Skip to content

Reduce size by using base images #134

Reduce size by using base images

Reduce size by using base images #134

Workflow file for this run

name: Build Ink Cross Images
on:
push:
branches: [ main ]
paths: [ .github/workflows/ink-cross.yml, cmake/**, docker/**, scripts/**, build-args.sh, image-tags.sh ]
pull_request:
branches: [ main ]
paths: [ .github/workflows/ink-cross.yml, cmake/**, docker/**, scripts/**, build-args.sh, image-tags.sh ]
workflow_dispatch:
schedule:
- cron: '0 6 * * 6'
permissions: { }
jobs:
vars:
runs-on: ubuntu-latest
outputs:
build-date: ${{ steps.date.outputs.BUILD_DATE }}
latest-rust-version: ${{ steps.rust.outputs.LATEST_RUST_VERSION }}
latest-openssl-version: ${{ steps.openssl.outputs.LATEST_OPENSSL_VERSION }}
steps:
- name: Build Date
id: date
run: echo "BUILD_DATE=$(date --utc)" >> "$GITHUB_OUTPUT"
- name: Latest Rust Pinned
id: rust
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: echo "LATEST_RUST_VERSION=$(gh release view -R rust-lang/rust --json tagName --jq '.tagName')" >> "$GITHUB_OUTPUT"
- name: Latest Openssl
id: openssl
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: echo "LATEST_OPENSSL_VERSION=$(gh release view -R openssl/openssl --json tagName --jq '.tagName')" >> "$GITHUB_OUTPUT"
ink-cross-step0:
runs-on: ubuntu-latest
needs: [ vars ]
permissions:
contents: read
packages: write
outputs:
digest: ${{ steps.step0.outputs.digest }}
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Free up space
run: ./ci/scripts/util_free_space.sh
- name: Vars
env:
BUILD_DATE: ${{ needs.vars.outputs.build-date }}
LATEST_RUST_VERSION: ${{ needs.vars.outputs.latest-rust-version }}
LATEST_OPENSSL_VERSION: ${{ needs.vars.outputs.latest-openssl-version }}
run: ./build-args.sh
- name: Generate Image Tags
env:
STEP: s0
IS_PULL_REQUEST: ${{ github.event_name == 'pull_request' }}
run: ./image-tags.sh
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
image: tonistiigi/binfmt:master
- name: Docker Setup Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Docker Login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker Login
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Build and push Docker images (step0)
uses: docker/build-push-action@v6
id: step0
with:
context: ./
file: ./docker/base/step0.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_PINNED }}
build-args: |
CMAKE_VERSION=${{ env.CMAKE_VERSION }}
labels: |
tech.harmless.ink-cross.target="base/step0"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.cmake="${{ env.CMAKE_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }}
ink-cross-step1:
runs-on: ubuntu-latest
needs: [ vars, ink-cross-step0 ]
permissions:
contents: read
packages: write
outputs:
digest-pinned: ${{ steps.step1-pinned.outputs.digest }}
digest-stable: ${{ steps.step1-stable.outputs.digest }}
digest-beta: ${{ steps.step1-beta.outputs.digest }}
digest-nightly: ${{ steps.step1-nightly.outputs.digest }}
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Free up space
run: ./ci/scripts/util_free_space.sh
- name: Vars
env:
BUILD_DATE: ${{ needs.vars.outputs.build-date }}
LATEST_RUST_VERSION: ${{ needs.vars.outputs.latest-rust-version }}
LATEST_OPENSSL_VERSION: ${{ needs.vars.outputs.latest-openssl-version }}
run: ./build-args.sh
- name: Generate Image Tags
env:
STEP: s1
IS_PULL_REQUEST: ${{ github.event_name == 'pull_request' }}
run: ./image-tags.sh
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
image: tonistiigi/binfmt:master
- name: Docker Setup Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Docker Login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker Login
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Build and push Docker images (step1 pinned)
uses: docker/build-push-action@v6
id: step1-pinned
with:
