From 3fd2b7f9f6223bb95f18f74e5fc555781f8268d3 Mon Sep 17 00:00:00 2001 From: Jens Reidel Date: Wed, 26 Apr 2023 20:04:12 +0200 Subject: [PATCH] ci: Update workflows based on http-proxy's (#18) Add workflows for clippy, rustfmt, cargo check and rehaul the Docker Image creation. Images will now be pushed to ghcr.io instead of Docker Hub and are now mentioned in the README. --- .github/rust.json | 44 +++++++++++++ .github/workflows/ci.yml | 68 ++++++++++++++++++++ .github/workflows/docker.yml | 93 ++++++++++++++++++++++++++++ .github/workflows/publish.yml | 40 ------------ .github/workflows_disabled/audit.yml | 17 ----- .github/workflows_disabled/lint.yml | 50 --------------- .github/workflows_disabled/test.yml | 22 ------- Dockerfile | 19 ++++-- README.md | 6 +- 9 files changed, 223 insertions(+), 136 deletions(-) create mode 100644 .github/rust.json create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/docker.yml delete mode 100644 .github/workflows/publish.yml delete mode 100644 .github/workflows_disabled/audit.yml delete mode 100644 .github/workflows_disabled/lint.yml delete mode 100644 .github/workflows_disabled/test.yml diff --git a/.github/rust.json b/.github/rust.json new file mode 100644 index 0000000..b95bc0a --- /dev/null +++ b/.github/rust.json @@ -0,0 +1,44 @@ +{ + "problemMatcher": [ + { + "owner": "cargo-common", + "pattern": [ + { + "regexp": "^(warning|warn|error)(\\[(\\S*)\\])?: (.*)$", + "severity": 1, + "message": 4, + "code": 3 + }, + { + "regexp": "^\\s+-->\\s(\\S+):(\\d+):(\\d+)$", + "file": 1, + "line": 2, + "column": 3 + } + ] + }, + { + "owner": "cargo-test", + "pattern": [ + { + "regexp": "^.*panicked\\s+at\\s+'(.*)',\\s+(.*):(\\d+):(\\d+)$", + "message": 1, + "file": 2, + "line": 3, + "column": 4 + } + ] + }, + { + "owner": "cargo-fmt", + "pattern": [ + { + "regexp": "^(Diff in (\\S+)) at line (\\d+):", + "message": 1, + "file": 2, + "line": 3 + } + ] + } + ] +} \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..b9bd2d6 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,68 @@ +name: CI + +on: + workflow_dispatch: + pull_request: + push: + +jobs: + check: + name: check + runs-on: ubuntu-latest + + steps: + - name: Checkout sources + uses: actions/checkout@v3 + + - name: Install stable toolchain + id: toolchain + uses: dtolnay/rust-toolchain@master + with: + toolchain: stable + + - name: Setup cache + uses: Swatinem/rust-cache@v2 + + - run: cargo check + + clippy: + name: clippy + runs-on: ubuntu-latest + + steps: + - name: Checkout sources + uses: actions/checkout@v3 + + - name: Install stable toolchain + id: toolchain + uses: dtolnay/rust-toolchain@master + with: + toolchain: stable + components: clippy + + - name: Setup cache + uses: Swatinem/rust-cache@v2 + + - name: Add problem matchers + run: echo "::add-matcher::.github/rust.json" + + - name: Run clippy + run: cargo clippy --message-format=json + + rustfmt: + name: rustfmt + runs-on: ubuntu-latest + + steps: + - name: Checkout sources + uses: actions/checkout@v3 + + - name: Install stable toolchain + id: toolchain + uses: dtolnay/rust-toolchain@master + with: + toolchain: stable + components: rustfmt + + - name: Run cargo fmt + run: cargo fmt --all -- --check diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 0000000..73df3a4 --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,93 @@ +name: Docker build + +on: + workflow_dispatch: + pull_request: + push: + +jobs: + build-images: + name: Build Docker Images + runs-on: ubuntu-latest + strategy: + matrix: + include: + - tag: amd64 + arch: amd64 + rust-target: x86_64-unknown-linux-musl + musl-target: x86_64-linux-musl + - tag: armv8 + arch: armv8 + rust-target: aarch64-unknown-linux-musl + musl-target: aarch64-linux-musl + + steps: + # Podman 4.x is necessary here because it supports --platform=$BUILDPLATFORM. Otherwise, podman + # would pull the base image for aarch64 when building for aarch64. See https://github.com/containers/buildah/pull/3757 + # for the implementation. GitHub actions currently still ship Podman 3.x, even though 4.x has been + # out for over a year. + # The repository used is the same as GitHub actions uses for their source - just that it's the unstable version + # rather than the stable one. + # TODO: Once podman 4.x is available in actions by default (or in the Ubuntu repositories), remove this. + - name: Install podman 4.x + run: | + sudo mkdir -p /etc/apt/keyrings + curl -fsSL https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_$(lsb_release -rs)/Release.key \ + | gpg --dearmor \ + | sudo tee /etc/apt/keyrings/devel_kubic_libcontainers_unstable.gpg > /dev/null + echo \ + "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/devel_kubic_libcontainers_unstable.gpg]\ + https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_$(lsb_release -rs)/ /" \ + | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list > /dev/null + sudo apt -qq -y purge buildah podman + sudo apt -qq -y autoremove --purge + sudo apt update -qq + sudo apt -qq -y install podman + + - name: Checkout sources + uses: actions/checkout@v3 + + - name: Login to ghcr + if: github.ref == 'refs/heads/trunk' && github.event_name != 'pull_request' + run: | + echo "${{ secrets.GITHUB_TOKEN }}" | podman login -u ${{ github.repository_owner }} --password-stdin ghcr.io + + - name: Convert GITHUB_REPOSITORY into lowercase + run: | + echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV} + + - name: Build ${{ matrix.tag }} + run: | + podman build \ + --format docker \ + --arch ${{ matrix.arch }} \ + --build-arg RUST_TARGET=${{ matrix.rust-target }} \ + --build-arg MUSL_TARGET=${{ matrix.musl-target }} \ + -t gateway-queue:${{ matrix.tag }} \ + . + + - name: Push image to ghcr + if: github.ref == 'refs/heads/trunk' && github.event_name != 'pull_request' + run: | + podman tag gateway-queue:${{ matrix.tag }} ghcr.io/${REPO}:${{ matrix.tag }} + podman push ghcr.io/${REPO}:${{ matrix.tag }} + + create-manifest: + name: Create Docker manifests + runs-on: ubuntu-latest + needs: build-images + if: github.ref == 'refs/heads/trunk' && github.event_name != 'pull_request' + + steps: + - name: Login to ghcr + run: | + echo "${{ secrets.GITHUB_TOKEN }}" | podman login -u ${{ github.repository_owner }} --password-stdin ghcr.io + + - name: Convert GITHUB_REPOSITORY into lowercase + run: | + echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV} + + - name: Create manifest and push it + run: | + podman manifest create gateway-queue-latest docker://ghcr.io/${REPO}:amd64 docker://ghcr.io/${REPO}:armv8 + podman manifest push --format v2s2 gateway-queue-latest docker://ghcr.io/${REPO}:latest diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml deleted file mode 100644 index f180996..0000000 --- a/.github/workflows/publish.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Publish update -on: [push] - -jobs: - build: - name: Build & publish - env: - DOCKER_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} - DOCKER_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - DOCKER_TARGET_ACCOUNT: ${{ secrets.DOCKERHUB_TARGET }} - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v1 - - name: Enable experimental Docker features - run: | - mkdir -p ~/.docker - echo "{\"experimental\": \"enabled\"}" > ~/.docker/config.json - - name: Login to DockerHub - uses: docker/login-action@v1 - if: env.DOCKER_USERNAME - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Build for x86_64 - run: | - docker build -t gateway-queue:amd64 . - - name: Build for aarch64 - run: | - docker build --no-cache --build-arg RUST_TARGET=aarch64-unknown-linux-musl --build-arg MUSL_TARGET=aarch64-linux-musl -t gateway-queue:armv8 . - - name: Create manifest and push it - if: env.DOCKER_USERNAME - run: | - docker tag gateway-queue:amd64 ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:amd64 - docker tag gateway-queue:armv8 ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:armv8 - docker push ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:amd64 - docker push ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:armv8 - docker manifest create ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:latest ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:amd64 ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:armv8 - docker manifest annotate ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:latest ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:armv8 --os linux --arch arm64 - docker manifest push ${{ secrets.DOCKERHUB_TARGET }}/gateway-queue:latest diff --git a/.github/workflows_disabled/audit.yml b/.github/workflows_disabled/audit.yml deleted file mode 100644 index 6dfbcc4..0000000 --- a/.github/workflows_disabled/audit.yml +++ /dev/null @@ -1,17 +0,0 @@ -name: Cargo Audit - -on: - schedule: - - cron: "0 0 * * *" - push: - pull_request: - -jobs: - audit: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - name: Install cargo-audit - run: cargo install cargo-audit - - name: Run cargo-audit - run: cargo audit diff --git a/.github/workflows_disabled/lint.yml b/.github/workflows_disabled/lint.yml deleted file mode 100644 index 48ad87a..0000000 --- a/.github/workflows_disabled/lint.yml +++ /dev/null @@ -1,50 +0,0 @@ -on: [push, pull_request] - -name: Lint - -jobs: - clippy: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - id: component - uses: actions-rs/components-nightly@v1 - with: - component: clippy - - uses: actions-rs/toolchain@v1 - with: - toolchain: ${{ steps.component.outputs.toolchain }} - override: true - - run: rustup component add clippy - - uses: actions-rs/clippy-check@v1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - args: --all-features - rustfmt: - name: Format - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v1 - - - id: component - name: Search for latest stable rustfmt - uses: actions-rs/components-stable@v1 - with: - target: x86_64-unknown-linux-gnu - component: rustfmt - - - name: Install stable toolchain with rustfmt available - uses: actions-rs/toolchain@v1 - with: - toolchain: ${{ steps.component.outputs.toolchain }} - override: true - - - name: Install rustfmt - run: rustup component add rustfmt - - - name: Run cargo fmt - uses: actions-rs/cargo@v1 - with: - command: fmt - args: --all -- --check diff --git a/.github/workflows_disabled/test.yml b/.github/workflows_disabled/test.yml deleted file mode 100644 index 558b13e..0000000 --- a/.github/workflows_disabled/test.yml +++ /dev/null @@ -1,22 +0,0 @@ -on: [push, pull_request] - -name: Test - -jobs: - check: - name: Check - runs-on: ubuntu-latest - steps: - - name: Checkout sources - uses: actions/checkout@v1 - - - name: Install stable toolchain - uses: actions-rs/toolchain@v1 - with: - toolchain: stable - override: true - - - name: Run cargo check - uses: actions-rs/cargo@v1 - with: - command: check diff --git a/Dockerfile b/Dockerfile index 2c86f05..9fbbe9e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ ARG RUST_TARGET="x86_64-unknown-linux-musl" # Musl target, either x86_64-linux-musl, aarch64-linux-musl, arm-linux-musleabi, etc. ARG MUSL_TARGET="x86_64-linux-musl" -FROM alpine:latest as build +FROM --platform=$BUILDPLATFORM docker.io/alpine:latest as build ARG RUST_TARGET ARG MUSL_TARGET @@ -21,11 +21,22 @@ RUN source $HOME/.cargo/env && \ ln -s "/$MUSL_TARGET-cross/bin/$MUSL_TARGET-ld" "/usr/bin/$MUSL_TARGET-ld" && \ ln -s "/$MUSL_TARGET-cross/bin/$MUSL_TARGET-strip" "/usr/bin/actual-strip" && \ GCC_VERSION=$($MUSL_TARGET-gcc --version | grep gcc | awk '{print $3}') && \ - echo -e "[build]\nrustflags = [\"-L\", \"native=/$MUSL_TARGET-cross/$MUSL_TARGET/lib\", \"-L\", \"native=/$MUSL_TARGET-cross/lib/gcc/$MUSL_TARGET/$GCC_VERSION/\", \"-l\", \"static=gcc\", \"-Z\", \"gcc-ld=lld\"]\n[target.$RUST_TARGET]\nlinker = \"$MUSL_TARGET-gcc\"\n[unstable]\nbuild-std = [\"std\", \"panic_abort\"]\n" > /app/.cargo/config; \ + echo -e "\ +[build]\n\ +rustflags = [\"-L\", \"native=/$MUSL_TARGET-cross/$MUSL_TARGET/lib\", \"-L\", \"native=/$MUSL_TARGET-cross/lib/gcc/$MUSL_TARGET/$GCC_VERSION/\", \"-l\", \"static=gcc\", \"-Z\", \"gcc-ld=lld\"]\n\ +[target.$RUST_TARGET]\n\ +linker = \"$MUSL_TARGET-gcc\"\n\ +[unstable]\n\ +build-std = [\"std\", \"panic_abort\"]\n\ +" > /app/.cargo/config; \ else \ echo "skipping toolchain as we are native" && \ - - echo -e "[build]\nrustflags = [\"-L\", \"native=/usr/lib\"]\n[unstable]\nbuild-std = [\"std\", \"panic_abort\"]\n" > /app/.cargo/config && \ + echo -e "\ +[build]\n\ +rustflags = [\"-L\", \"native=/usr/lib\"]\n\ +[unstable]\n\ +build-std = [\"std\", \"panic_abort\"]\n\ +" > /app/.cargo/config && \ ln -s /usr/bin/strip /usr/bin/actual-strip; \ fi diff --git a/README.md b/README.md index ffcfe7e..ae95c63 100644 --- a/README.md +++ b/README.md @@ -50,11 +50,10 @@ reqwest::get("http://gateway-queue?shard=42").await?; ### Running it -If you're using Docker, you can clone the repo and run: +If you're using Docker, you can use the prebuilt Docker images from [Github's container registry]. ```sh -$ docker build . -t twilight-gateway-queue -$ docker run -itd -e HOST=0.0.0.0 -e PORT=5000 twilight-gateway-queue +$ docker run -itd -e HOST=0.0.0.0 -e PORT=5000 ghcr.io/twilight-rs/gateway-queue ``` If you're not, you can compile it via Cargo: @@ -70,6 +69,7 @@ $ HOST=0.0.0.0 PORT=5000 ./target/release/twilight-gateway-queue [ci]: https://github.com/twilight-rs/gateway-queue/actions [docs]: https://twilight-rs.github.io/chapter_3_services/section_5_gateway_queue.html [docs-badge]: https://img.shields.io/badge/docs-online-5023dd.svg?style=flat-square +[Github's container registry]: https://github.com/twilight-rs/gateway-queue/pkgs/container/gateway-queue [license-badge]: https://img.shields.io/badge/license-ISC-blue.svg?style=flat-square [license]: https://opensource.org/licenses/ISC [LICENSE.md]: https://github.com/twilight-rs/gateway-queue/blob/master/LICENSE.md