studio/tuwunel
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add package workflow.

Browse Source 
Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk
2025-05-07 05:42:37 +00:00
parent de1e37f5ae
commit 8bfe63d45f
22 changed files with 626 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docker/Dockerfile.cargo
View File

@@ -20,9 +20,8 @@ WORKDIR /usr/src/tuwunel
RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=shared \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=locked \
<<EOF
env
set -eux
rustup run ${rust_toolchain} \
cargo ${cargo_cmd} \

1
docker/Dockerfile.cargo.audit
View File

@@ -12,7 +12,6 @@ RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
<<EOF
env
set -eux
rustup run ${rust_toolchain} \
cargo audit \

59
docker/Dockerfile.cargo.deb Normal file
View File

@@ -0,0 +1,59 @@
# syntax = docker/dockerfile:1.11-labs
FROM input AS debuild
ARG sys_target
ARG rust_toolchain
ARG RUSTUP_HOME
ARG CARGO_HOME
ARG CARGO_TARGET
ARG CARGO_TARGET_DIR
ARG cargo_profile
ARG cargo_features
ARG cargo_spec_features
ARG pkg_dir
ARG deb_args=""
WORKDIR /usr/src/tuwunel
RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=locked \
<<EOF
set -eux
mkdir -p "${pkg_dir}"
rustup run ${rust_toolchain} \
cargo deb \
--frozen \
--no-build \
"${cargo_spec_features}" \
--features "${cargo_features}" \
--profile "${cargo_profile}" \
--target "${CARGO_TARGET}" \
--manifest-path Cargo.toml \
--multiarch same \
--compress-type gz \
--output "${pkg_dir}" \
${deb_args}
dpkg --info ${pkg_dir}/*
dpkg --contents ${pkg_dir}/*
EOF
FROM scratch AS package
ARG pkg_dir
COPY --from=debuild ${pkg_dir}/* .
FROM input AS package-install
ARG pkg_dir
WORKDIR ${pkg_dir}
COPY --from=package . .
RUN <<EOF
set -eux
dpkg --info *
dpkg --contents *
dpkg --install *
EOF

1
docker/Dockerfile.cargo.deps
View File

@@ -24,7 +24,6 @@ RUN \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=locked \
<<EOF
env
set -eux
rustup run ${rust_toolchain} \
cargo chef cook ${cook_args} \

1
docker/Dockerfile.cargo.fmt
View File

@@ -12,7 +12,6 @@ RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
<<EOF
env
set -eux
rustup run ${rust_toolchain} \
cargo fmt \

4
docker/Dockerfile.cargo.install
View File

@@ -22,9 +22,8 @@ WORKDIR /usr/src/tuwunel
RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=shared \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=locked \
<<EOF
env
set -eux
case "$cargo_profile" in
"dev") profile_dir="debug";;
@@ -63,7 +62,6 @@ WORKDIR /
RUN \
--mount=type=bind,from=output,src=${install_temp},dst=/mnt/install \
<<EOF
env
set -eux
cp -ndR --preserve=all -t ${CARGO_INSTALL_ROOT} /mnt/install/*
EOF

1
docker/Dockerfile.cargo.lychee
View File

@@ -14,7 +14,6 @@ RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
<<EOF
env
set -eux
rustup run ${rust_toolchain} \
lychee \

5
docker/Dockerfile.cookware
View File

@@ -12,7 +12,6 @@ RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
<<EOF
env
set -eux
url="https://static.rust-lang.org/rustup/archive/${rustup_version}/${CARGO_TARGET}/rustup-init"
@@ -34,7 +33,6 @@ RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
<<EOF
env
set -eux
rustup component add \
--toolchain ${rust_toolchain} \
@@ -55,7 +53,6 @@ RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
<<EOF
env
set -eux
rustup run --install ${rust_toolchain} \
cargo install \
@@ -64,6 +61,8 @@ RUN \
cargo-chef \
cargo-audit \
cargo-deb \
cargo-arch \
cargo-generate-rpm \
lychee \
;
EOF

