name: Docker Static on: push: branches: - 'main' release: types: - 'published' pull_request: branches: - 'main' workflow_dispatch: inputs: msg: description: "Set message" default: "Manual trigger" env: CARGO_TERM_COLOR: always # In total 5 jobs, all the jobs are containerized # --- ####################################################################################### # GitHub actions randomly timeout when downloading musl-gcc # # Using lldap dev image based on https://hub.docker.com/_/rust and musl-gcc bundled # # Look into .github/workflows/Dockerfile.dev for development image details # ####################################################################################### # build-ui , create/compile the web ### install wasm ### install rollup ### run app/build.sh ### upload artifacts # builds-armhf, build-aarch64, build-amd64 create binary for respective arch ### Add non-native architecture dpkg --add-architecture XXX ### Install dev tool gcc g++, etc. per respective arch ### Cargo build ### Upload artifacts ## the CARGO_ env #CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc # This will determine which architecture lib will be used. # build-ui,builds-armhf, build-aarch64, build-amd64 will upload artifacts will be used next job # build-docker-image job will fetch artifacts and run Dockerfile.ci then push the image. # cache based on Cargo.lock jobs: build-ui: runs-on: ubuntu-latest container: image: nitnelave/rust-dev:latest steps: - name: Checkout repository uses: actions/checkout@v3.3.0 - uses: actions/cache@v3 with: path: | /usr/local/cargo/bin /usr/local/cargo/registry/index /usr/local/cargo/registry/cache /usr/local/cargo/git/db target key: lldap-ui-${{ hashFiles('**/Cargo.lock') }} restore-keys: | lldap-ui- - name: install rollup nodejs run: npm install -g rollup - name: add wasm target run: rustup target add wasm32-unknown-unknown - name: install wasm-pack with cargo run: cargo install wasm-pack || true env: RUSTFLAGS: "" - name: build frontend run: ./app/build.sh - name: check path run: ls -al app/ - name: upload ui artifacts uses: actions/upload-artifact@v3 with: name: ui path: app/ build-armhf: runs-on: ubuntu-latest container: image: nitnelave/rust-dev:latest env: CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc CARGO_TARGET_ARMV7_UNKNOWN_LINUX_MUSLEABIHF_LINKER: arm-linux-gnueabihf-ld CARGO_TERM_COLOR: always RUSTFLAGS: -Ctarget-feature=-crt-static CARGO_HOME: ${GITHUB_WORKSPACE}/.cargo steps: - name: add armhf architecture run: dpkg --add-architecture armhf - name: install runtime run: apt update && apt install -y gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf libc6-armhf-cross libc6-dev-armhf-cross tar ca-certificates - name: add armhf target run: rustup target add armv7-unknown-linux-gnueabihf - name: Checkout repository uses: actions/checkout@v3.3.0 - uses: actions/cache@v3 with: path: | .cargo/bin .cargo/registry/index .cargo/registry/cache .cargo/git/db target key: lldap-bin-armhf-${{ hashFiles('**/Cargo.lock') }} restore-keys: | lldap-bin-armhf- - name: compile armhf run: cargo build --target=armv7-unknown-linux-gnueabihf --release -p lldap -p migration-tool - name: check path run: ls -al target/release - name: upload armhf lldap artifacts uses: actions/upload-artifact@v3 with: name: armhf-lldap-bin path: target/armv7-unknown-linux-gnueabihf/release/lldap - name: upload armhfmigration-tool artifacts uses: actions/upload-artifact@v3 with: name: armhf-migration-tool-bin path: target/armv7-unknown-linux-gnueabihf/release/migration-tool build-aarch64: runs-on: ubuntu-latest container: image: nitnelave/rust-dev:latest env: CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_LINKER: aarch64-linux-musl-gcc CARGO_TERM_COLOR: always RUSTFLAGS: -Ctarget-feature=+crt-static CARGO_HOME: ${GITHUB_WORKSPACE}/.cargo steps: - name: Checkout repository uses: actions/checkout@v3.3.0 - uses: actions/cache@v3 with: path: | .cargo/bin .cargo/registry/index .cargo/registry/cache .cargo/git/db target key: lldap-bin-aarch64-${{ hashFiles('**/Cargo.lock') }} restore-keys: | lldap-bin-aarch64- # - name: fetch musl-gcc # run: | # wget -c https://musl.cc/aarch64-linux-musl-cross.tgz # tar zxf ./x86_64-linux-musl-cross.tgz -C /opt # echo "/opt/aarch64-linux-musl-cross:/opt/aarch64-linux-musl-cross/bin" >> $GITHUB_PATH - name: add musl aarch64 target run: rustup target add aarch64-unknown-linux-musl - name: build lldap aarch4 run: cargo build --target=aarch64-unknown-linux-musl --release -p lldap -p migration-tool - name: check path run: ls -al target/aarch64-unknown-linux-musl/release/ - name: upload aarch64 lldap artifacts uses: actions/upload-artifact@v3 with: name: aarch64-lldap-bin path: target/aarch64-unknown-linux-musl/release/lldap - name: upload aarch64 migration-tool artifacts uses: actions/upload-artifact@v3 with: name: aarch64-migration-tool-bin path: target/aarch64-unknown-linux-musl/release/migration-tool build-amd64: runs-on: ubuntu-latest container: image: nitnelave/rust-dev:latest env: CARGO_TERM_COLOR: always RUSTFLAGS: -Ctarget-feature=+crt-static CARGO_HOME: ${GITHUB_WORKSPACE}/.cargo CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_LINKER: x86_64-linux-musl-gcc steps: - name: Checkout repository uses: actions/checkout@v3.3.0 - uses: actions/cache@v3 with: path: | .cargo/bin .cargo/registry/index .cargo/registry/cache .cargo/git/db target key: lldap-bin-amd64-${{ hashFiles('**/Cargo.lock') }} restore-keys: | lldap-bin-amd64- - name: install musl run: apt update && apt install -y musl-tools tar wget # - name: fetch musl-gcc # run: | # wget -c https://musl.cc/x86_64-linux-musl-cross.tgz # tar zxf ./x86_64-linux-musl-cross.tgz -C /opt # echo "/opt/x86_64-linux-musl-cross:/opt/x86_64-linux-musl-cross/bin" >> $GITHUB_PATH - name: add x86_64 target run: rustup target add x86_64-unknown-linux-musl - name: build x86_64 lldap run: cargo build --target=x86_64-unknown-linux-musl --release -p lldap -p migration-tool - name: check path run: ls -al target/x86_64-unknown-linux-musl/release/ - name: upload amd64 lldap artifacts uses: actions/upload-artifact@v3 with: name: amd64-lldap-bin path: target/x86_64-unknown-linux-musl/release/lldap - name: upload amd64 migration-tool artifacts uses: actions/upload-artifact@v3 with: name: amd64-migration-tool-bin path: target/x86_64-unknown-linux-musl/release/migration-tool build-docker-image: needs: [build-ui,build-armhf,build-aarch64,build-amd64] name: Build Docker image runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: install rsync run: sudo apt update && sudo apt install -y rsync - name: fetch repo uses: actions/checkout@v3.3.0 - name: Download All Artifacts uses: actions/download-artifact@v3 with: path: bin - name: Download llap ui artifacts uses: actions/download-artifact@v3 with: name: ui path: web - name: setup qemu uses: docker/setup-qemu-action@v2 - uses: docker/setup-buildx-action@v2 - name: Docker meta id: meta uses: docker/metadata-action@v4 with: # list of Docker images to use as base name for tags images: | nitnelave/lldap # generate Docker tags based on the following events/attributes tags: | type=ref,event=branch type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} type=sha - name: Cache Docker layers uses: actions/cache@v3 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - name: parse tag uses: gacts/github-slug@v1 id: slug - name: Login to Docker Hub if: github.event_name != 'pull_request' uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} ######################################## #### docker image :latest tag build #### ######################################## - name: Build and push latest alpine if: github.event_name != 'release' uses: docker/build-push-action@v3 with: context: . push: ${{ github.event_name != 'pull_request' }} platforms: linux/amd64,linux/arm64 file: ./.github/workflows/Dockerfile.ci.alpine tags: nitnelave/lldap:latest, nitnelave/lldap:latest-alpine cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new - name: Build and push latest debian if: github.event_name != 'release' uses: docker/build-push-action@v3 with: context: . push: ${{ github.event_name != 'pull_request' }} platforms: linux/amd64,linux/arm64,linux/arm/v7 file: ./.github/workflows/Dockerfile.ci.debian tags: nitnelave/lldap:latest-debian cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new ######################################## #### docker image :semver tag build #### ######################################## - name: Build and push release alpine if: github.event_name == 'release' uses: docker/build-push-action@v3 with: context: . platforms: linux/amd64,linux/arm64 push: true # Tag as latest, stable, semver, major, major.minor and major.minor.patch. file: ./.github/workflows/Dockerfile.ci.alpine tags: nitnelave/lldap:stable, nitnelave/lldap:stable-alpine, nitnelave/lldap:v${{ steps.slug.outputs.version-semantic }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}.