context: ./
file: ./docker/base/step1.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_PINNED }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step0.outputs.digest }}
RUST_VERSION=${{ env.RUST_VERSION }}
labels: |
tech.harmless.ink-cross.target="base/step1/${{ env.RUST_VERSION }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="${{ env.RUST_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (step1 stable)
uses: docker/build-push-action@v6
id: step1-stable
with:
context: ./
file: ./docker/base/step1.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_STABLE }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step0.outputs.digest }}
RUST_VERSION=stable
labels: |
tech.harmless.ink-cross.target="base/step1/stable"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="stable"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (step1 beta)
uses: docker/build-push-action@v6
id: step1-beta
with:
context: ./
file: ./docker/base/step1.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_BETA }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step0.outputs.digest }}
RUST_VERSION=beta
labels: |
tech.harmless.ink-cross.target="base/step1/beta"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="beta"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (step1 nightly)
uses: docker/build-push-action@v6
id: step1-nightly
with:
context: ./
file: ./docker/base/step1.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_NIGHTLY }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step0.outputs.digest }}
RUST_VERSION=nightly
labels: |
tech.harmless.ink-cross.target="base/step1/nightly"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="nightly"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }}
ink-cross-step2-clang:
runs-on: ubuntu-latest
needs: [ vars, ink-cross-step1 ]
permissions:
contents: read
packages: write
outputs:
digest-pinned: ${{ steps.step2-pinned.outputs.digest }}
digest-stable: ${{ steps.step2-stable.outputs.digest }}
digest-beta: ${{ steps.step2-beta.outputs.digest }}
digest-nightly: ${{ steps.step2-nightly.outputs.digest }}
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Free up space
run: ./ci/scripts/util_free_space.sh
- name: Vars
env:
BUILD_DATE: ${{ needs.vars.outputs.build-date }}
LATEST_RUST_VERSION: ${{ needs.vars.outputs.latest-rust-version }}
LATEST_OPENSSL_VERSION: ${{ needs.vars.outputs.latest-openssl-version }}
run: ./build-args.sh
- name: Generate Image Tags
env:
STEP: s2-clang
IS_PULL_REQUEST: ${{ github.event_name == 'pull_request' }}
run: ./image-tags.sh
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
image: tonistiigi/binfmt:master
- name: Docker Setup Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Docker Login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker Login
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Build and push Docker images (step2 pinned)
uses: docker/build-push-action@v6
id: step2-pinned
with:
context: ./
file: ./docker/base/step2-clang.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_PINNED }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step1.outputs.digest-pinned }}
LLVM_VERSION=${{ env.LLVM_VERSION }}
labels: |
tech.harmless.ink-cross.target="base/step2-clang/${{ env.LLVM_VERSION }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (step2 stable)
uses: docker/build-push-action@v6
id: step2-stable
with:
context: ./
file: ./docker/base/step2-clang.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_STABLE }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step1.outputs.digest-stable }}
LLVM_VERSION=${{ env.LLVM_VERSION }}
labels: |
tech.harmless.ink-cross.target="base/step2-clang/${{ env.LLVM_VERSION }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (step2 beta)
uses: docker/build-push-action@v6
