From 2a7a3705b073eec05a38202d5aeb945475de4652 Mon Sep 17 00:00:00 2001 From: asonix Date: Sat, 17 Feb 2024 11:23:48 -0600 Subject: [PATCH] Migrate to forgejo actions --- .drone.yml | 422 ------------------ .forgejo/workflows/check.yaml | 62 +++ .forgejo/workflows/publish.yaml | 225 ++++++++++ docker/drone/Dockerfile | 18 - docker/drone/manifest.tmpl | 25 -- docker/forgejo/Dockerfile | 25 ++ .../config-Q16HDRI/policy.xml | 0 7 files changed, 312 insertions(+), 465 deletions(-) delete mode 100644 .drone.yml create mode 100644 .forgejo/workflows/check.yaml create mode 100644 .forgejo/workflows/publish.yaml delete mode 100644 docker/drone/Dockerfile delete mode 100644 docker/drone/manifest.tmpl create mode 100644 docker/forgejo/Dockerfile rename docker/{prod => forgejo}/root/usr/lib/ImageMagick-7.1.1/config-Q16HDRI/policy.xml (100%) diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 58774f7..0000000 --- a/.drone.yml +++ /dev/null @@ -1,422 +0,0 @@ -kind: pipeline -type: docker -name: clippy - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: clippy - image: asonix/rust-builder:latest-linux-amd64 - pull: always - commands: - - rustup component add clippy - - cargo clippy --no-default-features -- -D warnings - - cargo clippy --no-default-features --features io-uring -- -D warnings - -trigger: - event: - - push - - pull_request - - tag - ---- - -kind: pipeline -type: docker -name: tests - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: tests - image: asonix/rust-builder:latest-linux-amd64 - pull: always - commands: - - cargo test - -trigger: - event: - - push - - pull_request - - tag - ---- - -kind: pipeline -type: docker -name: check-amd64 - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: check - image: asonix/rust-builder:latest-linux-amd64 - pull: always - commands: - - cargo check --target=$TARGET - -trigger: - event: - - push - - pull_request - ---- - -kind: pipeline -type: docker -name: build-amd64 - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: build - image: asonix/rust-builder:latest-linux-amd64 - pull: always - commands: - - cargo build --target=$TARGET --release - - $TOOL-strip target/$TARGET/release/pict-rs - - cp target/$TARGET/release/pict-rs . - - cp pict-rs pict-rs-linux-amd64 - -- name: push - image: plugins/docker:20 - settings: - username: asonix - password: - from_secret: dockerhub_token - repo: asonix/pictrs - dockerfile: docker/drone/Dockerfile - auto_tag: true - auto_tag_suffix: linux-amd64 - build_args: - - REPO_ARCH=amd64 - -- name: publish - image: plugins/gitea-release:1 - settings: - api_key: - from_secret: gitea_token - base_url: https://git.asonix.dog - files: - - pict-rs-linux-amd64 - -depends_on: -- clippy -- tests - -trigger: - event: - - tag - ---- - -kind: pipeline -type: docker -name: check-arm64v8 - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: check - image: asonix/rust-builder:latest-linux-arm64v8 - pull: always - commands: - - cargo check --target=$TARGET - -trigger: - event: - - push - - pull_request - ---- - -kind: pipeline -type: docker -name: build-arm64v8 - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: build - image: asonix/rust-builder:latest-linux-arm64v8 - pull: always - commands: - - cargo build --target=$TARGET --release - - $TOOL-strip target/$TARGET/release/pict-rs - - cp target/$TARGET/release/pict-rs . - - cp pict-rs pict-rs-linux-arm64v8 - -- name: push - image: plugins/docker:20 - settings: - username: asonix - password: - from_secret: dockerhub_token - repo: asonix/pictrs - dockerfile: docker/drone/Dockerfile - auto_tag: true - auto_tag_suffix: linux-arm64v8 - build_args: - - REPO_ARCH=arm64v8 - -- name: publish - image: plugins/gitea-release:1 - settings: - api_key: - from_secret: gitea_token - base_url: https://git.asonix.dog - files: - - pict-rs-linux-arm64v8 - -depends_on: -- clippy -- tests - -trigger: - event: - - tag - ---- - -kind: pipeline -type: docker -name: check-arm32v7 - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: check - image: asonix/rust-builder:latest-linux-arm32v7 - pull: always - commands: - - cargo check --target=$TARGET - -trigger: - event: - - push - - pull_request - ---- - -kind: pipeline -type: docker -name: build-arm32v7 - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: build - image: asonix/rust-builder:latest-linux-arm32v7 - pull: always - commands: - - cargo build --target=$TARGET --release - - $TOOL-strip target/$TARGET/release/pict-rs - - cp target/$TARGET/release/pict-rs . - - cp pict-rs pict-rs-linux-arm32v7 - -- name: push - image: plugins/docker:20 - settings: - username: asonix - password: - from_secret: dockerhub_token - repo: asonix/pictrs - dockerfile: docker/drone/Dockerfile - auto_tag: true - auto_tag_suffix: linux-arm32v7 - build_args: - - REPO_ARCH=arm32v7 - -- name: publish - image: plugins/gitea-release:1 - settings: - api_key: - from_secret: gitea_token - base_url: https://git.asonix.dog - files: - - pict-rs-linux-arm32v7 - -depends_on: -- clippy -- tests - -trigger: - event: - - tag - ---- - -kind: pipeline -type: docker -name: manifest - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: manifest - image: plugins/manifest:1 - settings: - username: asonix - password: - from_secret: dockerhub_token - dump: true - auto_tag: true - ignore_missing: true - spec: docker/drone/manifest.tmpl - - -depends_on: -- build-amd64 -- build-arm64v8 -- build-arm32v7 - -trigger: - event: - - tag - ---- - -kind: pipeline -type: docker -name: publish-crate - -platform: - arch: amd64 - -clone: - disable: true - -steps: -- name: clone - image: alpine/git:latest - user: root - commands: - - git clone $DRONE_GIT_HTTP_URL . - - git checkout $DRONE_COMMIT - - chown -R 991:991 . - -- name: publish - image: asonix/rust-builder:latest-linux-amd64 - pull: always - environment: - CRATES_IO_TOKEN: - from_secret: crates_io_token - commands: - - cargo publish --token $CRATES_IO_TOKEN - -depends_on: -- build-amd64 -- build-arm64v8 -- build-arm32v7 - -trigger: - event: - - tag diff --git a/.forgejo/workflows/check.yaml b/.forgejo/workflows/check.yaml new file mode 100644 index 0000000..7ae6b7d --- /dev/null +++ b/.forgejo/workflows/check.yaml @@ -0,0 +1,62 @@ +on: + push: + branches: + - '*' + pull_request: + branches: + - main + +jobs: + clippy: + runs-on: docker + container: + image: docker.io/asonix/actions-base-image:0.1 + steps: + - + name: Checkout pict-rs + uses: https://github.com/actions/checkout@v4 + - + name: Cargo Cache + uses: https://git.asonix.dog/asonix/actions/cache-rust-dependencies@main + - + name: Clippy + run: | + cargo clippy --no-default-features -- -D warnings + cargo clippy --no-default-features --features io-uring -- -D warnings + + tests: + runs-on: docker + container: + image: docker.io/asonix/actions-base-image:0.1 + steps: + - + name: Checkout pict-rs + uses: https://github.com/actions/checkout@v4 + - + name: Cargo Cache + uses: https://git.asonix.dog/asonix/actions/cache-rust-dependencies@main + - + name: Test + run: cargo test + + check: + strategy: + fail-fast: false + matrix: + target: + - x86_64-unknown-linux-musl + - armv7-unknown-linux-musleabihf + - aarch64-unknown-linux-musl + runs-on: docker + container: + image: docker.io/asonix/actions-base-image:0.1 + steps: + - + name: Checkout pict-rs + uses: https://github.com/actions/checkout@v4 + - + name: Cargo Cache + uses: https://git.asonix.dog/asonix/actions/cache-rust-dependencies@main + - + name: Debug builds + run: cargo zigbuild --target ${{ matrix.target }} diff --git a/.forgejo/workflows/publish.yaml b/.forgejo/workflows/publish.yaml new file mode 100644 index 0000000..2683a24 --- /dev/null +++ b/.forgejo/workflows/publish.yaml @@ -0,0 +1,225 @@ +on: + push: + tags: + - 'v*.*.*' + +env: + REGISTRY_IMAGE: asonix/pictrs + +jobs: + clippy: + runs-on: base-image + container: + image: docker.io/asonix/actions-base-image:0.1 + steps: + - + name: Checkout pict-rs + uses: https://github.com/actions/checkout@v4 + - + name: Cargo Cache + uses: https://git.asonix.dog/asonix/actions/cache-rust-dependencies@main + - + name: Clippy + run: | + cargo clippy --no-default-features -- -D warnings + cargo clippy --no-default-features --features io-uring -- -D warnings + + tests: + runs-on: docker + container: + image: docker.io/asonix/actions-base-image:0.1 + steps: + - + name: Checkout pict-rs + uses: https://github.com/actions/checkout@v4 + - + name: Cargo Cache + uses: https://git.asonix.dog/asonix/actions/cache-rust-dependencies@main + - + name: Test + run: cargo test + + build: + needs: + - clippy + - tests + runs-on: docker + container: + image: docker.io/asonix/actions-base-image:0.1 + strategy: + fail-fast: false + matrix: + info: + - target: x86_64-unknown-linux-musl + artifact: linux-amd64 + platform: linux/amd64 + - target: armv7-unknown-linux-musleabihf + artifact: linux-arm32v7 + platform: linux/arm/v7 + - target: aarch64-unknown-linux-musl + artifact: linux-arm64v8 + platform: linux/arm64 + steps: + - + name: Checkout pict-rs + uses: https://github.com/actions/checkout@v4 + - + name: Cargo Cache + uses: https://git.asonix.dog/asonix/actions/cache-rust-dependencies@main + - + name: Prepare Platform + run: | + platform=${{ matrix.info.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + shell: bash + - + name: Docker meta + id: meta + uses: https://github.com/docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + flavor: | + latest=false + suffix=-${{ matrix.info.artifact }} + tags: | + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + - + name: Set up QEMU + uses: https://github.com/docker/setup-qemu-action@v3 + - + name: Set up Docker Buildx + uses: https://github.com/docker/setup-buildx-action@v3 + - + name: Docker login + uses: https://github.com/docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - + name: Compile pict-rs + run: cargo zigbuild --target ${{ matrix.info.target }} --release + - + name: Prepare artifacts + run: | + mkdir artifacts + cp target/${{ matrix.info.target }}/release/pict-rs artifacts/pict-rs-${{ matrix.info.artifact }} + - + uses: https://github.com/actions/upload-artifact@v3 + with: + name: binaries + path: artifacts/ + - + name: Prepare binary + run: | + cp target/${{ matrix.info.target }}/release/pict-rs docker/forgejo/pict-rs + - + name: Build and push ${{ matrix.info.platform }} docker image + id: build + uses: docker/build-push-action@v5 + with: + context: ./docker/forgejo + platforms: ${{ matrix.info.platform }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + outputs: type=image,name=${{ env.REGISTRY_IMAGE }},name-canonical=true,push=true + - + name: Export digest + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + echo "Created /tmp/digests/${digest#sha256:}" + shell: bash + - + name: Upload ${{ matrix.info.platform }} digest + uses: https://github.com/actions/upload-artifact@v3 + with: + name: digests + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + publish-docker: + runs-on: docker + container: + image: docker.io/asonix/actions-base-image:0.1 + needs: [build] + steps: + - + name: Download digests + uses: https://github.com/actions/download-artifact@v3 + with: + name: digests + path: /tmp/digests + pattern: digests-* + merge-multiple: true + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Docker login + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - + name: Docker meta + id: meta + uses: https://github.com/docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + flavor: | + latest=false + tags: | + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + - + name: Create manifest list and push + working-directory: /tmp/digests + run: | + tags=$(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "${DOCKER_METADATA_OUTPUT_JSON}") + images=$(printf "${{ env.REGISTRY_IMAGE }}@sha256:%s " *) + echo "Running 'docker buildx imagetools create ${tags[@]} ${images[@]}'" + docker buildx imagetools create ${tags[@]} ${images[@]} + shell: bash + - + name: Inspect Image + run: | + docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} + + publish-forgejo: + needs: [build] + runs-on: docker + container: + image: docker.io/asonix/actions-base-image:0.1 + steps: + - uses: https://github.com/actions/download-artifact@v3 + with: + name: binaries + path: artifacts/ + merge-multiple: true + - uses: actions/forgejo-release@v1 + with: + direction: upload + token: ${{ secrets.GITHUB_TOKEN }} + release-dir: artifacts/ + prerelease: true + + publish-crate: + needs: [build] + runs-on: docker + container: + image: docker.io/asonix/actions-base-image:0.1 + steps: + - + name: Checkout pict-rs + uses: https://github.com/actions/checkout@v4 + - + name: Cargo Cache + uses: https://git.asonix.dog/asonix/actions/cache-rust-dependencies@main + - + name: Publish Crate + run: cargo publish --token ${{ secrets.CRATES_IO_TOKEN }} diff --git a/docker/drone/Dockerfile b/docker/drone/Dockerfile deleted file mode 100644 index 5fb5173..0000000 --- a/docker/drone/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -ARG REPO_ARCH - -FROM asonix/rust-runner:latest-linux-$REPO_ARCH - -USER root -RUN \ - apk add exiftool imagemagick ffmpeg && \ - chown -R app:app /mnt - -COPY pict-rs /usr/local/bin/pict-rs -COPY docker/prod/root/ / - -USER app -EXPOSE 6669 -EXPOSE 8080 -VOLUME /mnt -ENTRYPOINT ["/sbin/tini", "--"] -CMD ["/usr/local/bin/pict-rs", "run"] diff --git a/docker/drone/manifest.tmpl b/docker/drone/manifest.tmpl deleted file mode 100644 index 76d6063..0000000 --- a/docker/drone/manifest.tmpl +++ /dev/null @@ -1,25 +0,0 @@ -image: asonix/pictrs:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} -{{#if build.tags}} -tags: -{{#each build.tags}} - - {{this}} -{{/each}} -{{/if}} -manifests: - - - image: asonix/pictrs:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64 - platform: - architecture: amd64 - os: linux - - - image: asonix/pictrs:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64v8 - platform: - architecture: arm64 - os: linux - variant: v8 - - - image: asonix/pictrs:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm32v7 - platform: - architecture: arm - os: linux - variant: v7 diff --git a/docker/forgejo/Dockerfile b/docker/forgejo/Dockerfile new file mode 100644 index 0000000..de119ef --- /dev/null +++ b/docker/forgejo/Dockerfile @@ -0,0 +1,25 @@ +FROM alpine:3.19 + +ARG UID=991 +ARG GID=991 + +ENV \ + UID=${UID} \ + GID=${GID} + +USER root +RUN \ + addgroup -g "${GID}" app && \ + adduser -D -G app -u "${UID}" -g "" -h /opt/app app && \ + apk add exiftool ffmpeg imagemagick imagemagick-heic tini && \ + chown -R app:app /mnt + +COPY root/ / +COPY pict-rs /usr/local/bin/pict-rs + +USER app +EXPOSE 6669 +EXPOSE 8080 +VOLUME /mnt +ENTRYPOINT ["/sbin/tini", "--"] +CMD ["/usr/local/bin/pict-rs", "run"] diff --git a/docker/prod/root/usr/lib/ImageMagick-7.1.1/config-Q16HDRI/policy.xml b/docker/forgejo/root/usr/lib/ImageMagick-7.1.1/config-Q16HDRI/policy.xml similarity index 100% rename from docker/prod/root/usr/lib/ImageMagick-7.1.1/config-Q16HDRI/policy.xml rename to docker/forgejo/root/usr/lib/ImageMagick-7.1.1/config-Q16HDRI/policy.xml