studio/tuwunel
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add rpm package to workflow.

Browse Source 
Improve workflows.

Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk
2025-05-08 02:58:57 +00:00
parent 8bfe63d45f
commit aa27ab855b
11 changed files with 260 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
.github/workflows/lint.yml vendored
View File

@@ -38,13 +38,13 @@ on:
jobs:
fmt:
if: ${{contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["none"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])}}
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) }}
name: Format
uses: ./.github/workflows/bake.yml
with:
bake_targets: '["fmt"]'
cargo_profiles: '["test"]'
feat_sets: '["none"]'
feat_sets: '["all"]'
rust_toolchains: '["nightly"]'
rust_targets: ${{inputs.rust_targets}}
sys_names: ${{inputs.sys_names}}
@@ -55,13 +55,13 @@ jobs:
includes: ${{inputs.includes}}
audit:
if: ${{contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["none"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])}}
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) }}
name: Audit
uses: ./.github/workflows/bake.yml
with:
bake_targets: '["audit"]'
cargo_profiles: '["test"]'
feat_sets: '["none"]'
feat_sets: '["all"]'
rust_toolchains: '["nightly"]'
sys_names: ${{inputs.sys_names}}
sys_versions: ${{inputs.sys_versions}}
@@ -72,13 +72,13 @@ jobs:
includes: ${{inputs.includes}}
lychee:
if: ${{contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["none"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])}}
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])}}
name: Lychee
uses: ./.github/workflows/bake.yml
with:
bake_targets: '["lychee"]'
cargo_profiles: '["test"]'
feat_sets: '["none"]'
feat_sets: '["all"]'
rust_toolchains: '["nightly"]'
sys_names: ${{inputs.sys_names}}
sys_versions: ${{inputs.sys_versions}}
@@ -89,7 +89,7 @@ jobs:
includes: ${{inputs.includes}}
clippy:
if: ${{ always() }}
if: ${{ !failure() && !cancelled() }}
name: Clippy
needs: [fmt, audit, lychee]
uses: ./.github/workflows/bake.yml
@@ -107,7 +107,7 @@ jobs:
includes: ${{inputs.includes}}
doc:
if: ${{contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0])}}
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.cargo_profiles), fromJSON('["test"]')[0]) && contains(fromJSON(inputs.rust_toolchains), fromJSON('["nightly"]')[0]) }}
name: Docs
needs: [clippy]
uses: ./.github/workflows/bake.yml

23
.github/workflows/main.yml vendored
View File

@@ -18,7 +18,7 @@ env:
jobs:
deps:
if: ${{vars.CI_VERBOSE_DEPS || false}}
if: ${{ vars.CI_VERBOSE_DEPS || false }}
name: Deps
uses: ./.github/workflows/deps.yml
with:
@@ -32,7 +32,7 @@ jobs:
machines: ${{vars.MACHINES}}
lint:
if: ${{ always() && !cancelled() }}
if: ${{ !failure() && !cancelled() }}
name: Lint
needs: [deps]
uses: ./.github/workflows/lint.yml
@@ -47,7 +47,7 @@ jobs:
machines: ${{vars.MACHINES}}
test:
if: ${{ always() && !cancelled() }}
if: ${{ !failure() && !cancelled() }}
name: Test
needs: [lint]
uses: ./.github/workflows/test.yml
@@ -63,7 +63,7 @@ jobs:
complement: true
package:
if: ${{ always() && !cancelled() }}
if: ${{ !failure() && !cancelled() }}
name: Package
needs: [test]
uses: ./.github/workflows/package.yml
@@ -76,3 +76,18 @@ jobs:
rust_targets: ${{vars.RUST_TARGETS}}
sys_targets: ${{vars.sys_TARGETS}}
machines: ${{vars.MACHINES}}
publish:
if: ${{ !failure() && !cancelled() }}
name: Publish
needs: [package]
uses: ./.github/workflows/publish.yml
with:
cargo_profiles: '["release"]'
feat_sets: ${{vars.FEAT_SETS}}
rust_toolchains: '["stable"]'
sys_names: ${{vars.SYS_NAMES}}
sys_versions: ${{vars.SYS_VERSIONS}}
rust_targets: ${{vars.RUST_TARGETS}}
sys_targets: ${{vars.sys_TARGETS}}
machines: ${{vars.MACHINES}}