id: step2-beta
with:
context: ./
file: ./docker/base/step2-clang.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_BETA }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step1.outputs.digest-beta }}
LLVM_VERSION=${{ env.LLVM_VERSION }}
labels: |
tech.harmless.ink-cross.target="base/step2-clang/${{ env.LLVM_VERSION }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (step2 nightly)
uses: docker/build-push-action@v6
id: step2-nightly
with:
context: ./
file: ./docker/base/step2-clang.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_NIGHTLY }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step1.outputs.digest-nightly }}
LLVM_VERSION=${{ env.LLVM_VERSION }}
labels: |
tech.harmless.ink-cross.target="base/step2-clang/${{ env.LLVM_VERSION }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }}
ink-cross:
strategy:
fail-fast: false
matrix:
include:
- target: aarch64-unknown-linux-gnu
platforms: linux/amd64,linux/arm64
- target: armv7-unknown-linux-gnueabihf
platforms: linux/amd64,linux/arm64
- target: powerpc64-unknown-linux-gnu
platforms: linux/amd64
- target: powerpc64le-unknown-linux-gnu
platforms: linux/amd64,linux/arm64
- target: riscv64gc-unknown-linux-gnu
platforms: linux/amd64,linux/arm64
- target: s390x-unknown-linux-gnu
platforms: linux/amd64,linux/arm64
- target: sparc64-unknown-linux-gnu
platforms: linux/amd64
- target: x86_64-unknown-linux-gnu
platforms: linux/amd64,linux/arm64
runs-on: ubuntu-latest
needs: [ vars, ink-cross-step1 ]
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Free up space
run: ./ci/scripts/util_free_space.sh
- name: Vars
env:
BUILD_DATE: ${{ needs.vars.outputs.build-date }}
LATEST_RUST_VERSION: ${{ needs.vars.outputs.latest-rust-version }}
LATEST_OPENSSL_VERSION: ${{ needs.vars.outputs.latest-openssl-version }}
run: ./build-args.sh
- name: Generate Image Tags
env:
STEP: target
IS_PULL_REQUEST: ${{ github.event_name == 'pull_request' }}
TARGET: ${{ matrix.target }}
run: ./image-tags.sh
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
image: tonistiigi/binfmt:master
- name: Docker Setup Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Docker Login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker Login
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Build and push Docker images (pinned)
if: ${{ matrix.nightly-only == '' }}
uses: docker/build-push-action@v6
with:
context: ./
file: ./docker/target/gnu/${{ matrix.target }}.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_PINNED }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step1.outputs.digest-pinned }}
OPENSSL_VERSION=${{ env.OPENSSL_VERSION }}
MUSL_VERSION=${{ env.MUSL_VERSION }}
FREEBSD_MAJOR=${{ env.FREEBSD_MAJOR }}
NETBSD_MAJOR=${{ env.NETBSD_MAJOR }}
OPENBSD_MAJOR=${{ env.OPENBSD_MAJOR }}
labels: |
tech.harmless.ink-cross.target="${{ matrix.target }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="${{ env.RUST_VERSION }}"
tech.harmless.ink-cross.version.cmake="${{ env.CMAKE_VERSION }}"
tech.harmless.ink-cross.version.openssl="${{ env.OPENSSL_VERSION }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: ${{ matrix.platforms }}
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (stable)
if: ${{ matrix.nightly-only == '' }}
uses: docker/build-push-action@v6
with:
context: ./
file: ./docker/target/gnu/${{ matrix.target }}.Dockerfile
cache-from: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_STABLE }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step1.outputs.digest-stable }}
OPENSSL_VERSION=${{ env.OPENSSL_VERSION }}
MUSL_VERSION=${{ env.MUSL_VERSION }}
FREEBSD_MAJOR=${{ env.FREEBSD_MAJOR }}
NETBSD_MAJOR=${{ env.NETBSD_MAJOR }}
OPENBSD_MAJOR=${{ env.OPENBSD_MAJOR }}
labels: |
tech.harmless.ink-cross.target="${{ matrix.target }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="stable"
