@ -54,6 +59,7 @@ rust_toolchains="${env_rust_toolchains:-$default_rust_toolchains}"
sys_names="${env_sys_names:-$default_sys_names}"
sys_targets="${env_sys_targets:-$default_sys_targets}"
sys_versions="${env_sys_versions:-$default_sys_versions}"
docker_targets="${env_docker_targets:-$default_docker_targets}"
docker_dir="$PWD/$BASEDIR"
builder_name="${GITHUB_ACTOR:-owo}"
@@ -83,6 +89,7 @@ if test "$CI" = "true"; then
fi
args=""
args="$args --provenance=false"
args="$args --builder ${builder_name}"
#args="$args --set *.platform=${sys_platform}"