Implement arm64 docker image #1962
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [ main ] | |
paths-ignore: | |
- '**.md' | |
- 'demo/**' | |
- 'docs/**' | |
- 'homebrew-formula/**' | |
pull_request: | |
branches: [ main ] | |
paths-ignore: | |
- '**.md' | |
- 'demo/**' | |
- 'docs/**' | |
- 'homebrew-formula/**' | |
release: | |
types: [ published ] | |
workflow_dispatch: | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
build: | |
name: Build ${{ matrix.target }} | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: true | |
matrix: | |
include: | |
- target: aarch64-apple-darwin | |
os: macOS-latest | |
cross: 'true' | |
- target: aarch64-unknown-linux-gnu | |
os: ubuntu-latest | |
cross: 'true' | |
- target: x86_64-apple-darwin | |
os: macOS-latest | |
- target: x86_64-pc-windows-msvc | |
os: windows-latest | |
ext: '.exe' | |
- target: x86_64-unknown-linux-gnu | |
os: ubuntu-latest | |
build_deb: 'true' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Rust Versions | |
run: rustc --version && cargo --version | |
- name: Lint (Linux) | |
if: matrix.target == 'x86_64-unknown-linux-gnu' | |
run: | | |
set -x | |
cargo fmt --all -- --check | |
cargo clippy --package martin-tile-utils -- -D warnings | |
cargo clippy --package martin-mbtiles -- -D warnings | |
cargo clippy --package martin-mbtiles --no-default-features --features native-tls -- -D warnings | |
cargo clippy --package martin-mbtiles --no-default-features --features rustls -- -D warnings | |
cargo clippy --package martin -- -D warnings | |
cargo clippy --package martin --features vendored-openssl -- -D warnings | |
cargo clippy --package martin --features bless-tests -- -D warnings | |
- name: Install OpenSSL (Windows) | |
if: runner.os == 'Windows' | |
shell: powershell | |
run: | | |
echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append | |
vcpkg install openssl:x64-windows-static-md | |
- name: Build (native) | |
if: matrix.cross != 'true' | |
run: | | |
cargo build --release --target ${{ matrix.target }} --features=ssl --package martin | |
cargo build --release --target ${{ matrix.target }} --features=cli --package martin-mbtiles | |
- name: Build (cross - aarch64-apple-darwin) | |
if: matrix.target == 'aarch64-apple-darwin' | |
run: | | |
rustup target add "${{ matrix.target }}" | |
# compile without debug symbols because stripping them with `strip` does not work cross-platform | |
export RUSTFLAGS='-C link-arg=-s' | |
cargo build --release --target ${{ matrix.target }} --features=vendored-openssl --package martin | |
cargo build --release --target ${{ matrix.target }} --no-default-features --features=rustls,cli --package martin-mbtiles | |
- name: Build (cross - aarch64-unknown-linux-gnu) | |
if: matrix.target == 'aarch64-unknown-linux-gnu' | |
run: | | |
sudo apt-get install -y gcc-aarch64-linux-gnu binutils-aarch64-linux-gnu | |
rustup target add "${{ matrix.target }}" | |
# compile without debug symbols because stripping them with `strip` does not work cross-platform | |
export RUSTFLAGS='-C link-arg=-s -C linker=aarch64-linux-gnu-gcc' | |
cargo build --release --target ${{ matrix.target }} --features=vendored-openssl --package martin | |
cargo build --release --target ${{ matrix.target }} --no-default-features --features=rustls,cli --package martin-mbtiles | |
- name: Move build artifacts | |
run: | | |
mkdir -p target_releases | |
mv target/${{ matrix.target }}/release/martin${{ matrix.ext }} target_releases | |
mv target/${{ matrix.target }}/release/mbtiles${{ matrix.ext }} target_releases | |
- name: Build debian package | |
if: matrix.build_deb == 'true' | |
run: | | |
sudo apt-get install -y dpkg dpkg-dev liblzma-dev | |
cargo install cargo-deb | |
cargo deb -v -p martin --output target/debian/martin.deb | |
mv target/debian/martin.deb target_releases | |
