Skip to content

Rust MUSL

Rust MUSL #884

Workflow file for this run

on:
push:
paths:
- ".github/workflows/rust-musl.yml"
- "Dockerfile.musl-base"
- "test/multicrate/**"
branches:
- main
workflow_dispatch:
inputs:
nightly_date:
description: "Nightly date to build"
required: false
default: ""
fresh_stable:
description: "Trigger new stable build"
required: false
default: ""
schedule:
- cron: '30 9 * * *' # everyday at 09:30 UTC
## ##
## To trigger this workflow using `act` (https://github.com/nektos/act) you can do the following.
## Full run no/different rustc_hash: (This triggers a fresh stable, since the rustc_hash is not available)
## act push -e <(echo '{"inputs":{"nightly_date":"","fresh_stable":""}}') -j musl-base
##
## Full run with same rustc_hash: (Get the current rustc_hash either from the output of the rust_stable step, or running rustc -vV your self)
## act push -e <(echo '{"inputs":{"nightly_date":"","fresh_stable":""}}') --env RUSTC_STABLE_HASH_ACT=f1edd0429 -j musl-base
##
## Nightly dispatch:
## act workflow_dispatch -e <(echo '{"action":"workflow_dispatch", "inputs":{"nightly_date":"","fresh_stable":""}}') -j musl-base
##
## Nightly dispatch specific date:
## act workflow_dispatch -e <(echo '{"action":"workflow_dispatch", "inputs":{"nightly_date":"2012-12-03","fresh_stable":""}}') -j musl-base
##
## Stable and Nightly dispatch:
## act workflow_dispatch -e <(echo '{"action":"workflow_dispatch", "inputs":{"nightly_date":"","fresh_stable":"true"}}') -j musl-base
##
## To only see the outputs from the build_vars to see what is getting triggered, use the same commands as above but replace `musl-base` with `build_vars`
## ##
name: Rust MUSL
jobs:
build_vars:
name: Generate Build Variables
runs-on: ubuntu-latest
outputs:
current_date: ${{ steps.build_vars.outputs.current_date }}
nightly_date: ${{ steps.build_vars.outputs.nightly_date }}
nightly_tag_postfix: ${{ steps.build_vars.outputs.nightly_tag_postfix }}
nightly_trigger: ${{ steps.build_vars.outputs.nightly_trigger }}
stable_trigger: ${{ steps.build_vars.outputs.stable_trigger }}
# Musl v1.2 postfix
stable_toolchain_postfix: ${{ steps.build_vars.outputs.stable_toolchain_postfix }}
nightly_toolchain_postfix: ${{ steps.build_vars.outputs.nightly_toolchain_postfix }}
vaultwarden_toolchain_postfix: ${{ steps.build_vars.outputs.vaultwarden_toolchain_postfix }}
