22name : Docker
33
44on :
5- push :
6- branches : [main]
75 workflow_dispatch :
86 inputs :
97 ref :
2321 strategy :
2422 matrix :
2523 include :
26- - platform : linux/amd64
27- runs-on : ubuntu-latest
24+ - runs-on : ubuntu-latest
2825 arch : amd64
29- - platform : linux/arm64
30- runs-on : ubuntu-24.04-arm
26+ - runs-on : ubuntu-24.04-arm
3127 arch : arm64
3228 runs-on : ${{ matrix.runs-on }}
3329 permissions :
@@ -43,61 +39,15 @@ jobs:
4339 - name : Build binary
4440 run : cargo build --package stellar-cli --release
4541
46- - name : Copy binary for Docker context
47- run : cp target/release/stellar stellar
48-
49- - name : Set up Docker Buildx
50- uses : docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4
51-
52- - name : Log in to Docker Hub
53- if : github.event_name == 'workflow_dispatch' || github.event_name == 'release'
54- uses : docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4
55- with :
56- username : ${{ secrets.DOCKERHUB_USERNAME }}
57- password : ${{ secrets.DOCKERHUB_TOKEN }}
58-
59- # Validation only — build without pushing.
60- - name : Build
61- if : github.event_name == 'push'
62- uses : docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7
63- with :
64- context : .
65- platforms : ${{ matrix.platform }}
66- push : false
67- cache-from : type=gha,scope=${{ matrix.arch }}
68- cache-to : type=gha,mode=max,scope=${{ matrix.arch }}
69-
70- # Publish — push by digest so the merge job can assemble the manifest.
71- - name : Build and push by digest
72- if : github.event_name == 'workflow_dispatch' || github.event_name == 'release'
73- id : build
74- uses : docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7
75- with :
76- context : .
77- platforms : ${{ matrix.platform }}
78- outputs : type=image,name=stellar/cli,push-by-digest=true,name-canonical=true,push=true
79- cache-from : type=gha,scope=${{ matrix.arch }}
80- cache-to : type=gha,mode=max,scope=${{ matrix.arch }}
81-
82- - name : Upload digest
83- if : github.event_name == 'workflow_dispatch' || github.event_name == 'release'
84- run : |
85- mkdir -p /tmp/digests
86- digest="${{ steps.build.outputs.digest }}"
87- touch "/tmp/digests/${digest#sha256:}"
88-
89- name : Upload digest artifact
90- if : github.event_name == 'workflow_dispatch' || github.event_name == 'release'
42+ - name : Upload binary
9143 uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
9244 with :
93- name : digest-${{ matrix.arch }}
94- path : /tmp/digests/*
95- if-no-files-found : error
45+ name : stellar-${{ matrix.arch }}
46+ path : target/release/stellar
9647 retention-days : 1
9748
98- merge :
49+ docker :
9950 needs : build
100- if : github.event_name == 'workflow_dispatch' || github.event_name == 'release'
10151 runs-on : ubuntu-latest
10252 permissions :
10353 contents : read
@@ -107,6 +57,30 @@ jobs:
10757 ref : ${{ github.event_name == 'workflow_dispatch' && inputs.ref || github.ref }}
10858 fetch-depth : 0
10959
60+ - name : Download binaries
61+ uses : actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
62+ with :
63+ pattern : stellar-*
64+ merge-multiple : false
65+
66+ - name : Stage binaries for Docker context
67+ run : |
68+ mv stellar-amd64/stellar stellar-amd64
69+ mv stellar-arm64/stellar stellar-arm64
70+ chmod +x stellar-amd64 stellar-arm64
71+
72+ name : Set up QEMU
73+ uses : docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4
74+
75+ - name : Set up Docker Buildx
76+ uses : docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4
77+
78+ - name : Log in to Docker Hub
79+ uses : docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4
80+ with :
81+ username : ${{ secrets.DOCKERHUB_USERNAME }}
82+ password : ${{ secrets.DOCKERHUB_TOKEN }}
83+
11084 # Compute Docker tags from the ref.
11185 # - Version tag (e.g. v1.2.3): push versioned + latest tags.
11286 # - Any other ref: push a tag for the resolved commit SHA.
@@ -125,30 +99,10 @@ jobs:
12599 echo "DOCKER_TAGS=stellar/cli:${commit}" >> $GITHUB_ENV
126100 fi
127101
128- name : Download digests
129- uses : actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
130- with :
131- path : /tmp/digests
132- pattern : digest-*
133- merge-multiple : true
134-
135- - name : Set up Docker Buildx
136- uses : docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4
137-
138- - name : Log in to Docker Hub
139- uses : docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4
102+ name : Build and push
103+ uses : docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7
140104 with :
141- username : ${{ secrets.DOCKERHUB_USERNAME }}
142- password : ${{ secrets.DOCKERHUB_TOKEN }}
143-
144- - name : Create and push manifest
145- working-directory : /tmp/digests
146- run : |
147- tag_args=""
148- IFS=',' read -ra tag_list <<< "$DOCKER_TAGS"
149- for tag in "${tag_list[@]}"; do
150- tag_args+=" --tag ${tag}"
151- done
152-
153- docker buildx imagetools create $tag_args \
154- $(printf 'stellar/cli@sha256:%s ' *)
105+ context : .
106+ platforms : linux/amd64,linux/arm64
107+ push : true
108+ tags : ${{ env.DOCKER_TAGS }}
0 commit comments