Skip to content

deps: s2n-quic and others #186

deps: s2n-quic and others

deps: s2n-quic and others #186

name: Release - Build and publish docker, and trigger package release
on:
push:
branches:
- "feat/*"
- "develop"
pull_request:
types: [closed]
branches:
- main
env:
GHCR: ghcr.io
GHCR_IMAGE_NAME: ${{ github.repository }}
DH_REGISTRY_NAME: jqtype/rpxy
jobs:
build_and_push:
runs-on: ubuntu-latest
if: ${{ github.event_name == 'push' }} || ${{ github.event_name == 'pull_request' && github.event.pull_request.merged == true }}
strategy:
fail-fast: false
matrix:
include:
- target: "default"
dockerfile: ./docker/Dockerfile
platforms: linux/amd64,linux/arm64
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:latest
ghcr.io/junkurihara/rust-rpxy:latest
- target: "default-pq"
dockerfile: ./docker/Dockerfile
platforms: linux/amd64,linux/arm64
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,rustls-backend,acme,post-quantum"
tags-suffix: "-pq"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:pq
ghcr.io/junkurihara/rust-rpxy:pq
- target: "default-slim"
dockerfile: ./docker/Dockerfile-slim
build-contexts: |
messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl
messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl
platforms: linux/amd64,linux/arm64
tags-suffix: "-slim"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:slim
ghcr.io/junkurihara/rust-rpxy:slim
- target: "default-slim-pq"
dockerfile: ./docker/Dockerfile-slim
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,rustls-backend,acme,post-quantum"
build-contexts: |
messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl
messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl
platforms: linux/amd64,linux/arm64
tags-suffix: "-slim-pq"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:slim-pq
ghcr.io/junkurihara/rust-rpxy:slim-pq
- target: "s2n"
dockerfile: ./docker/Dockerfile
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,rustls-backend,acme"
"ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
platforms: linux/amd64,linux/arm64
tags-suffix: "-s2n"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:s2n
ghcr.io/junkurihara/rust-rpxy:s2n
- target: "s2n-pq"
dockerfile: ./docker/Dockerfile
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,rustls-backend,acme,post-quantum"
"ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
platforms: linux/amd64,linux/arm64
tags-suffix: "-s2n-pq"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:s2n-pq
ghcr.io/junkurihara/rust-rpxy:s2n-pq
- target: "webpki-roots"
dockerfile: ./docker/Dockerfile
platforms: linux/amd64,linux/arm64
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,webpki-roots,acme"
tags-suffix: "-webpki-roots"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:webpki-roots
ghcr.io/junkurihara/rust-rpxy:webpki-roots
- target: "slim-webpki-roots"
dockerfile: ./docker/Dockerfile-slim
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,webpki-roots,acme"
build-contexts: |
messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl
messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl
platforms: linux/amd64,linux/arm64
tags-suffix: "-slim-webpki-roots"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:slim-webpki-roots
ghcr.io/junkurihara/rust-rpxy:slim-webpki-roots
- target: "s2n-webpki-roots"
dockerfile: ./docker/Dockerfile
build-args: |
"CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,webpki-roots,acme"
"ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++"
platforms: linux/amd64,linux/arm64
tags-suffix: "-s2n-webpki-roots"
# Aliases must be used only for release builds
aliases: |
jqtype/rpxy:s2n-webpki-roots
ghcr.io/junkurihara/rust-rpxy:s2n-webpki-roots
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: recursive
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.GHCR }}/${{ env.GHCR_IMAGE_NAME }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.GHCR }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# - name: Nightly build test on amd64 for pull requests
# if: ${{ github.event_name == 'pull_request' }}
# uses: docker/build-push-action@v6
# with:
# context: .
# build-args: ${{ matrix.build-args }}
# push: false
# build-contexts: ${{ matrix.build-contexts }}
# file: ${{ matrix.dockerfile }}
# cache-from: type=gha,scope=rpxy-nightly-${{ matrix.target }}
# cache-to: type=gha,mode=max,scope=rpxy-nightly-${{ matrix.target }}
# platforms: linux/amd64
# labels: ${{ steps.meta.outputs.labels }}
- name: Unstable build and push from develop branch
if: ${{ startsWith(github.ref_name, 'feat/') && (github.event_name == 'push') }}
uses: docker/build-push-action@v6
with:
context: .
build-args: ${{ matrix.build-args }}
push: true
tags: |
${{ env.GHCR }}/${{ env.GHCR_IMAGE_NAME }}:unstable${{ matrix.tags-suffix }}
${{ env.DH_REGISTRY_NAME }}:unstable${{ matrix.tags-suffix }}
build-contexts: ${{ matrix.build-contexts }}
file: ${{ matrix.dockerfile }}
cache-from: type=gha,scope=rpxy-unstable-${{ matrix.target }}
cache-to: type=gha,mode=max,scope=rpxy-unstable-${{ matrix.target }}
platforms: linux/amd64
labels: ${{ steps.meta.outputs.labels }}
- name: Nightly build and push from develop branch
if: ${{ (github.ref_name == 'develop') && (github.event_name == 'push') }}
uses: docker/build-push-action@v6
with:
context: .
build-args: ${{ matrix.build-args }}
push: true
tags: |
${{ env.GHCR }}/${{ env.GHCR_IMAGE_NAME }}:nightly${{ matrix.tags-suffix }}
${{ env.DH_REGISTRY_NAME }}:nightly${{ matrix.tags-suffix }}
build-contexts: ${{ matrix.build-contexts }}
file: ${{ matrix.dockerfile }}
cache-from: type=gha,scope=rpxy-nightly-${{ matrix.target }}
cache-to: type=gha,mode=max,scope=rpxy-nightly-${{ matrix.target }}
platforms: ${{ matrix.platforms }}
labels: ${{ steps.meta.outputs.labels }}
- name: Release build and push from main branch
if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref == 'develop' && github.event.pull_request.base.ref == 'main' && github.event.pull_request.merged == true }}
uses: docker/build-push-action@v6
with:
context: .
build-args: ${{ matrix.build-args }}
push: true
tags: |
${{ env.GHCR }}/${{ env.GHCR_IMAGE_NAME }}:latest${{ matrix.tags-suffix }}
${{ env.DH_REGISTRY_NAME }}:latest${{ matrix.tags-suffix }}
${{ matrix.aliases }}
build-contexts: ${{ matrix.build-contexts }}
file: ${{ matrix.dockerfile }}
cache-from: type=gha,scope=rpxy-latest-${{ matrix.target }}
cache-to: type=gha,mode=max,scope=rpxy-latest-${{ matrix.target }}
platforms: ${{ matrix.platforms }}
labels: ${{ steps.meta.outputs.labels }}
dispatch_release_event:
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref == 'develop' && github.event.pull_request.base.ref == 'main' && github.event.pull_request.merged == true }}
needs: build_and_push
steps:
- name: Repository dispatch for release
uses: peter-evans/repository-dispatch@v3
with:
event-type: release-event
client-payload: '{"ref": "${{ github.ref }}", "sha": "${{ github.sha }}", "pull_request": { "title": "${{ github.event.pull_request.title }}", "body": ${{ toJson(github.event.pull_request.body) }}, "number": "${{ github.event.pull_request.number }}", "head": "${{ github.event.pull_request.head.ref }}", "base": "${{ github.event.pull_request.base.ref}}"}}'