3
docker/Dockerfile.ingredients
View File

@@ -6,7 +6,6 @@ ARG git_checkout
ADD --keep-git-dir . /usr/src/tuwunel
WORKDIR /usr/src/tuwunel
RUN <<EOF
env
set -eux
git reset \
--hard \
@@ -31,7 +30,6 @@ RUN \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=locked \
<<EOF
env
set -eux
git submodule update \
--remote \
@@ -60,7 +58,6 @@ RUN \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=locked \
<<EOF
env
set -euxo pipefail
rustup run ${rust_toolchain} \
cargo chef prepare \

4
docker/Dockerfile.rocksdb
View File

@@ -36,7 +36,9 @@ ENV CC="clang"
ENV CXX="clang++"
WORKDIR /usr/src/rocksdb/librocksdb-sys/rocksdb
ENV nprocs=${nprocs}
RUN <<EOF
RUN \
--mount=type=cache,dst=/var/lock/uwu/${rocksdb_jemalloc}/${rocksdb_iouring},sharing=locked \
<<EOF
set -eux
LDFLAGS="-Wl,--strip-all" \

173
docker/bake.hcl
View File

@@ -1,5 +1,8 @@
variable "acct" {}
variable "repo" {}
variable GITHUB_REF {}
variable GITHUB_REF_SHA {}
variable GITHUB_REF_NAME {}
cargo_feat_sets = {
none = ""
@@ -74,7 +77,7 @@ variable "package_authors" {
default = "Jason Volk <jason@zemos.net>"
}
variable "package_version" {
default = "0.5"
default = "1.0"
}
variable "package_revision" {
default = ""
@@ -177,6 +180,43 @@ sys = {
sys_target = jsondecode(sys_targets)
}
#
# Publish
#
group "publish" {
targets = [
"dockerhub",
]
}
target "dockerhub" {
name = elem("dockerhub", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
"${repo}:${cargo_profile}-${feat_set}-${sys_target}",
(GITHUB_REF_NAME == "main" && cargo_profile == "release" && feat_set == "all")?
"${repo}:main": "",
(GITHUB_REF_NAME == "main" && cargo_profile == "release" && feat_set == "all")?
"${repo}:${GITHUB_REF_NAME}": "",
(GITHUB_REF_NAME == "main" && cargo_profile == "release" && feat_set == "all")?
"${repo}:latest": "",
]
output = ["type=registry,compression=zstd,mode=min"]
matrix = cargo_rust_feat_sys
inherits = [
elem("install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
}
target = "dockerhub"
dockerfile-inline =<<EOF
FROM input AS dockerhub
EXPOSE 8008 8448
ENTRYPOINT ["${cargo_install_root}/bin/tuwunel"]
EOF
}
#
# Complement tests
#
@@ -222,12 +262,9 @@ target "complement-testee" {
elem_tag("complement-testee", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "complement-testee"
output = ["type=docker,compression=zstd,mode=min"]
entitlements = ["network.host"]
dockerfile = "docker/Dockerfile.complement"
labels = {
"_group" = "complement"
"_cache" = "leaf"
}
matrix = cargo_rust_feat_sys
inherits = [
elem("install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
@@ -299,10 +336,6 @@ target "complement-config" {
]
target = "complement-config"
dockerfile = "docker/Dockerfile.complement"
labels = {
"_group" = "complement"
"_cache" = "trunk"
}
matrix = feat_sys
inherits = [
elem("source", [feat_set, sys_name, sys_version, sys_target])
@@ -388,12 +421,8 @@ target "smoketest" {
tags = [
elem_tag("smoketest", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
output = ["type=docker,compression=zstd,mode=min"]
output = ["type=cacheonly,compression=zstd,mode=min"]
dockerfile = "docker/Dockerfile.smoketest"
labels = {
"_group" = "smoketest"
"_cache" = "leaf"
}
matrix = cargo_rust_feat_sys
inherits = [
elem("install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
@@ -410,7 +439,7 @@ target "smoketest" {
install_labels = {
"org.opencontainers.image.authors" = "${package_authors}"
"org.opencontainers.image.created" ="${package_last_modified}"
"org.opencontainers.image.description" = "Enterprise Matrix Chat Server in Rust"
"org.opencontainers.image.description" = "Matrix Chat Server in Rust"
"org.opencontainers.image.documentation" = "https://github.com/matrix-construct/tuwunel/tree/main/docs/"
"org.opencontainers.image.licenses" = "Apache-2.0"
"org.opencontainers.image.revision" = "${package_revision}"
@@ -447,10 +476,6 @@ target "installer" {
]
target = "installer"
dockerfile = "docker/Dockerfile.cargo.install"
labels = {
"_group" = "install"
"_cache" = "trunk"
}
matrix = cargo_rust_feat_sys
inherits = [
elem("deps-build-bins", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
@@ -465,6 +490,68 @@ target "installer" {
}
}
#
# Package
#
group "pkg" {
targets = [
"pkg-deb-install",
]
}
target "pkg-deb-install" {
name = elem("pkg-deb-install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
elem_tag("pkg-deb-install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "package-install"
output = ["type=cacheonly,compression=zstd,mode=min"]
matrix = cargo_rust_feat_sys
inherits = [
elem("pkg-deb", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:diner", [feat_set, sys_name, sys_version, sys_target])
package = elem("target:pkg-deb", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
}
}
target "pkg-deb" {
name = elem("pkg-deb", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
elem_tag("pkg-deb", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "package"