26
.github/workflows/package.yml vendored
View File

@@ -39,12 +39,13 @@ on:
jobs:
deb:
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) }}
name: Deb
uses: ./.github/workflows/bake.yml
with:
bake_targets: '["pkg-deb-install"]'
cargo_profiles: ${{inputs.cargo_profiles}}
feat_sets: ${{inputs.feat_sets}}
feat_sets: '["all"]'
rust_toolchains: ${{inputs.rust_toolchains}}
sys_names: ${{inputs.sys_names}}
sys_versions: ${{inputs.sys_versions}}
@@ -55,30 +56,13 @@ jobs:
includes: ${{inputs.includes}}
rpm:
if: false
if: ${{ !failure() && !cancelled() && contains(fromJSON(inputs.feat_sets), fromJSON('["all"]')[0]) }}
name: RPM
uses: ./.github/workflows/bake.yml
with:
bake_targets: '["pkg-rpm-install"]'
bake_targets: '["pkg-rpm"]'
cargo_profiles: ${{inputs.cargo_profiles}}
feat_sets: ${{inputs.feat_sets}}
rust_toolchains: ${{inputs.rust_toolchains}}
sys_names: ${{inputs.sys_names}}
sys_versions: ${{inputs.sys_versions}}
rust_targets: ${{inputs.rust_targets}}
sys_targets: ${{inputs.sys_targets}}
machines: ${{inputs.machines}}
excludes: ${{inputs.excludes}}
includes: ${{inputs.includes}}
dockerhub:
if: ${{github.ref == 'refs/heads/main'}}
name: DockerHub
uses: ./.github/workflows/bake.yml
with:
bake_targets: '["dockerhub"]'
cargo_profiles: ${{inputs.cargo_profiles}}
feat_sets: ${{inputs.feat_sets}}
feat_sets: '["all"]'
rust_toolchains: ${{inputs.rust_toolchains}}
sys_names: ${{inputs.sys_names}}
sys_versions: ${{inputs.sys_versions}}

73
.github/workflows/publish.yml vendored Normal file
View File

@@ -0,0 +1,73 @@
name: Publish
on:
workflow_call:
inputs:
cargo_profiles:
type: string
default: '["release"]'
description: Cargo profiles
feat_sets:
type: string
description: Cargo feature groups
rust_toolchains:
type: string
description: Rust toolchains
sys_names:
type: string
description: System names
sys_versions:
type: string
description: System versions
rust_targets:
type: string
description: Rust targets
sys_targets:
type: string
description: System targets
machines:
type: string
description: Hardware platform vector
excludes:
type: string
default: '[]'
description: Matrix exclusions
includes:
type: string
default: '[]'
description: Matrix inclusions
jobs:
dockerhub:
if: ${{ !failure() && !cancelled() && github.ref == 'refs/heads/main' }}
name: DockerHub
uses: ./.github/workflows/bake.yml
with:
bake_targets: '["dockerhub"]'
cargo_profiles: ${{inputs.cargo_profiles}}
feat_sets: ${{inputs.feat_sets}}
rust_toolchains: ${{inputs.rust_toolchains}}
sys_names: ${{inputs.sys_names}}
sys_versions: ${{inputs.sys_versions}}
rust_targets: ${{inputs.rust_targets}}
sys_targets: ${{inputs.sys_targets}}
machines: ${{inputs.machines}}
excludes: ${{inputs.excludes}}
includes: ${{inputs.includes}}
ghcr:
if: ${{ !failure() && !cancelled() && github.ref == 'refs/heads/main' }}
name: GitHub Container Registry
uses: ./.github/workflows/bake.yml
with:
bake_targets: '["github"]'
cargo_profiles: ${{inputs.cargo_profiles}}
feat_sets: ${{inputs.feat_sets}}
rust_toolchains: ${{inputs.rust_toolchains}}
sys_names: ${{inputs.sys_names}}
sys_versions: ${{inputs.sys_versions}}
rust_targets: ${{inputs.rust_targets}}
sys_targets: ${{inputs.sys_targets}}
machines: ${{inputs.machines}}
excludes: ${{inputs.excludes}}
includes: ${{inputs.includes}}

2
.github/workflows/test.yml vendored
View File

@@ -70,7 +70,7 @@ jobs:
rust_targets: ${{inputs.rust_targets}}
sys_targets: ${{inputs.sys_targets}}
machines: ${{inputs.machines}}
excludes: '[{"cargo_profile": "release", "rust_toolchain": "nightly"}, {"feat_set": "default"}]'
excludes: '[{"cargo_profile": "release", "rust_toolchain": "nightly"}, {"cargo_profile": "test", "feat_set": "default"}]'
includes: ${{inputs.includes}}
complement_tester:

52
docker/Dockerfile.cargo.rpm Normal file
View File

@@ -0,0 +1,52 @@
# syntax = docker/dockerfile:1.11-labs
FROM input AS rpmbuild
ARG sys_target
ARG rust_toolchain
ARG RUSTUP_HOME
ARG CARGO_HOME
ARG CARGO_TARGET
ARG CARGO_TARGET_DIR
ARG cargo_profile
ARG cargo_features
ARG cargo_spec_features
ARG pkg_dir
ARG gen_rpm_args=""
WORKDIR /usr/src/tuwunel
RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=locked \
<<EOF
set -eux
mkdir -p "${pkg_dir}"
rustup run ${rust_toolchain} \
cargo generate-rpm \
--package src/main \
--auto-req auto \
--target "${CARGO_TARGET}" \
--target-dir "${CARGO_TARGET_DIR}" \
--profile "${cargo_profile}" \
--payload-compress zstd \
--output "${pkg_dir}" \
${gen_rpm_args}
EOF
FROM scratch AS package
ARG pkg_dir
COPY --from=rpmbuild ${pkg_dir}/* .
FROM redhat/ubi9 AS package-install
ARG pkg_dir
WORKDIR ${pkg_dir}
COPY --from=package . .
RUN <<EOF
set -eux
rpm -i --test *
rpm -i *
EOF

4
docker/Dockerfile.ingredients
View File

@@ -20,7 +20,6 @@ ARG rust_toolchain
ARG RUSTUP_HOME
ARG CARGO_HOME
ARG CARGO_TARGET
ARG CARGO_TARGET_DIR
WORKDIR /usr/src/tuwunel
COPY --link --from=source /usr/src/tuwunel .
@@ -28,7 +27,6 @@ COPY --link --from=source /usr/src/tuwunel .
RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=locked \
<<EOF
set -eux
git submodule update \
@@ -50,13 +48,11 @@ ARG rust_toolchain
ARG RUSTUP_HOME
ARG CARGO_HOME
ARG CARGO_TARGET
ARG CARGO_TARGET_DIR
WORKDIR /usr/src/tuwunel
RUN \
--mount=type=cache,dst=${RUSTUP_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_HOME},sharing=locked \
--mount=type=cache,dst=${CARGO_TARGET_DIR},sharing=locked \
<<EOF
set -euxo pipefail
rustup run ${rust_toolchain} \

88
docker/bake.hcl
View File

@@ -187,9 +187,37 @@ sys = {
group "publish" {
targets = [
"dockerhub",
"github",
]
}
target "github" {
name = elem("github", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
"ghcr.io/matrix-construct/tuwunel:${cargo_profile}-${feat_set}-${sys_target}",
(GITHUB_REF_NAME == "main" && cargo_profile == "release" && feat_set == "all")?
"ghcr.io/matrix-construct/tuwunel:main": "",
(GITHUB_REF_NAME == "main" && cargo_profile == "release" && feat_set == "all")?
"ghcr.io/matrix-construct/tuwunel:${GITHUB_REF_NAME}": "",
(GITHUB_REF_NAME == "main" && cargo_profile == "release" && feat_set == "all")?
"ghcr.io/matrix-construct/tuwunel:latest": "",
]
output = ["type=registry,compression=zstd,mode=min"]
matrix = cargo_rust_feat_sys
inherits = [
elem("install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
}
target = "tuwunel"
dockerfile-inline =<<EOF
FROM input AS tuwunel
EXPOSE 8008 8448
ENTRYPOINT ["${cargo_install_root}/bin/tuwunel"]
EOF
}
target "dockerhub" {
name = elem("dockerhub", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
@@ -209,9 +237,9 @@ target "dockerhub" {
contexts = {
input = elem("target:install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
}
target = "dockerhub"
target = "tuwunel"
dockerfile-inline =<<EOF
FROM input AS dockerhub
FROM input AS tuwunel
EXPOSE 8008 8448
ENTRYPOINT ["${cargo_install_root}/bin/tuwunel"]
EOF
@@ -497,9 +525,61 @@ target "installer" {
group "pkg" {
targets = [
"pkg-deb-install",
"pkg-rpm-install",
]
}
target "pkg-rpm-install" {
name = elem("pkg-rpm-install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
elem_tag("pkg-rpm-install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "package-install"
output = ["type=cacheonly,compression=zstd,mode=min"]
matrix = cargo_rust_feat_sys
inherits = [
elem("pkg-rpm", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
package = elem("target:pkg-rpm", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
}
}
target "pkg-rpm" {
name = elem("pkg-rpm", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
elem_tag("pkg-rpm", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "package"
output = ["type=docker,compression=zstd,mode=min"]
matrix = cargo_rust_feat_sys
inherits = [
elem("rpmbuild", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
rpmbuild = elem("target:rpmbuild", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
}
}
target "rpmbuild" {
name = elem("rpmbuild", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
elem_tag("rpmbuild", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target], "latest"),
]
target = "rpmbuild"
dockerfile = "docker/Dockerfile.cargo.rpm"
matrix = cargo_rust_feat_sys
inherits = [
elem("build-bins", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
]
contexts = {
input = elem("target:build-bins", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target]),
}
args = {
pkg_dir = "/opt/tuwunel/rpm"
}
}
target "pkg-deb-install" {
name = elem("pkg-deb-install", [cargo_profile, rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
tags = [
@@ -947,8 +1027,9 @@ target "deps-base" {
rocksdb = elem("target:rocksdb", [rust_toolchain, rust_target, feat_set, sys_name, sys_version, sys_target])
}
args = {
cook_args = "--all-targets --no-build"
cargo_profile = cargo_profile
cook_args = "--all-targets --no-build"
CARGO_TARGET_DIR = "/usr/src/tuwunel/target/${sys_name}/${sys_version}/${rust_toolchain}/${cargo_profile}"
}
}
@@ -1087,7 +1168,6 @@ target "ingredients" {
feat_set == "all"?
"--all-features": "--no-default-features"
)
CARGO_TARGET_DIR = "/usr/src/tuwunel/target/${sys_name}/${sys_version}/${rust_toolchain}"
CARGO_BUILD_RUSTFLAGS = (
rust_toolchain == "nightly"?
join(" ", nightly_rustflags): ""

