From c77064b5b9bd05ec40f3b82115164ba38e85d287 Mon Sep 17 00:00:00 2001
From: Dreaded_X <tim@huizinga.dev>
Date: Thu, 16 Nov 2023 01:45:45 +0100
Subject: [PATCH] Feature: Use Gitea Actions to build automation_rs Builds
 automation_rs and the corresponding docker image. The binary is uploaded as
 an artifact and the image is uploaded to the registry.

In order to improve caching the nightly version is locked using
rust-toolchain.toml
---
 .drone.yml                 | 49 ---------------------------
 .gitea/workflows/build.yml | 69 ++++++++++++++++++++++++++++++++++++++
 Dockerfile                 | 62 ++--------------------------------
 rust-toolchain.toml        |  4 +++
 4 files changed, 76 insertions(+), 108 deletions(-)
 delete mode 100644 .drone.yml
 create mode 100644 .gitea/workflows/build.yml
 create mode 100644 rust-toolchain.toml

diff --git a/.drone.yml b/.drone.yml
deleted file mode 100644
index a71bbdb..0000000
--- a/.drone.yml
+++ /dev/null
@@ -1,49 +0,0 @@
-kind: pipeline
-type: docker
-name: default
-
-steps:
-    - name: build
-      image: docker
-      volumes:
-          - name: socket
-            path: /var/run/docker.sock
-      commands:
-          - DOCKER_BUILDKIT=1 docker build -t automation_rs .
-
-    - name: deploy
-      image: docker
-      volumes:
-          - name: socket
-            path: /var/run/docker.sock
-      environment:
-          MQTT_PASSWORD:
-              from_secret: MQTT_PASSWORD
-          HUE_TOKEN:
-              from_secret: HUE_TOKEN
-          NTFY_TOPIC:
-              from_secret: NTFY_TOPIC
-          RUST_LOG:
-              from_secret: RUST_LOG
-      commands:
-          - docker stop automation_rs || true
-
-          - docker rm automation_rs || true
-
-          # Networks need to be setup to to allow broadcasts: https://www.devwithimagination.com/2020/06/15/homebridge-docker-and-wake-on-lan/ https://github.com/dhutchison/container-images/blob/0c2d7d96bab751fb0a008cc91ba2990724bbd11f/homebridge/configure_docker_networks_for_wol.sh
-          # Needs to be done for ALL networks, because we can't seem to control which interface gets used to send the broadcast
-          - docker create -e RUST_LOG=$RUST_LOG -e MQTT_PASSWORD=$MQTT_PASSWORD -e HUE_TOKEN=$HUE_TOKEN -e NTFY_TOPIC=$NTFY_TOPIC --network mqtt --restart unless-stopped --name automation_rs automation_rs
-          - docker network connect web automation_rs
-          - docker start automation_rs
-
-      when:
-        branch:
-          - master
-        event:
-          exclude:
-            - pull_request
-
-volumes:
-    - name: socket
-      host:
-          path: /var/run/docker.sock
diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml
new file mode 100644
index 0000000..99c8136
--- /dev/null
+++ b/.gitea/workflows/build.yml
@@ -0,0 +1,69 @@
+# Based on: https://pastebin.com/99Fq2b2w
+name: Build and deploy automation_rs
+on:
+    push:
+        branches:
+            - main
+            - feature/actions
+
+jobs:
+    build:
+        name: Build
+        runs-on: ubuntu-latest
+        container: catthehacker/ubuntu:act-latest
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v4
+
+            - name: Setup Rust
+              uses: actions-rust-lang/setup-rust-toolchain@v1
+              with:
+                  rustflags: ""
+
+            - name: Formatting
+              uses: actions-rust-lang/rustfmt@v1
+
+            - name: Clippy
+              run: cargo clippy --all-targets --all -- -D warnings
+
+            - name: Build
+              run: cargo build --release
+
+            - name: Upload artifact
+              uses: actions/upload-artifact@v3
