name: Build and Publish on: push: branches: - main pull_request: branches: - main env: REGISTRY: harbor.gitdata.me/gta_team CARGO_TERM_COLOR: always jobs: # ---- Lint & Test ---- ci: runs-on: gitea steps: - name: Checkout uses: actions/checkout@v4 - name: Setup Rust uses: dtolnay/rust-action@stable with: toolchain: 1.94 - name: Cache Cargo uses: actions/cache@v4 with: path: | ~/.cargo/registry ~/.cargo/git target key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - name: Check formatting run: cargo fmt --check - name: Clippy run: cargo clippy --workspace --all-targets -- -D warnings - name: Test run: cargo test --workspace -- --test-threads=4 # ---- Docker Build (x86_64) ---- docker: needs: ci if: github.event_name == 'push' runs-on: gitea strategy: matrix: service: - app - gitserver - email-worker - git-hook - migrate - operator steps: - name: Checkout uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Harbor uses: docker/login-action@v3 with: registry: harbor.gitdata.me username: ${{ secrets.HARBOR_USERNAME }} password: ${{ secrets.HARBOR_PASSWORD }} - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ matrix.service }} tags: | type=sha,prefix=,format={{sha}} type=raw,value=latest - name: Build and push uses: docker/build-push-action@v5 with: context: . file: docker/${{ matrix.service }}.Dockerfile platforms: linux/amd64 push: true tags: ${{ steps.meta.outputs.tags }} cache-from: type=gha cache-to: type=gha,mode=max build-args: | BUILD_TARGET=x86_64-unknown-linux-gnu # ---- ARM64 Build ---- docker-arm64: needs: ci if: github.event_name == 'push' runs-on: gitea-arm64 strategy: matrix: service: - app - gitserver - email-worker - git-hook - migrate steps: - name: Checkout uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Harbor uses: docker/login-action@v3 with: registry: harbor.gitdata.me username: ${{ secrets.HARBOR_USERNAME }} password: ${{ secrets.HARBOR_PASSWORD }} - name: Build and push uses: docker/build-push-action@v5 with: context: . file: docker/${{ matrix.service }}.Dockerfile platforms: linux/arm64 push: true tags: | ${{ env.REGISTRY }}/${{ matrix.service }}:latest-arm64 ${{ env.REGISTRY }}/${{ matrix.service }}:sha-${{ github.sha }} build-args: | BUILD_TARGET=aarch64-unknown-linux-gnu # ---- Publish Manifest (multi-arch) ---- manifest: needs: [docker, docker-arm64] if: github.event_name == 'push' runs-on: gitea steps: - name: Checkout uses: actions/checkout@v4 - name: Login to Harbor uses: docker/login-action@v3 with: registry: harbor.gitdata.me username: ${{ secrets.HARBOR_USERNAME }} password: ${{ secrets.HARBOR_PASSWORD }} - name: Create and push manifest run: | for service in app gitserver email-worker git-hook migrate; do docker manifest create ${{ env.REGISTRY }}/$service:latest \ ${{ env.REGISTRY }}/$service:latest \ ${{ env.REGISTRY }}/$service:latest-arm64 docker manifest push ${{ env.REGISTRY }}/$service:latest done