Fix #56: Use arm runner

* Rename CI files

* Try using Arm runners

* Temp rm attest and provenance

I think these are RedHat specific only?

@podhrmic says: `attests` is related to building an [SBOM](https://docs.docker.com/build/metadata/attestations/sbom/). We don't need it quite yet, so it is OK to remove (worth speeding up the build). The changes look good, I am in favor of merging. There is a condition that if the `build-and-release` job passes, but `combine-multiplatform` fails, then the *existing* image manifest will be corrupted, as the hashes will be incorrect. I recommend merging as is (well, once the failed tests are fixed), and if we see these failures happening we can address it.

Author: dc-mak

.github/workflows/ci-cn-bench.yml .github/workflows/benchmarks.yml.github/workflows/ci-cn-bench.yml renamed to .github/workflows/benchmarks.yml

@@ -1,4 +1,4 @@
-name: CN Benchmarks
+name: Benchmarks
 
 on:
   push:

.github/workflows/docker.yml

@@ -1,4 +1,4 @@
-name: docker
+name: Docker
 
 on:
   # Run this action every day
@@ -21,15 +21,22 @@ concurrency:
   group: docker-${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: false
 
-# Instructions from https://depot.dev/blog/multi-platform-docker-images-in-github-actions
 jobs:
-  docker-release-ubuntu:
-    runs-on: ubuntu-latest
+  build-and-release:
+
+    strategy:
+      matrix:
+        os: [ubuntu, redhat]
+        runner: [latest, 24.04-arm]
+
+    runs-on: ubuntu-${{ matrix.runner }}
+
     permissions:
       packages: write
       contents: read
       attestations: write
       id-token: write
+
     steps:
     - uses: actions/checkout@v4
 
@@ -40,28 +47,25 @@ jobs:
         username: ${{ github.actor }}
         password: ${{ secrets.GITHUB_TOKEN }}
 
-    - name: Set up QEMU
-      uses: docker/setup-qemu-action@v3.4.0
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Build multi-platform image
+    - name: Build ${{ matrix.os }}-${{ matrix.runner }} image
       uses: docker/build-push-action@v5
       with:
         context: .
-        platforms: linux/amd64,linux/arm64
         push: ${{ github.event_name != 'pull_request' }}
-        tags: ${{env.CN_IMAGE_ID}}:release
-        file: Dockerfile.ubuntu
+        tags: ${{ env.CN_IMAGE_ID }}:release-${{ matrix.os }}-${{ matrix.runner }}
+        file: Dockerfile.${{ matrix.os }}
         github-token: ${{ secrets.GITHUB_TOKEN }}
 
-  docker-release-redhat:
+  combine-multiplatform:
+
+    if: ${{ github.event_name != 'pull_request' }}
+
+    strategy:
+      matrix:
+        os: [ubuntu, redhat]
     runs-on: ubuntu-latest
-    permissions:
-      packages: write
-      contents: read
-      attestations: write
-      id-token: write
+    needs: [build-and-release]
+
     steps:
     - uses: actions/checkout@v4
 
@@ -72,35 +76,29 @@ jobs:
         username: ${{ github.actor }}
         password: ${{ secrets.GITHUB_TOKEN }}
 
-    - name: Set up QEMU
-      uses: docker/setup-qemu-action@v3.4.0
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Build multi-platform image
-      uses: docker/build-push-action@v5
-      with:
-        context: .
-        platforms: linux/amd64,linux/arm64
-        push: ${{ github.event_name != 'pull_request' }}
-        tags: ${{env.CN_IMAGE_ID}}:release-redhat
-        file: Dockerfile.redhat
-        attests: type=sbom
-        provenance: mode=max
-        github-token: ${{ secrets.GITHUB_TOKEN }}
+    - name: Create ${{ matrix.os }} manifest and push
+      run: |
+        docker manifest create \
+          ${{ env.CN_IMAGE_ID }}:release-${{ matrix.os }} \
+          --amend ${{ env.CN_IMAGE_ID }}:release-${{ matrix.os }}-latest \
+          --amend ${{ env.CN_IMAGE_ID }}:release-${{ matrix.os }}-24.04-arm
+        docker manifest push ${{ env.CN_IMAGE_ID }}:release-${{ matrix.os }}
 
 # Other CI is testing anyway - if need be, can run tests in Dockerfile itself
   test-docker-images:
-    runs-on: ubuntu-latest
+
     if: ${{ github.event_name != 'pull_request' }}
-    needs: [docker-release-redhat, docker-release-ubuntu]
+
     strategy:
       matrix:
-        tag: [release, release-redhat]
+        os: [ubuntu, redhat]
+    runs-on: ubuntu-latest
+    needs: [combine-multiplatform]
+
     steps:
     - uses: actions/checkout@v4
 
-    - name: Run CN CI tests
+    - name: Run CI tests
       run: |
-        docker pull ${{env.CN_IMAGE_ID}}:${{ matrix.tag }}
-        docker run -v $PWD:/work -w /work ${{env.CN_IMAGE_ID}}:${{ matrix.tag }} bash tests/run-cn.sh
+        docker pull ${{env.CN_IMAGE_ID}}:release-${{ matrix.os }}
+        docker run -v $PWD:/work -w /work ${{env.CN_IMAGE_ID}}:release-${{ matrix.os }} bash tests/run-cn.sh

…ithub/workflows/ci-pr-bench.yml.disabled …thub/workflows/pr-benchmark.yml.disabled.github/workflows/ci-pr-bench.yml.disabled renamed to .github/workflows/pr-benchmark.yml.disabled .github/workflows/ci-pr-bench.yml.disabled renamed to .github/workflows/pr-benchmark.yml.disabled

@@ -1,5 +1,5 @@
 # Installs CN (without Coq) and runs tests
-name: CN Proof
+name: Proof
 
 on:
   pull_request:

.github/workflows/ci-cn.yml .github/workflows/proof.yml.github/workflows/ci-cn.yml renamed to .github/workflows/proof.yml

@@ -1,5 +1,5 @@
-# Builds CN with Coq and runs Coq tests
-name: CN-Coq
+# Builds CN with Rocq and runs its tests
+name: Rocq
 
 on:
   pull_request:

.github/workflows/ci-cn-coq.yml .github/workflows/rocq.yml.github/workflows/ci-cn-coq.yml renamed to .github/workflows/rocq.yml

@@ -1,4 +1,4 @@
-name: CN Spec Testing
+name: Spec Testing
 
 on:
   pull_request: