Build docker image for subsequent jobs #33
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build docker image for subsequent jobs | |
| on: | |
| push: | |
| tags: | |
| - "*" | |
| # For manually rebuilding the images | |
| workflow_dispatch: | |
| inputs: | |
| octez-tag: | |
| description: "tezos/tezos docker tag to be used" | |
| required: true | |
| type: string | |
| workflow_call: | |
| inputs: | |
| octez-tag: | |
| description: "tezos/tezos docker tag to be used" | |
| required: true | |
| type: string | |
| outputs: | |
| jstz-cli: | |
| description: "jstz docker image tag" | |
| value: ${{ jobs.build-docker.outputs.jstz-cli }} | |
| jstz-rollup: | |
| description: "jstz-rollup docker image tag" | |
| value: ${{ jobs.build-docker.outputs.jstz-rollup }} | |
| jstz-node: | |
| description: "jstz-node docker image tag" | |
| value: ${{ jobs.build-docker.outputs.jstz-node }} | |
| jstzd: | |
| description: "jstzd docker image tag" | |
| value: ${{ jobs.build-docker.outputs.jstzd }} | |
| env: | |
| DOCKER_REGISTRY: ghcr.io | |
| DOCKER_IMAGE_BASE: jstz-dev/jstz | |
| jobs: | |
| build-kernel: | |
| name: Build (Kernel) | |
| runs-on: [x86_64, linux, nix] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: nix --version | |
| - name: Format | |
| run: nix --accept-flake-config fmt -- --fail-on-change | |
| - name: Prevent blst | |
| run: nix --accept-flake-config develop -j auto --command sh -c '[ -z "$(cargo tree | grep blst)" ]' | |
| - name: Build | |
| run: nix --accept-flake-config --log-format raw -L build -j auto .#jstz_kernel | |
| - name: Upload kernel | |
| id: upload-kernel | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: jstz-kernel | |
| path: result/lib/jstz_kernel.wasm | |
| build-docker-arm64: | |
| name: Build (Docker arm64) | |
| needs: [build-kernel] | |
| runs-on: ubuntu-24.04-arm | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| matrix: | |
| include: | |
| - image: jstz-rollup | |
| dockerfile: ./crates/jstz_rollup/Dockerfile | |
| platforms: linux/arm64 | |
| steps: | |
| - name: Prepare | |
| run: | | |
| platform=${{ matrix.platforms }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.DOCKER_REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Download jstz-kernel artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: jstz-kernel | |
| path: jstz_kernel | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v3 | |
| with: | |
| images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }} | |
| tags: | | |
| type=ref,event=tag | |
| {{sha}} | |
| - name: Build and push Docker image | |
| id: build-image | |
| uses: docker/[email protected] | |
| with: | |
| context: . | |
| file: ${{ matrix.dockerfile }} | |
| build-args: | | |
| OCTEZ_TAG=${{ inputs.octez-tag }} | |
| KERNEL_PATH=./jstz_kernel/jstz_kernel.wasm | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: ${{ matrix.platforms }} | |
| outputs: type=image,"name=${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }}",push-by-digest=true,name-canonical=true,push=true | |
| - name: Export digest | |
| run: | | |
| mkdir -p ${{ runner.temp }}/digests | |
| digest="${{ steps.build-image.outputs.digest }}" | |
| touch "${{ runner.temp }}/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digests-${{ env.PLATFORM_PAIR }} | |
| path: ${{ runner.temp }}/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| build-docker-amd64: | |
| name: Build (Docker amd64) | |
| needs: [build-kernel] | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| matrix: | |
| include: | |
| - image: jstz-rollup | |
| dockerfile: ./crates/jstz_rollup/Dockerfile | |
| platforms: linux/amd64 | |
| steps: | |
| - name: Prepare | |
| run: | | |
| platform=${{ matrix.platforms }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.DOCKER_REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Download jstz-kernel artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: jstz-kernel | |
| path: jstz_kernel | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v3 | |
| with: | |
| images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }} | |
| tags: | | |
| type=ref,event=tag | |
| {{sha}} | |
| - name: Build and push Docker image | |
| id: build-image | |
| uses: docker/[email protected] | |
| with: | |
| context: . | |
| file: ${{ matrix.dockerfile }} | |
| build-args: | | |
| OCTEZ_TAG=${{ inputs.octez-tag }} | |
| KERNEL_PATH=./jstz_kernel/jstz_kernel.wasm | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: ${{ matrix.platforms }} | |
| outputs: type=image,"name=${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }}",push-by-digest=true,name-canonical=true,push=true | |
| - name: Export digest | |
| run: | | |
| mkdir -p ${{ runner.temp }}/digests | |
| digest="${{ steps.build-image.outputs.digest }}" | |
| touch "${{ runner.temp }}/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digests-${{ env.PLATFORM_PAIR }} | |
| path: ${{ runner.temp }}/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| merge: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build-docker-amd64 | |
| - build-docker-arm64 | |
| strategy: | |
| matrix: | |
| include: | |
| - image: jstz-rollup | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: ${{ runner.temp }}/digests | |
| pattern: digests-* | |
| merge-multiple: true | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v3 | |
| with: | |
| images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }} | |
| tags: | | |
| type=ref,event=tag | |
| {{sha}} | |
| - name: Create manifest list and push | |
| working-directory: ${{ runner.temp }}/digests | |
| run: | | |
| docker buildx imagetools create -t ${{ fromJson(steps.meta.outputs.json).tags[0] }} \ | |
| $(printf '${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_IMAGE_BASE }}/${{ matrix.image }}@sha256:%s ' *) | |
| - name: Inspect image | |
| run: | | |
| docker buildx imagetools inspect ${{ fromJson(steps.meta.outputs.json).tags[0] }} |