tech.harmless.ink-cross.version.cmake="${{ env.CMAKE_VERSION }}"
tech.harmless.ink-cross.version.openssl="${{ env.OPENSSL_VERSION }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: ${{ matrix.platforms }}
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (beta)
if: ${{ matrix.nightly-only == '' }}
uses: docker/build-push-action@v6
with:
context: ./
file: ./docker/target/gnu/${{ matrix.target }}.Dockerfile
cache-from: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_BETA }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step1.outputs.digest-beta }}
OPENSSL_VERSION=${{ env.OPENSSL_VERSION }}
MUSL_VERSION=${{ env.MUSL_VERSION }}
FREEBSD_MAJOR=${{ env.FREEBSD_MAJOR }}
NETBSD_MAJOR=${{ env.NETBSD_MAJOR }}
OPENBSD_MAJOR=${{ env.OPENBSD_MAJOR }}
labels: |
tech.harmless.ink-cross.target="${{ matrix.target }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="beta"
tech.harmless.ink-cross.version.cmake="${{ env.CMAKE_VERSION }}"
tech.harmless.ink-cross.version.openssl="${{ env.OPENSSL_VERSION }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: ${{ matrix.platforms }}
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (nightly)
uses: docker/build-push-action@v6
with:
context: ./
file: ./docker/target/gnu/${{ matrix.target }}.Dockerfile
cache-from: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_NIGHTLY }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step1.outputs.digest-nightly }}
OPENSSL_VERSION=${{ env.OPENSSL_VERSION }}
MUSL_VERSION=${{ env.MUSL_VERSION }}
FREEBSD_MAJOR=${{ env.FREEBSD_MAJOR }}
NETBSD_MAJOR=${{ env.NETBSD_MAJOR }}
OPENBSD_MAJOR=${{ env.OPENBSD_MAJOR }}
labels: |
tech.harmless.ink-cross.target="${{ matrix.target }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="nightly"
tech.harmless.ink-cross.version.cmake="${{ env.CMAKE_VERSION }}"
tech.harmless.ink-cross.version.openssl="${{ env.OPENSSL_VERSION }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: ${{ matrix.platforms }}
builder: ${{ steps.buildx.outputs.name }}
ink-cross-clang:
strategy:
fail-fast: false
matrix:
include:
- target: aarch64-unknown-freebsd
platforms: linux/amd64,linux/arm64
nightly-only: true
- target: aarch64-unknown-linux-musl
platforms: linux/amd64,linux/arm64
- target: armv7-unknown-linux-musleabihf
platforms: linux/amd64,linux/arm64
- target: x86_64-unknown-freebsd
platforms: linux/amd64,linux/arm64
- target: x86_64-unknown-linux-musl
platforms: linux/amd64,linux/arm64
- target: x86_64-unknown-netbsd
platforms: linux/amd64,linux/arm64
- target: x86_64-unknown-openbsd
platforms: linux/amd64,linux/arm64
nightly-only: true
runs-on: ubuntu-latest
needs: [ vars, ink-cross-step2-clang ]
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Free up space
run: ./ci/scripts/util_free_space.sh
- name: Vars
env:
BUILD_DATE: ${{ needs.vars.outputs.build-date }}
LATEST_RUST_VERSION: ${{ needs.vars.outputs.latest-rust-version }}
LATEST_OPENSSL_VERSION: ${{ needs.vars.outputs.latest-openssl-version }}
run: ./build-args.sh
- name: Generate Image Tags
env:
STEP: target
IS_PULL_REQUEST: ${{ github.event_name == 'pull_request' }}
TARGET: ${{ matrix.target }}
run: ./image-tags.sh
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
image: tonistiigi/binfmt:master
- name: Docker Setup Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Docker Login
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker Login
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Build and push Docker images (pinned)
if: ${{ matrix.nightly-only == '' }}
uses: docker/build-push-action@v6
with:
context: ./
file: ./docker/target/clang/${{ matrix.target }}.Dockerfile
no-cache: true
cache-to: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_PINNED }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step2-clang.outputs.digest-pinned }}