output = ["type=docker,compression=zstd,mode=min"]
matrix = cargo_rust_feat_sys
inherits = [
elem("debuild", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
debuild = elem("target:debuild", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
}
}
target "debuild" {
name = elem("debuild", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
elem_tag("debuild", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "debuild"
dockerfile = "docker/Dockerfile.cargo.deb"
matrix = cargo_rust_feat_sys
inherits = [
elem("build-bins", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:build-bins", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
}
args = {
pkg_dir = "/opt/tuwunel/deb"
}
}
#
# Unit tests
#
@@ -485,11 +572,6 @@ target "tests-bench" {
elem_tag("tests-bench", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "cargo"
output = ["type=docker,compression=zstd,mode=min"]
labels = {
"_group" = "tests"
"_cache" = "leaf"
}
matrix = cargo_bench_matrix
inherits = [
elem("build-bench", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
@@ -509,11 +591,6 @@ target "tests-unit" {
elem_tag("tests-unit", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "cargo"
output = ["type=docker,compression=zstd,mode=min"]
labels = {
"_group" = "tests"
"_cache" = "leaf"
}
matrix = cargo_rust_feat_sys
inherits = [
elem("build-tests", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
@@ -743,13 +820,9 @@ target "fmt" {
target "cargo" {
name = elem("cargo", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
target = "cargo"
output = ["type=docker,compression=zstd,mode=min"]
output = ["type=cacheonly,compression=zstd,mode=min"]
cache_to = ["type=local,compression=zstd,mode=min"]
dockerfile = "docker/Dockerfile.cargo"
labels = {
"_group" = "cargo"
"_cache" = "trunk"
}
matrix = cargo_rust_feat_sys
inherits = [
elem("deps-base", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
@@ -861,13 +934,9 @@ target "deps-base" {
elem_tag("deps-base", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest")
]
target = "deps"
output = ["type=docker,compression=zstd,mode=min"]
output = ["type=cacheonly,compression=zstd,mode=min"]
cache_to = ["type=local,compression=zstd,mode=min"]
dockerfile = "docker/Dockerfile.cargo.deps"
labels = {
"_group" = "deps"
"_cache" = "trunk"
}
matrix = cargo_rust_feat_sys
inherits = [
elem("recipe", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
@@ -893,7 +962,7 @@ target "rocksdb" {
elem_tag("rocksdb", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "rocksdb"
output = ["type=docker,compression=zstd,mode=min"]
output = ["type=cacheonly,compression=zstd,mode=min"]
matrix = rust_feat_sys
inherits = [
elem("rocksdb-build", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
@@ -934,10 +1003,6 @@ target "rocksdb-fetch" {
]
target = "rocksdb-fetch"
dockerfile = "docker/Dockerfile.rocksdb"
labels = {
"_group" = "rocksdb"
"_cache" = "trunk"
}
matrix = rust_feat_sys
inherits = [
elem("recipe", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
@@ -968,7 +1033,7 @@ target "recipe" {
elem_tag("recipe", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest")
]
target = "recipe"
output = ["type=docker,compression=zstd,mode=min"]
output = ["type=cacheonly,compression=zstd,mode=min"]
matrix = rust_feat_sys
inherits = [
elem("preparing", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
@@ -1043,10 +1108,6 @@ target "source" {
]
target = "source"
dockerfile = "docker/Dockerfile.ingredients"
labels = {
"_group" = "sources"
"_cache" = "trunk"
}
matrix = feat_sys
inherits = [
elem("kitchen", [feat_set, sys_name, sys_version, sys_target])
@@ -1126,10 +1187,6 @@ target "kitchen" {
]
target = "kitchen"
dockerfile = "docker/Dockerfile.kitchen"
labels = {
"_group" = "buildsys"
"_cache" = "trunk"
}
matrix = feat_sys
inherits = [
elem("diner", [feat_set, sys_name, sys_version, sys_target])
@@ -1211,7 +1268,6 @@ target "diner" {
elem_tag("diner", [feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "diner"
output = ["type=docker,compression=zstd,mode=min"]
dockerfile = "docker/Dockerfile.diner"
matrix = feat_sys
variable "cargo_feat_set" {
@@ -1231,6 +1287,9 @@ target "diner" {
var_lib_apt = "/var/lib/apt"
var_cache = "/var/cache"
packages = join(" ", [
"adduser",
"bzip2",
"gzip",
contains(split(",", cargo_feat_sets[feat_set]), "io_uring")? "liburing2": "",
contains(split(",", cargo_feat_sets[feat_set]), "zstd_compression")? "libzstd1": "",
contains(split(",", cargo_feat_sets[feat_set]), "jemalloc")? "libjemalloc2": "",
@@ -1249,14 +1308,10 @@ target "system" {
elem_tag("system", [sys_name, sys_version, sys_target], "latest"),
]
target = "system"
output = ["type=docker,compression=zstd,mode=min"]
output = ["type=cacheonly,compression=zstd,mode=min"]
cache_to = ["type=local,compression=zstd,mode=max"]
cache_from = ["type=local"]
dockerfile = "docker/Dockerfile.diner"
labels = {
"_group" = "systems"
"_cache" = "trunk"
}
matrix = sys
context = "."
args = {

