Skip to content

Commit 28bf469

Browse files
lgc2333lgc2333
committed
Add GitHub Actions workflow for building binaries and images
1 parent 30b4811 commit 28bf469

File tree

3 files changed

+187
-2
lines changed

3 files changed

+187
-2
lines changed

.cargo/config renamed to .cargo/config.toml

File renamed without changes.

.github/workflows/build.yml

Lines changed: 184 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,184 @@
1+
name: Build executables and Docker images
2+
3+
on:
4+
workflow_dispatch:
5+
6+
env:
7+
BIN_NAME: phira-mp-server
8+
PROJECT_NAME: phira-mp-server
9+
IMAGE_NAME: ${{ github.repository_owner }}/phira-mp-server
10+
CARGO_TERM_COLOR: always
11+
12+
jobs:
13+
build:
14+
strategy:
15+
fail-fast: false
16+
matrix:
17+
include:
18+
- target: x86_64-unknown-linux-gnu
19+
runs-on: ubuntu-latest
20+
- target: aarch64-unknown-linux-gnu
21+
runs-on: ubuntu-24.04-arm
22+
23+
# cross is trying to build amd64 image on arm runner!
24+
# i'm giving up to build not vendored openssl for musl linux
25+
- target: x86_64-unknown-linux-musl
26+
runs-on: ubuntu-latest
27+
cross-needed: true
28+
vendored-openssl: true
29+
- target: aarch64-unknown-linux-musl
30+
runs-on: ubuntu-latest
31+
cross-needed: true
32+
vendored-openssl: true
33+
34+
# i can't find a way to use non-vendored openssl for android build
35+
# so i'm also giving up
36+
- target: aarch64-linux-android
37+
runs-on: ubuntu-latest
38+
cross-needed: true
39+
vendored-openssl: true
40+
- target: x86_64-linux-android
41+
runs-on: ubuntu-latest
42+
cross-needed: true
43+
vendored-openssl: true
44+
45+
- target: aarch64-apple-darwin
46+
runs-on: macos-latest
47+
- target: x86_64-apple-darwin
48+
runs-on: macos-15-intel
49+
50+
- target: x86_64-pc-windows-msvc
51+
runs-on: windows-latest
52+
- target: aarch64-pc-windows-msvc
53+
runs-on: windows-11-arm
54+
55+
name: Build ${{ matrix.target }}
56+
runs-on: ${{ matrix.runs-on }}
57+
58+
steps:
59+
- name: Checkout repository
60+
uses: actions/checkout@v4
61+
62+
- name: Install cross if needed
63+
if: matrix.cross-needed == true
64+
run: |
65+
cargo install cross --git https://github.com/cross-rs/cross
66+
67+
- name: Install Linux build dependencies (No cross)
68+
if: matrix.cross-needed != true && runner.os == 'Linux'
69+
run: |
70+
sudo apt-get update
71+
sudo apt-get install -y libssl-dev
72+
73+
- name: Install build dependencies (No cross & Linux & musl)
74+
if: matrix.cross-needed != true && runner.os == 'Linux' && endsWith(matrix.target, 'musl')
75+
run: |
76+
sudo apt-get update
77+
sudo apt-get install -y musl-tools
78+
79+
- name: Add rustup target (No cross)
80+
if: matrix.cross-needed != true
81+
run: rustup target add ${{ matrix.target }}
82+
83+
- name: Add vendored openssl
84+
if: matrix.vendored-openssl == true
85+
run: cargo add openssl --features vendored --package phira-mp-server
86+
87+
- name: Build binary
88+
run: >
89+
${{ matrix.cross-needed == true && 'cross' || 'cargo' }}
90+
build --target ${{ matrix.target }} --release --workspace
91+
92+
- name: Upload artifact
93+
uses: actions/upload-artifact@v4
94+
with:
95+
name: ${{ env.BIN_NAME }}-${{ matrix.target }}
96+
path: ./target/${{ matrix.target }}/release/${{ env.BIN_NAME }}${{ runner.os == 'Windows' && '.exe' || '' }}
97+
98+
image:
99+
name: Build images
100+
needs:
101+
- build
102+
runs-on: ubuntu-latest
103+
104+
permissions:
105+
contents: read
106+
packages: write
107+
id-token: write
108+
109+
steps:
110+
- name: Set up QEMU
111+
uses: docker/setup-qemu-action@v3
112+
113+
- name: Set up cosign
114+
uses: sigstore/cosign-installer@v3
115+
116+
- name: Set up Docker Buildx
117+
uses: docker/setup-buildx-action@v3
118+
119+
- name: Log in to GitHub Container Registry
120+
uses: docker/login-action@v3
121+
with:
122+
registry: ghcr.io
123+
username: ${{ github.repository_owner }}
124+
password: ${{ secrets.GITHUB_TOKEN }}
125+
126+
- name: Create staging directory for binaries
127+
run: mkdir -p amd64 arm64
128+
129+
- name: Download x86_64-unknown-linux-musl artifact
130+
uses: actions/download-artifact@v4
131+
with:
132+
name: ${{ env.BIN_NAME }}-x86_64-unknown-linux-musl
133+
path: amd64
134+
135+
- name: Download aarch64-unknown-linux-musl artifact
136+
uses: actions/download-artifact@v4
137+
with:
138+
name: ${{ env.BIN_NAME }}-aarch64-unknown-linux-musl
139+
path: arm64
140+
141+
- name: Make binaries executable
142+
run: |
143+
chmod +x amd64/${{ env.BIN_NAME }}
144+
chmod +x arm64/${{ env.BIN_NAME }}
145+
146+
- name: Write Dockerfile
147+
run: |
148+
cat << EOF > Dockerfile
149+
FROM alpine:3
150+
ARG TARGETARCH
151+
WORKDIR /app
152+
RUN apk add --no-cache openssl
153+
COPY \${TARGETARCH}/${{ env.BIN_NAME }} .
154+
EXPOSE 12346
155+
ENTRYPOINT ["./${{ env.BIN_NAME }}"]
156+
EOF
157+
158+
- name: Extract metadata for Docker
159+
id: meta
160+
uses: docker/metadata-action@v5
161+
with:
162+
images: ghcr.io/${{ env.IMAGE_NAME }}
163+
tags: |
164+
type=sha,prefix=
165+
type=raw,value=latest,enable={{is_default_branch}}
166+
type=ref,event=branch
167+
168+
- name: Build and push Docker image
169+
id: build-and-push
170+
uses: docker/build-push-action@v5
171+
with:
172+
context: .
173+
platforms: linux/amd64,linux/arm64
174+
push: true
175+
tags: ${{ steps.meta.outputs.tags }}
176+
labels: ${{ steps.meta.outputs.labels }}
177+
cache-from: type=gha
178+
cache-to: type=gha,mode=max
179+
180+
- name: Sign the published Docker image
181+
env:
182+
TAGS: ${{ steps.meta.outputs.tags }}
183+
DIGEST: ${{ steps.build-and-push.outputs.digest }}
184+
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

Cargo.toml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,9 +7,10 @@ members = [
77
]
88
resolver = "2"
99

10+
# https://github.com/johnthagen/min-sized-rust
1011
[profile.release]
11-
opt-level = 2
12-
debug = 1
12+
strip = true
13+
lto = true
1314

1415
[profile.dev.package."*"]
1516
opt-level = 2

0 commit comments

Comments
 (0)