${{ steps.slug.outputs.version-patch }}, nitnelave/lldap:v${{ steps.slug.outputs.version-semantic }}-alpine, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}-alpine, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}-alpine.${{ steps.slug.outputs.version-minor }}-alpine, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}.${{ steps.slug.outputs.version-patch }}-alpine cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new - name: Build and push release debian if: github.event_name == 'release' uses: docker/build-push-action@v3 with: context: . platforms: linux/amd64,linux/arm64,linux/arm/v7 push: true # Tag as latest, stable, semver, major, major.minor and major.minor.patch. file: ./.github/workflows/Dockerfile.ci.debian tags: nitnelave/lldap:stable-debian, nitnelave/lldap:v${{ steps.slug.outputs.version-semantic }}-debian, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}-debian, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}-debian, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}.${{ steps.slug.outputs.version-patch }}-debian cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new - name: Move cache run: rsync -r /tmp/.buildx-cache-new /tmp/.buildx-cache --delete - name: Update repo description if: github.event_name != 'pull_request' uses: peter-evans/dockerhub-description@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} repository: nitnelave/lldap ############################################################### ### Download artifacts, clean up ui, upload to release page ### ############################################################### create-release-artifacts: needs: [build-ui,build-armhf,build-aarch64,build-amd64] name: Create release artifacts if: github.event_name == 'release' runs-on: ubuntu-latest steps: - name: Download All Artifacts uses: actions/download-artifact@v3 with: path: bin/ - name: Check file run: ls -alR bin/ - name: Fixing Filename run: | mv bin/aarch64-lldap-bin/lldap bin/aarch64-lldap mv bin/amd64-lldap-bin/lldap bin/amd64-lldap mv bin/armhf-lldap-bin/lldap bin/armhf-lldap mv bin/aarch64-migration-tool-bin/migration-tool bin/aarch64-migration-tool mv bin/amd64-migration-tool-bin/migration-tool bin/amd64-migration-tool mv bin/armhf-migration-tool-bin/migration-tool bin/armhf-migration-tool chmod +x bin/*-lldap chmod +x bin/*-migration-tool - name: Download llap ui artifacts uses: actions/download-artifact@v3 with: name: ui path: web - name: Web Cleanup run: mkdir app && mv web/index.html app/index.html && mv web/static app/static && mv web/pkg app/pkg - name: Fetch web components run: | sudo apt update sudo apt install wget for file in $(cat app/static/libraries.txt); do wget -P app/static "$file"; done for file in $(cat app/static/fonts/fonts.txt); do wget -P app/static/fonts "$file"; done chmod a+r -R . - name: Setup LLDAP dir for packing run: | mkdir aarch64-lldap mkdir amd64-lldap mkdir armhf-lldap mv bin/aarch64-lldap aarch64-lldap/lldap mv bin/amd64-lldap amd64-lldap/lldap mv bin/armhf-lldap armhf-lldap/lldap mv bin/aarch64-migration-tool aarch64-lldap/migration-tool mv bin/amd64-migration-tool amd64-lldap/migration-tool mv bin/armhf-migration-tool armhf-lldap/migration-tool cp -r app aarch64-lldap/ cp -r app amd64-lldap/ cp -r app armhf-lldap/ ls -alR aarch64-lldap/ ls -alR amd64-lldap/ ls -alR armhf-lldap/ - name: Compress run: | tar -czvf aarch64-lldap.tar.gz aarch64-lldap/ tar -czvf amd64-lldap.tar.gz amd64-lldap/ tar -czvf armhf-lldap.tar.gz armhf-lldap/ - name: Upload artifacts release uses: ncipollo/release-action@v1 id: create_release with: allowUpdates: true artifacts: aarch64-lldap.tar.gz, amd64-lldap.tar.gz, armhf-lldap.tar.gz env: GITHUB_TOKEN: ${{ github.token }}