Build binaries #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build binaries | |
on: | |
workflow_call: | |
inputs: | |
ref: | |
description: "ref to build eg v0.5.1" | |
required: false | |
type: string | |
npmVersion: | |
description: "if provided, also push npm packages with this version" | |
default: "" | |
required: false | |
type: string | |
workflow_dispatch: | |
inputs: | |
ref: | |
description: "ref to build eg v0.5.1" | |
required: false | |
type: string | |
npmVersion: | |
description: "if provided, also push npm packages with this version" | |
default: "" | |
required: false | |
type: string | |
jobs: | |
build: | |
permissions: | |
contents: read | |
packages: read | |
runs-on: ${{ matrix.build.os }} | |
strategy: | |
matrix: | |
build: | |
- target: aarch64-apple-darwin | |
os: macos-latest | |
- target: x86_64-apple-darwin | |
os: macos-latest | |
- target: x86_64-unknown-linux-musl | |
os: ubuntu-latest | |
- target: aarch64-unknown-linux-musl | |
os: ubuntu-latest | |
env: | |
RUST_BACKTRACE: full | |
RUSTC_WRAPPER: "sccache" | |
SCCACHE_GHA_ENABLED: "true" | |
steps: | |
- name: Clean up Github actions runner | |
uses: jlumbroso/[email protected] | |
with: | |
tool-cache: false | |
android: true | |
dotnet: true | |
haskell: true | |
large-packages: false | |
docker-images: true | |
swap-storage: false | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ inputs.ref }} | |
- name: Install Rust toolchain | |
uses: actions-rust-lang/setup-rust-toolchain@v1 | |
with: | |
rustflags: "" # set to empty value to not overwrite rustflags from .cargo/config.toml | |
# necessary because the toolchain@v1 action would install this target for stable only, whereas this command respects rust-toolchain.toml | |
- name: Install x86_64-apple-darwin Rust toolchain | |
if: ${{ matrix.build.target == 'x86_64-apple-darwin' }} | |
run: rustup target add x86_64-apple-darwin | |
- name: Install aarch64-apple-darwin Rust toolchain | |
if: ${{ matrix.build.target == 'aarch64-apple-darwin' }} | |
run: rustup target add aarch64-apple-darwin | |
- name: Run sccache-cache | |
uses: mozilla-actions/[email protected] | |
- name: Cache Rust | |
uses: Swatinem/rust-cache@v2 | |
- name: Install cargo-license | |
run: cargo install cargo-license | |
- name: Install protoc | |
if: ${{ matrix.build.os == 'macos-latest' }} # installed in cross docker image in linux builds | |
uses: ./.github/actions/install-protoc | |
- name: Setup just | |
uses: extractions/setup-just@v2 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Generate notice | |
run: just notice-file | |
- name: Compile Mac binaries | |
if: ${{ matrix.build.os == 'macos-latest' }} | |
env: | |
MACOSX_DEPLOYMENT_TARGET: 10.14.0 | |
run: cargo build --release --bins --target ${{ matrix.build.target }} | |
- name: Compile Linux binaries | |
if: ${{ matrix.build.os == 'ubuntu-latest' }} | |
uses: addnab/docker-run-action@v3 | |
with: | |
image: ghcr.io/restatedev/dev-tools:latest | |
options: -v ${{ github.workspace }}:/restate -w /restate -e ACTIONS_CACHE_URL -e ACTIONS_RUNTIME_TOKEN -e SCCACHE_GHA_ENABLED | |
run: | | |
cargo build --release --bins --target ${{ matrix.build.target }} | |
- name: Sign binaries | |
if: ${{ matrix.build.os == 'macos-latest' }} | |
run: | | |
codesign -s - target/${{ matrix.build.target }}/release/restate-server | |
codesign -s - target/${{ matrix.build.target }}/release/restate | |
- name: Move binary | |
run: cp target/${{ matrix.build.target }}/release/restate-server target/${{ matrix.build.target }}/release/restate . | |
- name: Create tar | |
run: tar -cvzf restate.${{ matrix.build.target }}.tar.gz LICENSE NOTICE restate-server restate | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: restate.${{ matrix.build.target }}.tar.gz | |
path: restate.${{ matrix.build.target }}.tar.gz | |
retention-days: 1 | |
if-no-files-found: error | |
docker-cli: | |
name: Push CLI Docker image | |
needs: [build] | |
runs-on: ubuntu-latest | |
env: | |
REPOSITORY_OWNER: ${{ github.repository_owner }} | |
GHCR_REGISTRY: "ghcr.io" | |
GHCR_REGISTRY_USERNAME: ${{ github.actor }} | |
GHCR_REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
IMAGE_NAME: "restate-cli" | |
steps: | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Log into GitHub container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.GHCR_REGISTRY }} | |
username: ${{ env.GHCR_REGISTRY_USERNAME }} | |
password: ${{ env.GHCR_REGISTRY_TOKEN }} | |
- name: Log into DockerHub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Download linux binaries | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: restate.*-unknown-linux-musl.tar.gz | |
merge-multiple: true | |
- name: Extract metadata (tags, labels) for Docker | |
if: ${{ github.event_name == 'push' }} | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
${{ env.GHCR_REGISTRY }}/${{ env.REPOSITORY_OWNER }}/${{ env.IMAGE_NAME }} | |
${{ format('docker.io/{0}/{1}', env.REPOSITORY_OWNER, env.IMAGE_NAME) }} | |
tags: | | |
type=semver,pattern={{version}},value=${{ inputs.ref }} | |
type=semver,pattern={{major}}.{{minor}},value=${{ inputs.ref }} | |
- name: Create Dockerfile | |
run: | | |
cat > Dockerfile << EOF | |
FROM --platform=${BUILDPLATFORM} alpine as builder | |
ADD restate.aarch64-unknown-linux-musl.tar.gz /restate-arm64 | |
ADD restate.x86_64-unknown-linux-musl.tar.gz /restate-amd64 | |
# keep output image small by removing the server binary | |
RUN rm /restate-*/restate-server | |
FROM scratch | |
ARG TARGETARCH | |
COPY --from=builder /restate-${TARGETARCH} / | |
ENTRYPOINT [ "/restate" ] | |
EOF | |
- name: Build and push multiplatform image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
platforms: linux/arm64,linux/amd64 | |
publish-npm: | |
name: Publish to NPM | |
if: ${{ inputs.npmVersion != '' }} | |
needs: [build] | |
uses: ./.github/workflows/npm.yml | |
secrets: inherit | |
with: | |
version: ${{ inputs.npmVersion }} |