- name: Save build artifacts to build-${{ matrix.target }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: build-${{ matrix.target }} | |
path: target_releases/* | |
test: | |
name: Test ${{ matrix.target }} | |
runs-on: ${{ matrix.os }} | |
needs: [ build ] | |
strategy: | |
fail-fast: true | |
matrix: | |
include: | |
- target: x86_64-apple-darwin | |
os: macOS-latest | |
- target: x86_64-pc-windows-msvc | |
os: windows-latest | |
ext: '.exe' | |
- target: x86_64-unknown-linux-gnu | |
os: ubuntu-latest | |
steps: | |
- name: Checkout sources | |
uses: actions/checkout@v4 | |
- name: Start postgres | |
uses: nyurik/action-setup-postgis@v1 | |
id: pg | |
with: | |
username: test | |
password: test | |
database: test | |
rights: --superuser | |
- name: Init database | |
run: | | |
echo "DATABASE_URL=$DATABASE_URL" | |
echo "Print the same in base64 to bypass Github's obfuscation (uses hardcoded password):" | |
echo "$DATABASE_URL" | base64 | |
tests/fixtures/initdb.sh | |
env: | |
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }} | |
- name: Unit Tests (Linux) | |
if: matrix.target == 'x86_64-unknown-linux-gnu' | |
run: | | |
set -x | |
cargo test --package martin-tile-utils | |
cargo test --package martin-mbtiles | |
cargo test --package martin-mbtiles --no-default-features --features rustls | |
cargo test --package martin --features vendored-openssl | |
cargo test --doc | |
rm -rf target | |
env: | |
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }} | |
- uses: actions/download-artifact@v3 | |
with: | |
name: build-${{ matrix.target }} | |
path: target/ | |
- name: Integration Tests | |
run: | | |
export MARTIN_BUILD=- | |
export MARTIN_BIN=target/martin${{ matrix.ext }} | |
export MBTILES_BUILD=- | |
export MBTILES_BIN=target/mbtiles${{ matrix.ext }} | |
if [[ "${{ runner.os }}" != "Windows" ]]; then | |
chmod +x "$MARTIN_BIN" "$MBTILES_BIN" | |
fi | |
tests/test.sh | |
env: | |
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }} | |
- name: Integration Tests (with debian package) | |
if: matrix.target == 'x86_64-unknown-linux-gnu' | |
run: | | |
sudo dpkg -i target/martin.deb | |
export MARTIN_BUILD=- | |
export MARTIN_BIN=/usr/bin/martin | |
export MBTILES_BUILD=- | |
export MBTILES_BIN=target/mbtiles${{ matrix.ext }} | |
tests/test.sh | |
env: | |
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }} | |
- name: Compare test output results (Linux) | |
if: matrix.target == 'x86_64-unknown-linux-gnu' | |
run: diff --brief --recursive --new-file tests/output tests/expected | |
- name: Save test output on failure (Linux) | |
if: failure() && matrix.target == 'x86_64-unknown-linux-gnu' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: failed-test-output | |
path: tests/output/* | |
retention-days: 5 | |
test-legacy: | |
name: Test Legacy DB | |
runs-on: ubuntu-latest | |
needs: [ build ] | |
strategy: | |
fail-fast: true | |
matrix: | |
include: | |
# These must match the versions of postgres used in the docker-compose.yml | |
- image: postgis/postgis:11-3.0-alpine | |
args: postgres | |
sslmode: disable | |
- image: postgis/postgis:14-3.3-alpine | |
args: postgres | |
sslmode: disable | |
# alpine images don't support SSL, so for this we use the debian images | |
- image: postgis/postgis:15-3.3 | |
args: postgres -c ssl=on -c ssl_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem -c ssl_key_file=/etc/ssl/private/ssl-cert-snakeoil.key | |
sslmode: require | |
env: | |
# PG_* variables are used by psql | |
PGDATABASE: test | |
PGHOST: localhost | |
PGUSER: postgres | |
PGPASSWORD: postgres | |
services: | |
postgres: | |
image: ${{ matrix.image }} | |
ports: | |
# will assign a random free host port | |
- 5432/tcp | |
