Skip to content

Commit 991a04a

Browse files
wolfvwolfv
committed
add docker release workflow
1 parent b0c9150 commit 991a04a

2 files changed

Lines changed: 108 additions & 10 deletions

File tree

.github/workflows/docker.yml

Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,71 @@
1+
name: Build and Push Docker Images
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
tags:
8+
- 'v*'
9+
pull_request:
10+
branches:
11+
- main
12+
13+
env:
14+
REGISTRY: ghcr.io
15+
IMAGE_PREFIX: ${{ github.repository }}
16+
17+
jobs:
18+
build-and-push:
19+
runs-on: ubuntu-latest
20+
permissions:
21+
contents: read
22+
packages: write
23+
24+
strategy:
25+
matrix:
26+
include:
27+
- image: server
28+
dockerfile: docker/Dockerfile.server
29+
binary: rust-tessera
30+
- image: witness
31+
dockerfile: docker/Dockerfile.witness
32+
binary: witness
33+
34+
steps:
35+
- name: Checkout repository
36+
uses: actions/checkout@v4
37+
38+
- name: Set up Docker Buildx
39+
uses: docker/setup-buildx-action@v3
40+
41+
- name: Log in to Container Registry
42+
if: github.event_name != 'pull_request'
43+
uses: docker/login-action@v3
44+
with:
45+
registry: ${{ env.REGISTRY }}
46+
username: ${{ github.actor }}
47+
password: ${{ secrets.GITHUB_TOKEN }}
48+
49+
- name: Extract metadata (tags, labels)
50+
id: meta
51+
uses: docker/metadata-action@v5
52+
with:
53+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}-${{ matrix.image }}
54+
tags: |
55+
type=ref,event=branch
56+
type=ref,event=pr
57+
type=semver,pattern={{version}}
58+
type=semver,pattern={{major}}.{{minor}}
59+
type=sha,prefix=sha-
60+
61+
- name: Build and push Docker image
62+
uses: docker/build-push-action@v6
63+
with:
64+
context: .
65+
file: ${{ matrix.dockerfile }}
66+
push: ${{ github.event_name != 'pull_request' }}
67+
tags: ${{ steps.meta.outputs.tags }}
68+
labels: ${{ steps.meta.outputs.labels }}
69+
cache-from: type=gha
70+
cache-to: type=gha,mode=max
71+
platforms: linux/amd64,linux/arm64

README.md

Lines changed: 37 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -283,16 +283,43 @@ fly deploy
283283

284284
### Docker
285285

286-
```dockerfile
287-
FROM rust:1.75-slim as builder
288-
WORKDIR /app
289-
COPY . .
290-
RUN cargo build --release
291-
292-
FROM debian:bookworm-slim
293-
COPY --from=builder /app/target/release/rust-tessera /usr/local/bin/
294-
COPY --from=builder /app/target/release/witness /usr/local/bin/
295-
CMD ["rust-tessera"]
286+
Pre-built images are available from GitHub Container Registry:
287+
288+
```bash
289+
# Log server (replace OWNER/REPO with your GitHub repository)
290+
docker pull ghcr.io/OWNER/REPO-server:latest
291+
292+
# Witness
293+
docker pull ghcr.io/OWNER/REPO-witness:latest
294+
```
295+
296+
Run the log server:
297+
298+
```bash
299+
docker run -d \
300+
-p 8080:8080 \
301+
-v tessera-data:/data \
302+
-e LOG_ORIGIN="my-transparency-log" \
303+
-e LOG_PRIVATE_KEY="PRIVATE+KEY+..." \
304+
ghcr.io/OWNER/REPO-server:latest
305+
```
306+
307+
Run the witness:
308+
309+
```bash
310+
docker run -d \
311+
-p 8081:8081 \
312+
-v witness-data:/data \
313+
-e WITNESS_PRIVATE_KEY="PRIVATE+KEY+..." \
314+
-e WITNESS_LOGS="my-transparency-log=my-transparency-log+xxxx+..." \
315+
ghcr.io/OWNER/REPO-witness:latest
316+
```
317+
318+
To build images locally:
319+
320+
```bash
321+
docker build -f docker/Dockerfile.server -t rust-tessera-server .
322+
docker build -f docker/Dockerfile.witness -t rust-tessera-witness .
296323
```
297324

298325
### Kubernetes

0 commit comments

Comments
 (0)