#
# Set versions extacted during the rust_versions step
stable_version: ${{ steps.rust_versions.outputs.stable_version }}
stable_semver: ${{ steps.rust_versions.outputs.stable_semver }}
# We also append the value of workflow input fresh_stable here.
# This will ensure we do trigger a fresh rustup.
stable_hash: "${{ steps.rust_versions.outputs.stable_hash }}${{ github.event.inputs.fresh_stable }}"
#
# Nightly version
nightly_version: ${{ steps.rust_versions.outputs.nightly_version }}
nightly_semver: ${{ steps.rust_versions.outputs.nightly_semver }}
#
# Special version to match the vaultwarden stable version currently used in master
vaultwarden_version: ${{ steps.rust_versions.outputs.vaultwarden_version }}
vaultwarden_semver: ${{ steps.rust_versions.outputs.vaultwarden_semver }}
steps:
- name: Checkout Repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install Stable Rust Toolchain
uses: dtolnay/rust-toolchain@d76c2a93c593483c9892fd8d2538734f73ed8588 # stable @ Sep 19, 2023, 5:32 PM GMT+2
- name: Get Rust version info
id: rust_versions
run: |
#
function github_output () {
echo "${1}=${2}" | tee -a "${GITHUB_OUTPUT}"
}
# Get the Rust stable version info
STABLE_VERSION_STRING=$(rustc -V)
STABLE_VERSION=$(echo "${STABLE_VERSION_STRING}" | grep -oP '\S+\s(\K\S+)(?=\s)')
github_output "stable_version" "${STABLE_VERSION}"
STABLE_HASH=$(echo "${STABLE_VERSION_STRING}" | grep -oP '\s\((\K\S+)(?=\s)')
github_output "stable_hash" "${STABLE_HASH}"
STABLE_SEMVER=${STABLE_VERSION//.}
github_output "stable_semver" "${STABLE_SEMVER}"
# Get the Rust nightly version info
rustup install --profile minimal nightly
NIGHTLY_VERSION_STRING=$(rustc +nightly -V)
NIGHTLY_VERSION=$(echo "${NIGHTLY_VERSION_STRING}" | grep -oP '\S+\s(\K\S+)(?=\s)')
github_output "nightly_version" "${NIGHTLY_VERSION}"
NIGHTLY_HASH=$(echo "${NIGHTLY_VERSION_STRING}" | grep -oP '\s\((\K\S+)(?=\s)')
github_output "nightly_hash" "${NIGHTLY_HASH}"
NIGHTLY_SEMVER=$(echo "${NIGHTLY_VERSION//.}" | grep -oP '(\K\d{4})')
github_output "nightly_semver" "${NIGHTLY_SEMVER}"
# Get the Vaultwarden Rust version from the `rust-toolchain` or `rust-toolchain.toml` file.
VW_RUST_VER="UNKNOWN"
CODE="$(curl -sSL -w '%{http_code}' -o /tmp/rust-toolchain https://raw.githubusercontent.com/dani-garcia/vaultwarden/main/rust-toolchain)"
if [[ "$CODE" =~ ^2 ]]; then
VW_RUST_VER="$(cat /tmp/rust-toolchain)"
elif [[ "$CODE" = 404 ]]; then
CODE="$(curl -sSL -w '%{http_code}' -o /tmp/rust-toolchain.toml https://raw.githubusercontent.com/dani-garcia/vaultwarden/main/rust-toolchain.toml)"
if [[ "$CODE" =~ ^2 ]]; then
VW_RUST_VER="$(grep -oP 'channel.*"(\K.*?)(?=")' /tmp/rust-toolchain.toml)"
fi
fi
# Check if the version matches X.YY.Z, if not use the STABLE_VERSION instead
if [[ "${VW_RUST_VER}" =~ ^[0-9]{1}\.[0-9]{2}\.[0-9]{1}$ ]]; then
github_output "vaultwarden_version" "${VW_RUST_VER}"
VAULTWARDEN_SEMVER=${VW_RUST_VER//.}
github_output "vaultwarden_semver" "${VAULTWARDEN_SEMVER}"
else
github_output "vaultwarden_version" "${STABLE_VERSION}"
github_output "vaultwarden_semver" "${STABLE_SEMVER}"
fi
- name: Cache previous rustc stable hash
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
if: ${{ !env.ACT }}
with:
path: ~/rustc-stable.hash
key: build-vars-rustc-stable-${{ steps.rust_versions.outputs.stable_hash }}
restore-keys: |
build-vars-rustc-stable-
# Check if this is a scheduled job, if so, set to nightly
- name: Get build variables
id: build_vars
run: |
#
function github_output () {
echo "${1}=${2}" | tee -a "${GITHUB_OUTPUT}"
}
#
# Date
export DATE=$(date +'%Y-%m-%d')
github_output "current_date" "${DATE}"
#
# Since `act` doesn't support actions/cache (yet) we check some env vars here.
# With this we can fake the cache if we want to so we can test the flow.
if [[ -n "${{ env.RUSTC_STABLE_HASH_ACT }}" ]]; then
echo "Found RUSTC_STABLE_HASH_ACT"
echo "${{ env.RUSTC_STABLE_HASH_ACT }}" | tee ~/rustc-stable.hash
fi
#
# Determine if we need to update the stable version
export RUSTC_STABLE_HASH_CACHED="$( cat ~/rustc-stable.hash 2>/dev/null )"
if [[ -n "${{ github.event.inputs.fresh_stable }}" ]]; then
github_output "stable_trigger" "true"
elif [[ "${RUSTC_STABLE_HASH_CACHED}" != ${{ steps.rust_versions.outputs.stable_hash }} ]]; then
echo "Cached: '${RUSTC_STABLE_HASH_CACHED}' - Current: '${{ steps.rust_versions.outputs.stable_hash }}'"
github_output "stable_trigger" "true"
else
github_output "stable_trigger" ""
fi
# Store the current stable hash in GHA Cache
echo "${{ steps.rust_versions.outputs.stable_hash }}" | tee ~/rustc-stable.hash
#
# Determine nightly date
# If this is triggered by a workflow dispatch and a date is filled use that, else use the current date
if [[ -z "${{ github.event.inputs.nightly_date }}" ]]; then
github_output "nightly_date" "${DATE}"
# Set an empty nightly_tag_postfix because we are building the current nightly
github_output "nightly_tag_postfix" ""
# When there is a custom nightly_date set, lets first validate it.
elif [[ "${{ github.event.inputs.nightly_date }}" =~ ^[0-9]{4}-[0-9]{2}-[0-9]{2}$ ]] \
&& date +'%Y-%m-%d' -d'${{ github.event.inputs.nightly_date }}' >/dev/null 2>&1 \
&& [[ $(date +%s -d "00:00:00") -ge $(date +%s -d'${{ github.event.inputs.nightly_date }}') ]] ; then
github_output "nightly_date" "${{ github.event.inputs.nightly_date }}"
# To prevent tagging an older nightly version, we set a postfix here which is used by the nightly build/push action
github_output "nightly_tag_postfix" "-${{ github.event.inputs.nightly_date }}"
# If there was a workflow run, and it had an invalid date, stop the whole workflow
else
echo "error::Invalid nightly_date"
echo "::error::Invalid nightly_date"
exit 1
fi
#
# Check if we want to build a nightly only.
# We want this either when the cron is triggered
# Or if we trigger a manual workflow
if [[ "${{ github.event_name }}" == 'workflow_dispatch' ]] || [[ "${{ github.event.schedule }}" == '30 9 * * *' ]]; then
github_output "nightly_trigger" "true"
else
github_output "nightly_trigger" ""
fi
#
# Check if we need to use the v1.2.3 MUSL builds for the 32bit based arch's
# Rust supports musl v1.2.3 since v1.71.0
if [ ${{ steps.rust_versions.outputs.stable_semver }} -ge 1710 ]; then
github_output "stable_toolchain_postfix" "-musl-v1.2"
else
github_output "stable_toolchain_postfix" ""
fi
# Nightly
if [ ${{ steps.rust_versions.outputs.nightly_semver }} -ge 1710 ]; then
github_output "nightly_toolchain_postfix" "-musl-v1.2"
else
github_output "nightly_toolchain_postfix" ""
fi
# Vaultwarden
if [ ${{ steps.rust_versions.outputs.vaultwarden_semver }} -ge 1710 ]; then
github_output "vaultwarden_toolchain_postfix" "-musl-v1.2"
else
github_output "vaultwarden_toolchain_postfix" ""
fi
# ###
# Building the final MUSL Based images including the rust toolchain.
musl-base:
name: Build MUSL Base Image - ${{ matrix.env.IMAGE_TAG }}
needs: [build_vars]
runs-on: ubuntu-latest
env:
HAVE_DOCKERHUB_LOGIN: ${{ vars.DOCKERHUB_ENABLED == 'true' && secrets.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != '' }}
HAVE_GHCR_LOGIN: ${{ vars.GHCR_ENABLED == 'true' && github.repository_owner != '' && secrets.GITHUB_TOKEN != '' }}
HAVE_QUAY_LOGIN: ${{ vars.QUAY_ENABLED == 'true' && secrets.QUAY_USERNAME != '' && secrets.QUAY_TOKEN != '' }}
if: ${{ github.repository == 'BlackDex/rust-musl' }}
strategy:
fail-fast: false
matrix:
env:
- IMAGE_TAG: x86_64-musl
TARGET: x86_64-unknown-linux-musl
OPENSSL_ARCH: "linux-x86_64 enable-ec_nistp_64_gcc_128"
- IMAGE_TAG: armv7-musleabihf
TARGET: armv7-unknown-linux-musleabihf
OPENSSL_ARCH: linux-armv4
# The aarch64 musl does not support outline-atomics and needs to be disabled
# We need to provide some extra CPPFLAGS to prevent errors during the compilation of the Rust project
- IMAGE_TAG: aarch64-musl
TARGET: aarch64-unknown-linux-musl
OPENSSL_ARCH: linux-aarch64
ARCH_CPPFLAGS: "-mno-outline-atomics"
- IMAGE_TAG: arm-musleabi
TARGET: arm-unknown-linux-musleabi
OPENSSL_ARCH: linux-armv4
XTRA_RUSTFLAGS: "-Clink-args=-latomic "
steps:
- name: Checkout Repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
# This action is messing with the host caching when using `act`
- name: Setup Docker Buildx (setup-buildx-action)
if: ${{ !env.ACT }}
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
# https://github.com/moby/buildkit/issues/3969
with:
driver-opts: |
network=host
# Use the DOCKER_BUILDKIT=1 env when using `act`
- name: Setup Docker Buildx (DOCKER_BUILDKIT=1)
if: ${{ env.ACT }}
shell: bash
run: |
echo "DOCKER_BUILDKIT=1" | tee -a "${GITHUB_ENV}"
- name: Generate base container tags
shell: bash
run: |
echo "base_tags_stable=" \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-openssl3," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-${{ needs.build_vars.outputs.stable_version }}," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-${{ needs.build_vars.outputs.stable_version }}-openssl3," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-stable," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-stable-openssl3," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-stable-${{ needs.build_vars.outputs.stable_version }}," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-stable-${{ needs.build_vars.outputs.stable_version }}-openssl3" \
| tr -d ' ' | tee -a "${GITHUB_ENV}"
echo "base_tags_stable_vw=" \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-${{ needs.build_vars.outputs.vaultwarden_version }}," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-${{ needs.build_vars.outputs.vaultwarden_version }}-openssl3," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-stable-${{ needs.build_vars.outputs.vaultwarden_version }}," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-stable-${{ needs.build_vars.outputs.vaultwarden_version }}-openssl3" \
| tr -d ' ' | tee -a "${GITHUB_ENV}"