# Sadly there is currently no way to pass arguments to the service image other than this hack | |
# See also https://stackoverflow.com/a/62720566/177275 | |
options: >- | |
-e POSTGRES_DB=test | |
-e POSTGRES_USER=postgres | |
-e POSTGRES_PASSWORD=postgres | |
-e PGDATABASE=test | |
-e PGUSER=postgres | |
-e PGPASSWORD=postgres | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
--entrypoint sh | |
${{ matrix.image }} | |
-c "exec docker-entrypoint.sh ${{ matrix.args }}" | |
steps: | |
- name: Checkout sources | |
uses: actions/checkout@v4 | |
- name: Setup database | |
run: | | |
# sudo apt-get install postgresql-client | |
tests/fixtures/initdb.sh | |
env: | |
PGPORT: ${{ job.services.postgres.ports[5432] }} | |
- name: Unit Tests (Linux) | |
run: | | |
echo "Running unit tests, connecting to DATABASE_URL=$DATABASE_URL" | |
echo "Same but as base64 to prevent GitHub obfuscation (this is not a secret):" | |
echo "$DATABASE_URL" | base64 | |
set -x | |
cargo test --package martin-tile-utils | |
cargo test --package martin-mbtiles | |
cargo test --package martin-mbtiles --no-default-features --features rustls | |
cargo test --package martin --features vendored-openssl | |
cargo test --doc | |
RUSTDOCFLAGS="-D warnings" cargo doc --no-deps --workspace | |
rm -rf target | |
env: | |
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=${{ matrix.sslmode }} | |
- name: Save test output on failure | |
if: failure() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: test-output | |
path: tests/output/* | |
retention-days: 5 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: build-x86_64-unknown-linux-gnu | |
path: target/ | |
- name: Integration Tests | |
run: | | |
export MARTIN_BUILD=- | |
export MARTIN_BIN=target/martin | |
export MBTILES_BUILD=- | |
export MBTILES_BIN=target/mbtiles | |
chmod +x "$MARTIN_BIN" "$MBTILES_BIN" | |
tests/test.sh | |
env: | |
DATABASE_URL: postgres://${{ env.PGUSER }}:${{ env.PGUSER }}@${{ env.PGHOST }}:${{ job.services.postgres.ports[5432] }}/${{ env.PGDATABASE }}?sslmode=${{ matrix.sslmode }} | |
docker: | |
name: Build docker images | |
runs-on: ubuntu-latest | |
needs: [ build ] | |
steps: | |
- name: Checkout sources | |
uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
# https://github.com/docker/setup-qemu-action | |
with: | |
platforms: linux/amd64,linux/arm64 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
# https://github.com/docker/setup-buildx-action | |
with: | |
install: true | |
platforms: linux/amd64,linux/arm64 | |
- run: rm -rf target_releases | |
- uses: actions/download-artifact@v3 | |
with: | |
name: build-aarch64-unknown-linux-gnu | |
path: target_releases/linux/arm64 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: build-x86_64-unknown-linux-gnu | |
path: target_releases/linux/amd64 | |
- name: Reset permissions | |
run: chmod -R +x target_releases/ | |
- name: Start postgres | |
uses: nyurik/action-setup-postgis@v1 | |
id: pg | |
with: | |
username: test | |
password: test | |
database: test | |
rights: --superuser | |
- name: Init database | |
shell: bash | |
run: tests/fixtures/initdb.sh | |
env: | |
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }} | |
- name: Build linux/arm64 Docker image | |
id: docker_aarch64-unknown-linux-gnu | |
uses: docker/build-push-action@v5 | |
# https://github.com/docker/build-push-action | |
with: | |
context: . | |
file: multi-platform.Dockerfile | |
load: true | |
tags: ${{ github.repository }}:linux-arm64 | |
platforms: linux/arm64 | |
- name: Test linux/arm64 Docker image | |
run: | | |
PLATFORM=linux/arm64 | |
TAG=${{ github.repository }}:linux-arm64 | |
export MBTILES_BUILD=- | |
export MBTILES_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests --entrypoint /usr/local/bin/mbtiles $TAG" | |
export MARTIN_BUILD=- | |
export MARTIN_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests $TAG" | |
