diff --git a/.github/workflows/build_container.yml b/.github/workflows/build_container.yml index 3da225b..006c622 100644 --- a/.github/workflows/build_container.yml +++ b/.github/workflows/build_container.yml @@ -16,7 +16,8 @@ jobs: setup-matrix: runs-on: ubuntu-latest outputs: - matrix: ${{ steps.set-matrix.outputs.matrix }} + build_matrix: ${{ steps.set-build-matrix.outputs.build_matrix }} + tag_matrix: ${{ steps.set-tag-matrix.outputs.tag_matrix }} steps: - name: Source checkout uses: actions/checkout@v5 @@ -24,63 +25,20 @@ jobs: - name: 'Setup yq' uses: dcarbone/install-yq-action@v1.3.1 - - id: set-matrix - run: echo "matrix=$(yq -o json build_versions.yaml | jq -c)" >> $GITHUB_OUTPUT + - id: set-build-matrix + run: echo "build_matrix=$(bash matrix.sh build)" >> $GITHUB_OUTPUT - build-X86-container: - runs-on: ubuntu-24.04 - permissions: - contents: read - packages: write - needs: setup-matrix - strategy: - matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }} - steps: - - id: server_version - run: echo "server_version=${{ matrix.server_version }}" | cut -d- -f1 >> $GITHUB_OUTPUT - - - id: db_version - run: echo "db_version=${{ matrix.db_version }}" | cut -d- -f1 >> $GITHUB_OUTPUT - - - name: Build OpenVox Server ${{ matrix.release }} container - uses: voxpupuli/gha-build-and-publish-a-container@v2 - with: - registry_password: ${{ secrets.GITHUB_TOKEN }} - build_args: | - OPENVOX_RELEASE=${{ matrix.release }} - OPENVOXSERVER_VERSION=${{ matrix.server_version }} - OPENVOXDB_VERSION=${{ matrix.db_version }} - R10K_VERSION=${{ matrix.r10k_version }} - RUGGED_VERSION=${{ matrix.rugged_version }} - build_arch: linux/amd64 - build_context: openvoxserver - buildfile: openvoxserver/Containerfile - tags: | - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64 - - - name: Build Alpine OpenVox Server ${{ matrix.release }} container - uses: voxpupuli/gha-build-and-publish-a-container@v2 - with: - registry_password: ${{ secrets.GITHUB_TOKEN }} - build_args: | - OPENVOX_RELEASE=${{ matrix.release }} - OPENVOXSERVER_VERSION=${{ steps.server_version.outputs.server_version }} - OPENVOXDB_VERSION=${{ steps.db_version.outputs.db_version }} - R10K_VERSION=${{ matrix.r10k_version }} - build_arch: linux/amd64 - build_context: openvoxserver - buildfile: openvoxserver/Containerfile.alpine - tags: | - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine + - id: set-tag-matrix + run: echo "tag_matrix=$(bash matrix.sh tag)" >> $GITHUB_OUTPUT - build-ARM-container: - runs-on: ubuntu-24.04-arm + build-and-push-container: + runs-on: ${{ matrix.runner }} permissions: contents: read packages: write needs: setup-matrix strategy: - matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }} + matrix: ${{ fromJson(needs.setup-matrix.outputs.build_matrix) }} steps: - id: server_version run: echo "server_version=${{ matrix.server_version }}" | cut -d- -f1 >> $GITHUB_OUTPUT @@ -98,11 +56,11 @@ jobs: OPENVOXDB_VERSION=${{ matrix.db_version }} R10K_VERSION=${{ matrix.r10k_version }} RUGGED_VERSION=${{ matrix.rugged_version }} - build_arch: linux/arm64 + build_arch: linux/${{ matrix.platform }} build_context: openvoxserver buildfile: openvoxserver/Containerfile tags: | - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64 + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-${{ matrix.platform }} - name: Build Alpine OpenVox Server ${{ matrix.release }} container uses: voxpupuli/gha-build-and-publish-a-container@v2 @@ -113,11 +71,11 @@ jobs: OPENVOXSERVER_VERSION=${{ steps.server_version.outputs.server_version }} OPENVOXDB_VERSION=${{ steps.db_version.outputs.db_version }} R10K_VERSION=${{ matrix.r10k_version }} - build_arch: linux/arm64 + build_arch: linux/${{ matrix.platform }} build_context: openvoxserver buildfile: openvoxserver/Containerfile.alpine tags: | - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-${{ matrix.platform }}-alpine create-multi-arch-manifests: runs-on: ubuntu-latest @@ -126,10 +84,9 @@ jobs: packages: write needs: - setup-matrix - - build-X86-container - - build-ARM-container + - build-and-push-container strategy: - matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }} + matrix: ${{ fromJson(needs.setup-matrix.outputs.tag_matrix) }} steps: - name: Log in to the ghcr.io registry uses: docker/login-action@v3 @@ -155,56 +112,56 @@ jobs: run: | docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:${{ steps.server_version.outputs.server_version }}-${{ github.ref_name }} \ ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64 \ - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64 + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-amd64 docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }} \ ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64 \ - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64 + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-amd64 docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:latest \ ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-arm64 \ - ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-x86_64 + ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-amd64 # on docker.io we use the voxpupuli namespace because new organizations are not free anymore # docker buildx imagetools create -t docker.io/voxpupuli/openvoxserver:${{ steps.server_version.outputs.server_version }}-${{ github.ref_name }} \ ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64 \ - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64 + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-amd64 docker buildx imagetools create -t docker.io/voxpupuli/openvoxserver:${{ matrix.release }} \ ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64 \ - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64 + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-amd64 docker buildx imagetools create -t docker.io/voxpupuli/openvoxserver:latest \ ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-arm64 \ - ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-x86_64 + ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-amd64 - name: Create Alpine multi arch manifests run: | docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:${{ steps.server_version.outputs.server_version }}-${{ github.ref_name }}-alpine-beta \ ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine \ - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-amd64-alpine docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-alpine-beta \ ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine \ - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-amd64-alpine docker buildx imagetools create -t ghcr.io/openvoxproject/openvoxserver:latest-alpine-beta \ ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-arm64-alpine \ - ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-x86_64-alpine + ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-amd64-alpine # on docker.io we use the voxpupuli namespace because new organizations are not free anymore docker buildx imagetools create -t docker.io/voxpupuli/openvoxserver:${{ steps.server_version.outputs.server_version }}-${{ github.ref_name }}-alpine-beta \ ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine \ - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-amd64-alpine docker buildx imagetools create -t docker.io/voxpupuli/openvoxserver:${{ matrix.release }}-alpine-beta \ ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-arm64-alpine \ - ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-x86_64-alpine + ghcr.io/openvoxproject/openvoxserver:${{ matrix.release }}-${{ github.sha }}-amd64-alpine docker buildx imagetools create -t docker.io/voxpupuli/openvoxserver:latest-alpine-beta \ ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-arm64-alpine \ - ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-x86_64-alpine + ghcr.io/openvoxproject/openvoxserver:8-${{ github.sha }}-amd64-alpine update-dockerhub-description: runs-on: ubuntu-latest diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 391aef5..ea427f6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,5 +1,5 @@ --- -name: CI🚦 +name: 🚦 CI on: pull_request: @@ -14,7 +14,7 @@ jobs: setup-matrix: runs-on: ubuntu-latest outputs: - matrix: ${{ steps.set-matrix.outputs.matrix }} + build_matrix: ${{ steps.set-build-matrix.outputs.build_matrix }} steps: - name: Source checkout uses: actions/checkout@v5 @@ -22,27 +22,19 @@ jobs: - name: 'Setup yq' uses: dcarbone/install-yq-action@v1.3.1 - - id: set-matrix - run: echo "matrix=$(yq -o json build_versions.yaml | jq -c)" >> $GITHUB_OUTPUT + - id: set-build-matrix + run: echo "build_matrix=$(bash matrix.sh build)" >> $GITHUB_OUTPUT - general_ci: + build_ci_container: + name: Build ${{ matrix.platform }} CI container + runs-on: ${{ matrix.runner }} permissions: - # required for all workflows security-events: write - - # only required for workflows in private repositories actions: read contents: read - uses: voxpupuli/crafty/.github/workflows/general_ci.yaml@main - with: - shellcheck_scan_dir: './openvoxserver' - - build_test_container: - name: 'Build test container' - runs-on: ubuntu-latest needs: setup-matrix strategy: - matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }} + matrix: ${{ fromJson(needs.setup-matrix.outputs.build_matrix) }} steps: - name: Checkout repository uses: actions/checkout@v5 @@ -72,6 +64,7 @@ jobs: context: openvoxserver file: openvoxserver/Containerfile push: false + platforms: linux/${{ matrix.platform }} build-args: | OPENVOX_RELEASE=${{ matrix.release }} OPENVOXSERVER_VERSION=${{ matrix.server_version }} @@ -94,8 +87,7 @@ jobs: tests: needs: - - general_ci - - build_test_container + - build_ci_container runs-on: ubuntu-latest name: Test suite steps: diff --git a/.github/workflows/security_scanning.yml b/.github/workflows/security_scanning.yml index 9a286c6..c301a0d 100644 --- a/.github/workflows/security_scanning.yml +++ b/.github/workflows/security_scanning.yml @@ -16,7 +16,7 @@ jobs: setup-matrix: runs-on: ubuntu-latest outputs: - matrix: ${{ steps.set-matrix.outputs.matrix }} + build_matrix: ${{ steps.set-build-matrix.outputs.build_matrix }} steps: - name: Source checkout uses: actions/checkout@v5 @@ -24,19 +24,19 @@ jobs: - name: 'Setup yq' uses: dcarbone/install-yq-action@v1.3.1 - - id: set-matrix - run: echo "matrix=$(yq -o json build_versions.yaml | jq -c)" >> $GITHUB_OUTPUT + - id: set-build-matrix + run: echo "build_matrix=$(bash matrix.sh build)" >> $GITHUB_OUTPUT scan_ci_container: - name: 'Scan CI container' - runs-on: ubuntu-latest + name: 'Scan ${{ matrix.platform }} CI container' + runs-on: ${{ matrix.runner }} permissions: actions: read contents: read security-events: write needs: setup-matrix strategy: - matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }} + matrix: ${{ fromJson(needs.setup-matrix.outputs.build_matrix) }} steps: - name: Checkout repository uses: actions/checkout@v5 @@ -50,12 +50,13 @@ jobs: const version = agentVersion.split('-')[0]; core.setOutput('version', version); - - name: Build CI container + - name: Build ${{ matrix.platform }} CI container uses: docker/build-push-action@v6 with: tags: 'ci/openvoxserver:${{ steps.extract_version.outputs.version }}' context: openvoxserver file: openvoxserver/Containerfile + platforms: linux/${{ matrix.platform }} push: false build-args: | OPENVOX_RELEASE=${{ matrix.release }} diff --git a/build_platforms.yaml b/build_platforms.yaml new file mode 100644 index 0000000..5fff9c2 --- /dev/null +++ b/build_platforms.yaml @@ -0,0 +1,6 @@ +--- +platforms: + - platform: amd64 + runner: ubuntu-24.04 + - platform: arm64 + runner: ubuntu-24.04-arm diff --git a/matrix.sh b/matrix.sh new file mode 100755 index 0000000..db67369 --- /dev/null +++ b/matrix.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +yq -o=json build_platforms.yaml > build_platforms.json +yq -o=json build_versions.yaml > build_versions.json + +if [ "$1" == "build" ]; then + jq -rc --slurp '{ include: [ .[1].include[] as $i | .[0].platforms[] as $p | $i + {"platform": $p.platform, "runner": $p.runner} ] }' build_platforms.json build_versions.json +fi + +if [ "$1" == "tag" ]; then + jq -cr '.include |= map({ release: .release, server_version: .server_version, db_version: .db_version })' build_versions.json +fi + +rm build_platforms.json +rm build_versions.json