echo "base_tags_nightly=" \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-nightly${{ needs.build_vars.outputs.nightly_tag_postfix }}," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-nightly${{ needs.build_vars.outputs.nightly_tag_postfix }}-openssl3," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-nightly-${{ needs.build_vars.outputs.nightly_date }}," \
"@RGSTRY@blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-nightly-${{ needs.build_vars.outputs.nightly_date }}-openssl3" \
| tr -d ' ' | tee -a "${GITHUB_ENV}"
- name: Login to DockerHub
if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Tags for DockerHub
if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }}
shell: bash
run: |
echo "tags_stable=$(echo "${base_tags_stable}" | sed 's#@RGSTRY@#docker.io/#g')" \
| tee -a "${GITHUB_ENV}"
echo "tags_stable_vw=$(echo "${base_tags_stable_vw}" | sed 's#@RGSTRY@#docker.io/#g')" \
| tee -a "${GITHUB_ENV}"
echo "tags_nightly=$(echo "${base_tags_nightly}" | sed 's#@RGSTRY@#docker.io/#g')" \
| tee -a "${GITHUB_ENV}"
- name: Login to ghcr.io
if: ${{ env.HAVE_GHCR_LOGIN == 'true' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Tags for ghcr.io
if: ${{ env.ACT || env.HAVE_GHCR_LOGIN == 'true' }}
shell: bash
run: |
echo "tags_stable=${tags_stable:+${tags_stable},}$(echo "${base_tags_stable}" | sed 's#@RGSTRY@#ghcr.io/#g')" \
| tee -a "${GITHUB_ENV}"
echo "tags_stable_vw=${tags_stable_vw:+${tags_stable_vw},}$(echo "${base_tags_stable_vw}" | sed 's#@RGSTRY@#ghcr.io/#g')" \
| tee -a "${GITHUB_ENV}"
echo "tags_nightly=${tags_nightly:+${tags_nightly},}$(echo "${base_tags_nightly}" | sed 's#@RGSTRY@#ghcr.io/#g')" \
| tee -a "${GITHUB_ENV}"
- name: Login to quay.io
if: ${{ env.HAVE_QUAY_LOGIN == 'true' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Tags for quay.io
if: ${{ env.HAVE_QUAY_LOGIN == 'true' }}
shell: bash
run: |
echo "tags_stable=${tags_stable:+${tags_stable},}$(echo "${base_tags_stable}" | sed 's#@RGSTRY@#quay.io/#g')" \
| tee -a "${GITHUB_ENV}"
echo "tags_stable_vw=${tags_stable_vw:+${tags_stable_vw},}$(echo "${base_tags_stable_vw}" | sed 's#@RGSTRY@#quay.io/#g')" \
| tee -a "${GITHUB_ENV}"
echo "tags_nightly=${tags_nightly:+${tags_nightly},}$(echo "${base_tags_nightly}" | sed 's#@RGSTRY@#quay.io/#g')" \
| tee -a "${GITHUB_ENV}"
- name: Determine Docker Build Cache
id: docker_cache
run: |
#
function github_output () {
echo "${1}=${2}" | tee -a "${GITHUB_OUTPUT}"
}
#
# Check if we are running this via act or not and determine the caching method
if [[ -n "${ACT}" ]]; then
github_output "cache_from" "blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}"
github_output "cache_to" ""
else
github_output "cache_from" "type=gha,scope=${{ matrix.env.IMAGE_TAG }}"
github_output "cache_to" "type=gha,scope=${{ matrix.env.IMAGE_TAG }}"
fi
#
# ###
# Rust Current Stable
- name: Determine Toolchain Postfix - Rust Current Stable
if: ${{ matrix.env.IMAGE_TAG == 'armv7-musleabihf' || matrix.env.IMAGE_TAG == 'arm-musleabi' }}
shell: bash
run: |
echo "STABLE_TOOLCHAIN_POSTFIX=${{ needs.build_vars.outputs.stable_toolchain_postfix }}" | tee -a "${GITHUB_ENV}"
- name: Docker Build - Rust Current Stable
# Skip during nightly builds
if: ${{ needs.build_vars.outputs.stable_trigger || !needs.build_vars.outputs.nightly_trigger }}
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
# Set load to true so that we can test the builded image in the next step
load: ${{ !env.ACT }}
# Do not push the image just yet, we first want to test it
push: false
file: ./Dockerfile.musl-base
build-args: |
TARGET=${{ matrix.env.TARGET }}
IMAGE_TAG=${{ matrix.env.IMAGE_TAG }}${{ env.STABLE_TOOLCHAIN_POSTFIX }}
OPENSSL_ARCH=${{ matrix.env.OPENSSL_ARCH }}
ARCH_CPPFLAGS=${{ matrix.env.ARCH_CPPFLAGS }}
RUST_CHANNEL=stable
RUSTC_HASH=${{ needs.build_vars.outputs.stable_hash }}
tags: blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-test
cache-from: ${{ steps.docker_cache.outputs.cache_from }}
cache-to: ${{ steps.docker_cache.outputs.cache_to }}
- name: Test Docker Image - Rust Current Stable
# Skip during nightly builds
if: ${{ needs.build_vars.outputs.stable_trigger || !needs.build_vars.outputs.nightly_trigger }}
run: |
# Run the test
docker run --rm \
-v cargo-cache-${{ matrix.env.IMAGE_TAG }}:/root/.cargo/registry \
-v "$(pwd)/test/multicrate":/home/rust/src \
--tmpfs /home/rust/src/target:rw,exec,mode=1777 \
-e RUST_BACKTRACE=1 \
-e RUSTFLAGS="${{ matrix.env.XTRA_RUSTFLAGS }}-Clink-arg=-s" \
blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-test bash -c 'rm -vf Cargo.lock ; cargo -Vv ; rustc -Vv ; cargo update ; cargo build --release'
- name: Test Docker Image (PQ15) - Rust Current Stable
# Skip during nightly builds
if: ${{ needs.build_vars.outputs.stable_trigger || !needs.build_vars.outputs.nightly_trigger }}
continue-on-error: true
run: |
# Run the test
docker run --rm \
-v cargo-cache-${{ matrix.env.IMAGE_TAG }}:/root/.cargo/registry \
-v "$(pwd)/test/multicrate":/home/rust/src \
--tmpfs /home/rust/src/target:rw,exec,mode=1777 \
-e RUST_BACKTRACE=1 \
-e PQ_LIB_DIR="/usr/local/musl/pq15/lib" \
-e RUSTFLAGS="${{ matrix.env.XTRA_RUSTFLAGS }}-Clink-arg=-s" \
blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-test bash -c 'rm -vf Cargo.lock ; cargo -Vv ; rustc -Vv ; cargo update ; cargo build --release'
- name: Docker Push - Rust Current Stable
# Skip during nightly builds
if: ${{ needs.build_vars.outputs.stable_trigger || !needs.build_vars.outputs.nightly_trigger }}
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
# Run this step also when using `act`, but do not push the images when build locally
push: ${{ !env.ACT }}
file: ./Dockerfile.musl-base
build-args: |
TARGET=${{ matrix.env.TARGET }}
IMAGE_TAG=${{ matrix.env.IMAGE_TAG }}${{ env.STABLE_TOOLCHAIN_POSTFIX }}
OPENSSL_ARCH=${{ matrix.env.OPENSSL_ARCH }}
ARCH_CPPFLAGS=${{ matrix.env.ARCH_CPPFLAGS }}
RUST_CHANNEL=stable
RUSTC_HASH=${{ needs.build_vars.outputs.stable_hash }}
tags: ${{ env.tags_stable }}
cache-from: ${{ steps.docker_cache.outputs.cache_from }}
cache-to: ${{ steps.docker_cache.outputs.cache_to }}
# ###
# Rust Vaultwarden Stable
- name: Determine Toolchain Postfix - Rust Vaultwarden Stable