OPENSSL_VERSION=${{ env.OPENSSL_VERSION }}
MUSL_VERSION=${{ env.MUSL_VERSION }}
FREEBSD_MAJOR=${{ env.FREEBSD_MAJOR }}
NETBSD_MAJOR=${{ env.NETBSD_MAJOR }}
OPENBSD_MAJOR=${{ env.OPENBSD_MAJOR }}
labels: |
tech.harmless.ink-cross.target="${{ matrix.target }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="${{ env.RUST_VERSION }}"
tech.harmless.ink-cross.version.cmake="${{ env.CMAKE_VERSION }}"
tech.harmless.ink-cross.version.openssl="${{ env.OPENSSL_VERSION }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: ${{ matrix.platforms }}
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (stable)
if: ${{ matrix.nightly-only == '' }}
uses: docker/build-push-action@v6
with:
context: ./
file: ./docker/target/clang/${{ matrix.target }}.Dockerfile
cache-from: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_STABLE }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step2-clang.outputs.digest-stable }}
OPENSSL_VERSION=${{ env.OPENSSL_VERSION }}
MUSL_VERSION=${{ env.MUSL_VERSION }}
FREEBSD_MAJOR=${{ env.FREEBSD_MAJOR }}
NETBSD_MAJOR=${{ env.NETBSD_MAJOR }}
OPENBSD_MAJOR=${{ env.OPENBSD_MAJOR }}
labels: |
tech.harmless.ink-cross.target="${{ matrix.target }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="stable"
tech.harmless.ink-cross.version.cmake="${{ env.CMAKE_VERSION }}"
tech.harmless.ink-cross.version.openssl="${{ env.OPENSSL_VERSION }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: ${{ matrix.platforms }}
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (beta)
if: ${{ matrix.nightly-only == '' }}
uses: docker/build-push-action@v6
with:
context: ./
file: ./docker/target/clang/${{ matrix.target }}.Dockerfile
cache-from: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_BETA }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step2-clang.outputs.digest-beta }}
OPENSSL_VERSION=${{ env.OPENSSL_VERSION }}
MUSL_VERSION=${{ env.MUSL_VERSION }}
FREEBSD_MAJOR=${{ env.FREEBSD_MAJOR }}
NETBSD_MAJOR=${{ env.NETBSD_MAJOR }}
OPENBSD_MAJOR=${{ env.OPENBSD_MAJOR }}
labels: |
tech.harmless.ink-cross.target="${{ matrix.target }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="beta"
tech.harmless.ink-cross.version.cmake="${{ env.CMAKE_VERSION }}"
tech.harmless.ink-cross.version.openssl="${{ env.OPENSSL_VERSION }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: ${{ matrix.platforms }}
builder: ${{ steps.buildx.outputs.name }}
- name: Build and push Docker images (nightly)
uses: docker/build-push-action@v6
with:
context: ./
file: ./docker/target/clang/${{ matrix.target }}.Dockerfile
cache-from: type=inline
pull: true
push: true
provenance: mode=max
sbom: true
tags: ${{ env.IMG_TAGS_NIGHTLY }}
build-args: |
IMG_BASE=${{ env.IMG_REPO }}@${{ needs.ink-cross-step2-clang.outputs.digest-nightly }}
OPENSSL_VERSION=${{ env.OPENSSL_VERSION }}
MUSL_VERSION=${{ env.MUSL_VERSION }}
FREEBSD_MAJOR=${{ env.FREEBSD_MAJOR }}
NETBSD_MAJOR=${{ env.NETBSD_MAJOR }}
OPENBSD_MAJOR=${{ env.OPENBSD_MAJOR }}
labels: |
tech.harmless.ink-cross.target="${{ matrix.target }}"
tech.harmless.ink-cross.pull_request_build="${{ github.event_name == 'pull_request' }}"
tech.harmless.ink-cross.run_number="${{ github.run_number }}"
tech.harmless.ink-cross.repo="${{ github.repositoryUrl }}"
tech.harmless.ink-cross.build_date="${{ env.BUILD_DATE }}"
tech.harmless.ink-cross.version.rust="nightly"
tech.harmless.ink-cross.version.cmake="${{ env.CMAKE_VERSION }}"
tech.harmless.ink-cross.version.openssl="${{ env.OPENSSL_VERSION }}"
tech.harmless.ink-cross.version.llvm="${{ env.LLVM_VERSION }}"
org.opencontainers.image.authors="harmless-tech, cargo-prebuilt"
org.opencontainers.image.source = "${{ github.server_url }}/${{ github.repository }}"
platforms: ${{ matrix.platforms }}
builder: ${{ steps.buildx.outputs.name }}