Use new and improved rust workflow and Dockerfile
This commit is contained in:
@@ -1,2 +1,4 @@
|
|||||||
/target
|
/target
|
||||||
.env
|
.env
|
||||||
|
# Use the rust environment provided by the container
|
||||||
|
rust-toolchain.toml
|
||||||
|
|||||||
@@ -1,84 +1,24 @@
|
|||||||
# Based on: https://pastebin.com/99Fq2b2w
|
|
||||||
name: Build and deploy
|
name: Build and deploy
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- master
|
- master
|
||||||
- feature/**
|
- feature/**
|
||||||
|
tags:
|
||||||
|
- v*.*.*
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
name: Build application
|
uses: dreaded_x/workflows/.gitea/workflows/rust-kubernetes.yaml@22ee0c1788a8d2157db87d6a6f8dbe520fe48592
|
||||||
runs-on: ubuntu-latest
|
secrets: inherit
|
||||||
container: catthehacker/ubuntu:act-latest
|
with:
|
||||||
steps:
|
upload_manifests: false
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Setup Rust
|
|
||||||
uses: actions-rust-lang/setup-rust-toolchain@v1
|
|
||||||
with:
|
|
||||||
rustflags: ""
|
|
||||||
|
|
||||||
- name: Build
|
|
||||||
run: cargo build --release
|
|
||||||
|
|
||||||
- name: Upload artifact
|
|
||||||
uses: actions/upload-artifact@v3
|
|
||||||
with:
|
|
||||||
name: automation
|
|
||||||
path: target/release/automation
|
|
||||||
|
|
||||||
container:
|
|
||||||
name: Build container
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
needs: [build]
|
|
||||||
container: catthehacker/ubuntu:act-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Download artifact
|
|
||||||
uses: actions/download-artifact@v3
|
|
||||||
with:
|
|
||||||
name: automation
|
|
||||||
|
|
||||||
- name: Set permissions
|
|
||||||
run: |
|
|
||||||
chown 65532:65532 ./automation
|
|
||||||
chmod 0755 ./automation
|
|
||||||
|
|
||||||
- name: Docker meta
|
|
||||||
id: meta
|
|
||||||
uses: https://github.com/docker/metadata-action@v5
|
|
||||||
with:
|
|
||||||
images: git.huizinga.dev/dreaded_x/automation_rs
|
|
||||||
tags: |
|
|
||||||
type=ref,event=branch
|
|
||||||
type=ref,event=pr
|
|
||||||
type=semver,pattern={{version}}
|
|
||||||
type=semver,pattern={{major}}.{{minor}}
|
|
||||||
|
|
||||||
- name: Login to registry
|
|
||||||
uses: https://github.com/docker/login-action@v3
|
|
||||||
with:
|
|
||||||
registry: git.huizinga.dev
|
|
||||||
username: ${{ gitea.actor }}
|
|
||||||
password: ${{ secrets.REGISTRY_TOKEN }}
|
|
||||||
|
|
||||||
- name: Build and push Docker image
|
|
||||||
uses: https://github.com/docker/build-push-action@v5
|
|
||||||
with:
|
|
||||||
context: .
|
|
||||||
push: true
|
|
||||||
tags: ${{ steps.meta.outputs.tags }}
|
|
||||||
labels: ${{ steps.meta.outputs.labels }}
|
|
||||||
|
|
||||||
deploy:
|
deploy:
|
||||||
name: Deploy container
|
name: Deploy container
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container: catthehacker/ubuntu:act-latest
|
container: catthehacker/ubuntu:act-latest
|
||||||
needs: [container]
|
needs: build
|
||||||
if: gitea.ref == 'refs/heads/master'
|
if: gitea.ref == 'refs/heads/master'
|
||||||
steps:
|
steps:
|
||||||
- name: Stop and remove current container
|
- name: Stop and remove current container
|
||||||
@@ -97,11 +37,9 @@ jobs:
|
|||||||
-e MQTT_PASSWORD=${{ secrets.MQTT_PASSWORD }} \
|
-e MQTT_PASSWORD=${{ secrets.MQTT_PASSWORD }} \
|
||||||
-e HUE_TOKEN=${{ secrets.HUE_TOKEN }} \
|
-e HUE_TOKEN=${{ secrets.HUE_TOKEN }} \
|
||||||
-e NTFY_TOPIC=${{ secrets.NTFY_TOPIC }} \
|
-e NTFY_TOPIC=${{ secrets.NTFY_TOPIC }} \
|
||||||
git.huizinga.dev/dreaded_x/automation_rs:master
|
git.huizinga.dev/dreaded_x/automation_rs@${{ needs.build.outputs.digest }}
|
||||||
|
|
||||||
docker network connect web automation_rs
|
docker network connect web automation_rs
|
||||||
|
|
||||||
- name: Start container
|
- name: Start container
|
||||||
run: docker start automation_rs
|
run: docker start automation_rs
|
||||||
|
|
||||||
# TODO: Perform a healthcheck
|
|
||||||
|
|||||||
28
Dockerfile
28
Dockerfile
@@ -1,8 +1,26 @@
|
|||||||
FROM gcr.io/distroless/cc-debian12:nonroot
|
FROM rust:1.86 AS base
|
||||||
|
ENV CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse
|
||||||
|
RUN cargo install cargo-chef --locked --version 0.1.71 && \
|
||||||
|
cargo install cargo-auditable --locked --version 0.6.6
|
||||||
|
WORKDIR /app
|
||||||
|
|
||||||
|
FROM base AS planner
|
||||||
|
COPY . .
|
||||||
|
RUN cargo chef prepare --recipe-path recipe.json
|
||||||
|
|
||||||
|
FROM base AS builder
|
||||||
|
# HACK: Now we can use unstable feature while on stable rust!
|
||||||
|
ENV RUSTC_BOOTSTRAP=1
|
||||||
|
COPY --from=planner /app/recipe.json recipe.json
|
||||||
|
RUN cargo chef cook --release --recipe-path recipe.json
|
||||||
|
|
||||||
|
COPY . .
|
||||||
|
ARG RELEASE_VERSION
|
||||||
|
ENV RELEASE_VERSION=${RELEASE_VERSION}
|
||||||
|
RUN cargo auditable build --release
|
||||||
|
|
||||||
|
FROM gcr.io/distroless/cc-debian12:nonroot AS runtime
|
||||||
|
COPY --from=builder /app/target/release/automation /app/automation
|
||||||
ENV AUTOMATION_CONFIG=/app/config.lua
|
ENV AUTOMATION_CONFIG=/app/config.lua
|
||||||
COPY ./config.lua /app/config.lua
|
COPY ./config.lua /app/config.lua
|
||||||
|
CMD [ "/app/automation" ]
|
||||||
COPY ./automation /app/automation
|
|
||||||
|
|
||||||
CMD ["/app/automation"]
|
|
||||||
|
|||||||
Reference in New Issue
Block a user