if: ${{ matrix.env.IMAGE_TAG == 'armv7-musleabihf' || matrix.env.IMAGE_TAG == 'arm-musleabi' }}
shell: bash
run: |
echo "VAULTWARDEN_TOOLCHAIN_POSTFIX=${{ needs.build_vars.outputs.vaultwarden_toolchain_postfix }}" | tee -a "${GITHUB_ENV}"
- name: Docker Build - Rust Vaultwarden Stable
# Skip during nightly builds
if: ${{ needs.build_vars.outputs.stable_version != needs.build_vars.outputs.vaultwarden_version && (needs.build_vars.outputs.stable_trigger || !needs.build_vars.outputs.nightly_trigger) }}
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
# Set load to true so that we can test the builded image in the next step
load: ${{ !env.ACT }}
# Do not push the image just yet, we first want to test it
push: false
file: ./Dockerfile.musl-base
build-args: |
TARGET=${{ matrix.env.TARGET }}
IMAGE_TAG=${{ matrix.env.IMAGE_TAG }}${{ env.VAULTWARDEN_TOOLCHAIN_POSTFIX }}
OPENSSL_ARCH=${{ matrix.env.OPENSSL_ARCH }}
ARCH_CPPFLAGS=${{ matrix.env.ARCH_CPPFLAGS }}
RUST_CHANNEL=${{ needs.build_vars.outputs.vaultwarden_version }}
tags: blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-vw-test
cache-from: ${{ steps.docker_cache.outputs.cache_from }}
cache-to: ${{ steps.docker_cache.outputs.cache_to }}
- name: Test Docker Image - Rust Vaultwarden Stable
# Skip during nightly builds
if: ${{ needs.build_vars.outputs.stable_version != needs.build_vars.outputs.vaultwarden_version && (needs.build_vars.outputs.stable_trigger || !needs.build_vars.outputs.nightly_trigger) }}
run: |
# Run the test
docker run --rm \
-v cargo-cache:/root/.cargo/registry \
-v "$(pwd)/test/multicrate":/home/rust/src \
--tmpfs /home/rust/src/target:rw,exec,mode=1777 \
-e RUST_BACKTRACE=1 \
-e RUSTFLAGS="${{ matrix.env.XTRA_RUSTFLAGS }}-Clink-arg=-s" \
blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-vw-test bash -c 'rm -vf Cargo.lock ; cargo -Vv ; rustc -Vv ; cargo update ; cargo build --release'
- name: Test Docker Image (PQ15) - Rust Vaultwarden Stable
# Skip during nightly builds
if: ${{ needs.build_vars.outputs.stable_version != needs.build_vars.outputs.vaultwarden_version && (needs.build_vars.outputs.stable_trigger || !needs.build_vars.outputs.nightly_trigger) }}
continue-on-error: true
run: |
# Run the test
docker run --rm \
-v cargo-cache:/root/.cargo/registry \
-v "$(pwd)/test/multicrate":/home/rust/src \
--tmpfs /home/rust/src/target:rw,exec,mode=1777 \
-e RUST_BACKTRACE=1 \
-e PQ_LIB_DIR="/usr/local/musl/pq15/lib" \
-e RUSTFLAGS="${{ matrix.env.XTRA_RUSTFLAGS }}-Clink-arg=-s" \
blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-vw-test bash -c 'rm -vf Cargo.lock ; cargo -Vv ; rustc -Vv ; cargo update ; cargo build --release'
- name: Docker Push - Rust Vaultwarden Stable
# Skip during nightly builds
if: ${{ needs.build_vars.outputs.stable_version != needs.build_vars.outputs.vaultwarden_version && (needs.build_vars.outputs.stable_trigger || !needs.build_vars.outputs.nightly_trigger) }}
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
# Run this step also when using `act`, but do not push the images when build locally
push: ${{ !env.ACT }}
file: ./Dockerfile.musl-base