+              with:
+                  name: build
+                  path: target/x86_64-unknown-linux-gnu/release/automation
+
+    create-docker-container:
+        name: Create Docker container
+        runs-on: ubuntu-latest
+        needs: [build]
+        container: catthehacker/ubuntu:act-latest
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v4
+
+            - name: Download artifact
+              uses: actions/download-artifact@v3
+              with:
+                  name: build
+
+            - name: Set permissions
+              run: |
+                  chown 65532:65532 ./build/*
+                  chmod 0755 ./build/*
+
+            - name: Login to registry
+              uses: https://github.com/docker/login-action@v3
+              with:
+                  registry: git.huizinga.dev
+                  username: ${{ gitea.actor }}
+                  password: ${{ secrets.REGISTRY_TOKEN }}
+
+            - name: Build & Push Docker Image
+              uses: https://github.com/docker/build-push-action@v5
+              with:
+                  context: .
+                  push: true
+                  tags: git.huizinga.dev/dreaded_x/automation_rs:latest
diff --git a/Dockerfile b/Dockerfile
index 8f3c802..4be1a24 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,64 +1,8 @@
-FROM rust:bookworm AS build
-
-# Create user
-ENV USER=automation
-ENV UID=10001
-RUN adduser \
-    --disabled-password \
-    --gecos "" \
-    --home "/nonexistent" \
-    --shell "/sbin/nologin" \
-    --no-create-home \
-    --uid "${UID}" \
-    "${USER}"
-
-# Create basic project structure
-RUN cargo new --bin /app
-RUN cargo new --lib /app/impl_cast && truncate -s 0 /app/impl_cast/src/lib.rs
-RUN cargo new --lib /app/google-home
-
-# Get the correct version of the compiler
-RUN rustup default nightly
-
-# Copy cargo config
-COPY .cargo/config.toml /app/.cargo/config.toml
-
-# Copy the Cargo.toml files
-COPY impl_cast/Cargo.toml /app/impl_cast
-COPY google-home/Cargo.toml /app/google-home
-COPY Cargo.toml Cargo.lock /app/
-
-# Download and build all the dependencies
-WORKDIR /app
-RUN --mount=type=cache,target=/usr/local/cargo/registry cargo build --release
-
-# Build impl_cast
-COPY impl_cast/src/ /app/impl_cast/src/
-RUN --mount=type=cache,target=/usr/local/cargo/registry set -e; touch /app/impl_cast/src/lib.rs; cargo build --release --package impl_cast
-
-# Build google-home
-COPY google-home/src/ /app/google-home/src/
-RUN --mount=type=cache,target=/usr/local/cargo/registry set -e; touch /app/google-home/src/lib.rs; cargo build --release --package google-home
-
-# Build automation
-COPY src/ /app/src/
-RUN --mount=type=cache,target=/usr/local/cargo/registry set -e; touch /app/src/main.rs /app/src/lib.rs /app/google-home/src/lib.rs /app/impl_cast/src/lib.rs; cargo build --release
-
-CMD ["/app/target/release/automation"]
-
-
-# FINAL IMAGE
-FROM gcr.io/distroless/cc-debian12:latest
-
-COPY --from=build /etc/passwd /etc/passwd
-COPY --from=build /etc/group /etc/group
+FROM gcr.io/distroless/cc-debian12:nonroot
 
 ENV AUTOMATION_CONFIG=/app/config.yml
-COPY config/config.yml /app/config.yml
+COPY ./config/config.yml /app/config.yml
 
-WORKDIR /app
-COPY --from=build /app/target/x86_64-unknown-linux-gnu/release/automation ./
-
-USER automation:automation
+COPY ./build/automation /app/automation
 
 CMD ["/app/automation"]
diff --git a/rust-toolchain.toml b/rust-toolchain.toml
new file mode 100644
index 0000000..f22c82b
--- /dev/null
+++ b/rust-toolchain.toml
@@ -0,0 +1,4 @@
+[toolchain]
+channel = "nightly-2023-11-15"
+components = ["rustfmt", "clippy"]
+profile = "minimal"