9
docker/bake.sh
View File

@@ -9,9 +9,9 @@ CI_VERBOSE_ENV="${CI_VERBOSE_ENV:-$CI_VERBOSE}"
CI_SILENT_BAKE="${CI_SILENT_BAKE:-false}"
CI_PRINT_BAKE="${CI_PRINT_BAKE:-$CI_VERBOSE}"
default_cargo_profiles='["release"]'
default_cargo_profiles='["test"]'
default_feat_sets='["all"]'
default_rust_toolchains='["stable"]'
default_rust_toolchains='["nightly"]'
default_rust_targets='["x86_64-unknown-linux-gnu"]'
default_sys_names='["debian"]'
default_sys_targets='["x86_64-linux-gnu"]'
@@ -79,10 +79,13 @@ if test "$CI" = "true"; then
fi
args=""
args="$args --allow=network.host"
args="$args --builder ${builder_name}"
#args="$args --set *.platform=${sys_platform}"
if test "$CI" = "true"; then
args="$args --allow=network.host"
fi
if test ! -z "$runner_num"; then
#cpu_num=$(expr $runner_num % $(nproc))
#args="$args --cpuset-cpus=${cpu_num}"

4
docs/deploying/docker.md
View File

@@ -11,10 +11,10 @@ OCI images for tuwunel are available in the registries listed below.
| Registry | Image | Size | Notes |
| --------------- | --------------------------------------------------------------- | ----------------------------- | ---------------------- |
| GitHub Registry | [ghcr.io/jevolk/tuwunel:latest][gh] | ![Image Size][shield-latest] | Stable latest tagged image. |
| GitHub Registry | [ghcr.io/matrix-construct/tuwunel:latest][gh] | ![Image Size][shield-latest] | Stable latest tagged image. |
| GitLab Registry | [registry.gitlab.com/jevolk/tuwunel:latest][gl] | ![Image Size][shield-latest] | Stable latest tagged image. |
| Docker Hub | [docker.io/jevolk/tuwunel:latest][dh] | ![Image Size][shield-latest] | Stable latest tagged image. |
| GitHub Registry | [ghcr.io/jevolk/tuwunel:main][gh] | ![Image Size][shield-main] | Stable main branch. |
| GitHub Registry | [ghcr.io/matrix-construct/tuwunel:main][gh] | ![Image Size][shield-main] | Stable main branch. |
| GitLab Registry | [registry.gitlab.com/jevolk/tuwunel:main][gl] | ![Image Size][shield-main] | Stable main branch. |
| Docker Hub | [docker.io/jevolk/tuwunel:main][dh] | ![Image Size][shield-main] | Stable main branch. |

10
src/main/Cargo.toml
View File

@@ -34,6 +34,16 @@ assets = [
["../../tuwunel-example.toml", "etc/tuwunel/tuwunel.toml", "640"],
]
[package.metadata.generate-rpm]
name = "tuwunel"
summary = """\
High performance Matrix homeserver written in Rust"""
assets = [
{ source = "target/release/tuwunel", dest = "/usr/sbin/tuwunel", mode = "755" },
{ source = "README.md", dest = "/usr/share/doc/tuwunel/", mode = "644", doc = true },
{ source = "tuwunel-example.toml", dest = "/etc/tuwunel/tuwunel.toml", mode = "640", config = "noreplace" },
]
[features]
default = [
"brotli_compression",