7
docker/bake.sh
View File

@@ -9,9 +9,9 @@ CI_VERBOSE_ENV="${CI_VERBOSE_ENV:-$CI_VERBOSE}"
CI_SILENT_BAKE="${CI_SILENT_BAKE:-false}"
CI_PRINT_BAKE="${CI_PRINT_BAKE:-$CI_VERBOSE}"
default_cargo_profiles='["test", "bench"]'
default_feat_sets='["none", "default", "all"]'
default_rust_toolchains='["nightly", "stable"]'
default_cargo_profiles='["release"]'
default_feat_sets='["all"]'
default_rust_toolchains='["stable"]'
default_rust_targets='["x86_64-unknown-linux-gnu"]'
default_sys_names='["debian"]'
default_sys_targets='["x86_64-linux-gnu"]'
@@ -79,6 +79,7 @@ if test "$CI" = "true"; then
fi
args=""
args="$args --allow=network.host"
args="$args --builder ${builder_name}"
#args="$args --set *.platform=${sys_platform}"

2
docker/complement.sh
View File

@@ -44,7 +44,7 @@ if test "$CI_VERBOSE_ENV" = "true"; then
fi
set -x -e
cid=$(docker run -d $arg)
cid=$(docker run $arg)
set +x
trap 'docker container stop $cid; set +x; date; echo -e "\033[1;41;37mFAIL\033[0m"' INT