build-args: |
TARGET=${{ matrix.env.TARGET }}
IMAGE_TAG=${{ matrix.env.IMAGE_TAG }}${{ env.VAULTWARDEN_TOOLCHAIN_POSTFIX }}
OPENSSL_ARCH=${{ matrix.env.OPENSSL_ARCH }}
ARCH_CPPFLAGS=${{ matrix.env.ARCH_CPPFLAGS }}
RUST_CHANNEL=${{ needs.build_vars.outputs.vaultwarden_version }}
tags: ${{ env.tags_stable_vw }}
cache-from: ${{ steps.docker_cache.outputs.cache_from }}
cache-to: ${{ steps.docker_cache.outputs.cache_to }}
# ###
# Rust Nightly
- name: Determine Toolchain Postfix - Rust Vaultwarden Stable
if: ${{ matrix.env.IMAGE_TAG == 'armv7-musleabihf' || matrix.env.IMAGE_TAG == 'arm-musleabi' }}
shell: bash
run: |
echo "NIGHTLY_TOOLCHAIN_POSTFIX=${{ needs.build_vars.outputs.nightly_toolchain_postfix }}" | tee -a "${GITHUB_ENV}"
- name: Docker Build - Rust Nightly
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
# Set load to true so that we can test the builded image in the next step
load: ${{ !env.ACT }}
# Do not push the image just yet, we first want to test it
push: false
file: ./Dockerfile.musl-base
build-args: |
TARGET=${{ matrix.env.TARGET }}
IMAGE_TAG=${{ matrix.env.IMAGE_TAG }}${{ env.NIGHTLY_TOOLCHAIN_POSTFIX }}
OPENSSL_ARCH=${{ matrix.env.OPENSSL_ARCH }}
ARCH_CPPFLAGS=${{ matrix.env.ARCH_CPPFLAGS }}
RUST_CHANNEL=nightly-${{ needs.build_vars.outputs.nightly_date }}
tags: blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-nightly-test
cache-from: ${{ steps.docker_cache.outputs.cache_from }}
cache-to: ${{ steps.docker_cache.outputs.cache_to }}
- name: Test Docker Image - Rust Nightly
run: |
# Run the test
docker run --rm \
-v cargo-cache:/root/.cargo/registry \
-v "$(pwd)/test/multicrate":/home/rust/src \
--tmpfs /home/rust/src/target:rw,exec,mode=1777 \
-e RUST_BACKTRACE=1 \
-e RUSTFLAGS="${{ matrix.env.XTRA_RUSTFLAGS }}-Clink-arg=-s" \
blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-nightly-test bash -c 'rm -vf Cargo.lock ; cargo -Vv ; rustc -Vv ; cargo update ; cargo build --release'
- name: Test Docker Image (PQ15) - Rust Nightly
continue-on-error: true
run: |
# Run the test
docker run --rm \
-v cargo-cache:/root/.cargo/registry \
-v "$(pwd)/test/multicrate":/home/rust/src \
--tmpfs /home/rust/src/target:rw,exec,mode=1777 \
-e RUST_BACKTRACE=1 \
-e PQ_LIB_DIR="/usr/local/musl/pq15/lib" \
-e RUSTFLAGS="${{ matrix.env.XTRA_RUSTFLAGS }}-Clink-arg=-s" \
blackdex/rust-musl:${{ matrix.env.IMAGE_TAG }}-nightly-test bash -c 'rm -vf Cargo.lock ; cargo -Vv ; rustc -Vv ; cargo update ; cargo build --release'
- name: Docker Push - Rust Nightly
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
# Run this step also when using `act`, but do not push the images when build locally
push: ${{ !env.ACT }}
file: ./Dockerfile.musl-base
build-args: |
TARGET=${{ matrix.env.TARGET }}
IMAGE_TAG=${{ matrix.env.IMAGE_TAG }}${{ env.NIGHTLY_TOOLCHAIN_POSTFIX }}
OPENSSL_ARCH=${{ matrix.env.OPENSSL_ARCH }}
ARCH_CPPFLAGS=${{ matrix.env.ARCH_CPPFLAGS }}
RUST_CHANNEL=nightly-${{ needs.build_vars.outputs.nightly_date }}
tags: ${{ env.tags_nightly }}
cache-from: ${{ steps.docker_cache.outputs.cache_from }}
cache-to: ${{ steps.docker_cache.outputs.cache_to }}