try Docker build workflow

Signed-off-by: Kingdon Barrett <[email protected]>

Author: kingdonb

.github/workflows/deploy.yml

@@ -63,22 +63,51 @@ jobs:
         uses: fermyon/actions/spin/setup@v1
 
       # Push: WASM
-      - name: Push to OCI
-        id: push
-        uses: fermyon/actions/spin/push@v1
+      # - name: Push to OCI
+      #   id: push
+      #   uses: fermyon/actions/spin/push@v1
+      #   with:
+      #     registry: ghcr.io
+      #     registry_username: ${{ github.actor }}
+      #     registry_password: ${{ secrets.GITHUB_TOKEN }}
+      #     registry_reference: "ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-2"
+      #     manifest_file: spin.toml
+
+      # Push: Docker WASM (alternate while spin registry push cannot be used)
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: setup buildx
+        uses: docker/setup-buildx-action@v3
+      - name: login to GitHub container registry
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
-          registry_username: ${{ github.actor }}
-          registry_password: ${{ secrets.GITHUB_TOKEN }}
-          registry_reference: "ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-2"
-          manifest_file: spin.toml
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-      # Deploy:
-      - name: Deploy to Fermyon Cloud
-        uses: fermyon/actions/spin/deploy@v1
+      - name: enable containerd image store
+        run: |
+          echo '{ "features": { "containerd-snapshotter": true } }' | sudo tee /etc/docker/daemon.json
+          sudo systemctl restart docker
+
+      # Copied from https://github.com/spinkube/containerd-shim-spin/blob/main/.github/workflows/docker-build-push.yaml
+      - name: build and push
+        uses: docker/build-push-action@v5
         with:
-          fermyon_token: ${{ secrets.FERMYON_CLOUD_TOKEN }}
-          run_build: false
+          push: true
+          tags: |
+            ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-3
+            ghcr.io/kingdon-ci/flux-docs/build:latest
+          context: .
+          platforms: wasi/wasm
+          provenance: false
+
+      # Deploy:
+      # - name: Deploy to Fermyon Cloud
+      #   uses: fermyon/actions/spin/deploy@v1
+      #   with:
+      #     fermyon_token: ${{ secrets.FERMYON_CLOUD_TOKEN }}
+      #     run_build: false
 
       - name: Set up Flux CLI
         uses: fluxcd/flux2/[email protected]
@@ -87,16 +116,23 @@ jobs:
       - name: Set Image (Kustomize SpinApp)
         run: |
           pushd deploy/spin-app
-            kustomize edit set image flux-docs/build=ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-2
+            kustomize edit set image flux-docs/build=ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-3
           popd
 
       # Login: GHCR
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+      #(Moved up to Docker build action while spin registry push is not viable for us)
+      # - name: Login to GitHub Container Registry
+      #   uses: docker/login-action@v3
+      #   with:
+      #     registry: ghcr.io
+      #     username: ${{ github.actor }}
+      #     password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Install cosign
+        uses: sigstore/[email protected]
+
+      - name: Cosign version
+        run: cosign version
 
       # Push: Kubernetes (Flux App)
       - name: Push manifests
@@ -108,12 +144,6 @@ jobs:
           --revision="${{ github.ref_name }}@sha1:${{ github.sha }}" \
           --annotations='org.opencontainers.image.description=Fluxcd.io website SpinKube manifests'
 
-      - name: Install cosign
-        uses: sigstore/[email protected]
-
-      - name: Cosign version
-        run: cosign version
-
       # Sign: Kubernetes manifests
       - name: Sign OCI YAML manifests
         run: |
@@ -124,4 +154,4 @@ jobs:
       - name: Sign OCI WASM artifact
         run: |
           # keyless mode
-          cosign sign ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-2 -y
+          cosign sign ghcr.io/kingdon-ci/flux-docs/build:${{ github.run_id }}-3 -y

Dockerfile

@@ -0,0 +1,12 @@
+# FROM --platform=${BUILDPLATFORM}
+FROM --platform=linux/arm64 golang:1.21.3-bullseye AS build-go
+WORKDIR /opt/build
+COPY spin.toml .
+RUN curl -LO https://github.com/fermyon/spin-fileserver/releases/download/v0.2.1/spin_static_fs.wasm
+RUN mkdir website
+COPY website/public/ website/public/
+
+FROM scratch
+COPY --from=build-go /opt/build/spin_static_fs.wasm .
+COPY --from=build-go /opt/build/spin.toml .
+COPY --from=build-go /opt/build/website .

spin.toml

@@ -12,5 +12,6 @@ route = "/..."
 component = "docs"
 
 [component.docs]
-source = { url = "https://github.com/fermyon/spin-fileserver/releases/download/v0.2.1/spin_static_fs.wasm", digest = "sha256:5f05b15f0f7cd353d390bc5ebffec7fe25c6a6d7a05b9366c86dcb1a346e9f0f" }
+# source = { url = "https://github.com/fermyon/spin-fileserver/releases/download/v0.2.1/spin_static_fs.wasm", digest = "sha256:5f05b15f0f7cd353d390bc5ebffec7fe25c6a6d7a05b9366c86dcb1a346e9f0f" }
+source = "spin_static_fs.wasm"
 files = [{ source = "website/public", destination = "/" }]