tests/test.sh | |
env: | |
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }} | |
- name: Build linux/amd64 Docker image | |
id: docker_x86_64-unknown-linux-gnu | |
uses: docker/build-push-action@v5 | |
# https://github.com/docker/build-push-action | |
with: | |
context: . | |
file: multi-platform.Dockerfile | |
load: true | |
tags: ${{ github.repository }}:linux-amd64 | |
platforms: linux/amd64 | |
- name: Test linux/amd64 Docker image | |
run: | | |
PLATFORM=linux/amd64 | |
TAG=${{ github.repository }}:linux-amd64 | |
export MBTILES_BUILD=- | |
export MBTILES_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests --entrypoint /usr/local/bin/mbtiles $TAG" | |
export MARTIN_BUILD=- | |
export MARTIN_BIN="docker run --rm --net host --platform $PLATFORM -e DATABASE_URL -v $PWD/tests:/tests $TAG" | |
tests/test.sh | |
env: | |
DATABASE_URL: ${{ steps.pg.outputs.connection-uri }} | |
- name: Login to GitHub Docker registry | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v3 | |
# https://github.com/docker/login-action | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Docker meta | |
id: docker_meta | |
uses: docker/metadata-action@v5 | |
# https://github.com/docker/metadata-action | |
with: | |
images: ghcr.io/${{ github.repository }} | |
- name: Push the Docker image | |
if: github.event_name != 'pull_request' | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: multi-platform.Dockerfile | |
push: true | |
tags: ${{ steps.docker_meta.outputs.tags }} | |
labels: ${{ steps.docker_meta.outputs.labels }} | |
platforms: linux/amd64,linux/arm64 | |
package: | |
name: Package ${{ matrix.target }} | |
runs-on: ${{ matrix.os }} | |
needs: [ test, test-legacy ] | |
strategy: | |
fail-fast: true | |
matrix: | |
include: | |
- target: aarch64-apple-darwin | |
os: ubuntu-latest | |
name: martin-Darwin-aarch64.tar.gz | |
sha: 'true' | |
cross: 'true' | |
- target: aarch64-unknown-linux-gnu | |
os: ubuntu-latest | |
name: martin-Linux-aarch64.tar.gz | |
cross: 'true' | |
- target: x86_64-apple-darwin | |
os: macOS-latest | |
name: martin-Darwin-x86_64.tar.gz | |
sha: 'true' | |
- target: x86_64-pc-windows-msvc | |
os: windows-latest | |
name: martin-Windows-x86_64.zip | |
ext: '.exe' | |
- target: x86_64-unknown-linux-gnu | |
os: ubuntu-latest | |
name: martin-Linux-x86_64.tar.gz | |
steps: | |
- name: Checkout sources | |
uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: build-${{ matrix.target }} | |
path: target/ | |
- name: Strip symbols | |
# Symbol stripping does not work cross-platform | |
# For cross, symbols were already removed during build | |
if: matrix.cross != 'true' | |
run: | | |
cd target/ | |
strip martin${{ matrix.ext }} | |
strip mbtiles${{ matrix.ext }} | |
- name: Package | |
run: | | |
cd target/ | |
if [[ "${{ runner.os }}" == "Windows" ]]; then | |
7z a ../${{ matrix.name }} martin${{ matrix.ext }} mbtiles${{ matrix.ext }} | |
else | |
tar czvf ../${{ matrix.name }} martin${{ matrix.ext }} mbtiles${{ matrix.ext }} | |
fi | |
- name: Package (debian) | |
if: matrix.target == 'x86_64-unknown-linux-gnu' | |
run: | | |
cd target/ | |
tar czvf ../martin-debian-x86_64.tar.gz martin.deb | |
- name: Generate SHA-256 (MacOS) | |
if: matrix.sha == 'true' | |
run: shasum -a 256 ${{ matrix.name }} | |
- name: Publish | |
if: startsWith(github.ref, 'refs/tags/') | |
uses: softprops/action-gh-release@v1 | |
with: | |
draft: true | |
files: 'martin*' | |
body_path: CHANGELOG.md | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# This final step is needed to mark the whole workflow as successful | |
# Don't change its name - it is used by the merge protection rules | |
done: | |
name: CI Finished | |
runs-on: ubuntu-latest | |
needs: [ docker, package ] | |
steps: | |
- name: Finished | |
run: echo "CI finished successfully" |