From 84f75aea3a77d1ff0772d1e0b021be1693b4c983 Mon Sep 17 00:00:00 2001 From: Tim Holmes-Mitra Date: Wed, 8 Oct 2025 13:52:09 +0100 Subject: [PATCH 1/2] ci: add arm64 docker builds --- .github/workflows/cd-image.yml | 107 +++++++++++++++++++++++++++++++++ .github/workflows/docker.yml | 67 --------------------- Dockerfile | 2 +- 3 files changed, 108 insertions(+), 68 deletions(-) create mode 100644 .github/workflows/cd-image.yml delete mode 100644 .github/workflows/docker.yml diff --git a/.github/workflows/cd-image.yml b/.github/workflows/cd-image.yml new file mode 100644 index 0000000..fcd3069 --- /dev/null +++ b/.github/workflows/cd-image.yml @@ -0,0 +1,107 @@ +name: Publish nilchain-devnet to GHCR + +on: + push: + branches: + - main + workflow_dispatch: + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + contents: read + packages: write # Required to push to GHCR + +jobs: + build-and-push-arch: + runs-on: ${{ matrix.runner }} + strategy: + fail-fast: false + matrix: + include: + - arch: amd64 + platform: linux/amd64 + runner: ubuntu-latest + - arch: arm64 + platform: linux/arm64 + runner: ubuntu-24.04-arm + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Extract metadata for version + id: meta_tag + uses: docker/metadata-action@v5 + with: + images: ghcr.io/nillionnetwork/nilchain-devnet + tags: | + type=ref,event=branch + type=ref,event=tag + type=sha,prefix= + flavor: | + latest=false + + - name: Build and push arch-specific image + uses: docker/build-push-action@v6 + with: + context: . + platforms: ${{ matrix.platform }} + push: true + tags: ghcr.io/nillionnetwork/nilchain-devnet:${{ github.sha }}-${{ matrix.arch }} + build-args: | + VERSION=${{ steps.meta_tag.outputs.version }} + cache-from: type=gha + cache-to: type=gha,mode=max + provenance: false + + create-and-push-manifest: + runs-on: ubuntu-latest + needs: build-and-push-arch + steps: + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract final tags + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/nillionnetwork/nilchain-devnet + tags: | + type=ref,event=branch + type=ref,event=tag + flavor: | + latest=false + + - name: Create and push multi-arch manifest + run: | + echo "${{ steps.meta.outputs.tags }}" > tags.txt + + while IFS= read -r tag; do + if [ -n "$tag" ]; then + echo "Creating and pushing manifest for tag: $tag" + + docker manifest create "$tag" \ + ghcr.io/nillionnetwork/nilchain-devnet:${{ github.sha }}-amd64 \ + ghcr.io/nillionnetwork/nilchain-devnet:${{ github.sha }}-arm64 + + docker manifest push "$tag" + fi + done < tags.txt diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index 75aaa8d..0000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,67 +0,0 @@ -name: Build and push docker image - -on: - workflow_dispatch: - -env: - REGISTRY: ghcr.io - IMAGE_NAME: nilchain-devnet - -jobs: - docker-build: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY }}/NillionNetwork/${{ env.IMAGE_NAME }} - tags: | - type=ref,event=branch - type=ref,event=tag - flavor: | - latest=false # Ensure 'latest' tag is not generated - - - name: Set VERSION environment variable - run: | - # Extract the first tag from the generated tags - TAG=$(echo ${{ steps.meta.outputs.tags }} | cut -d ',' -f 1) - TAG=$(echo $TAG | cut -d ':' -f 2) - echo "VERSION=$TAG" >> $GITHUB_ENV - - - name: Build Docker image - uses: docker/build-push-action@v2 - with: - context: . - tags: ${{ steps.meta.outputs.tags }} - build-args: | - VERSION=${{ env.VERSION }} - - - name: Debug tags - run: | - echo "Generated tags: ${{ steps.meta.outputs.tags }}" - echo "Generated labels: ${{ steps.meta.outputs.labels }}" - - - name: List Docker images - run: docker images - - - name: Log in to the Container registry - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Push Docker image - uses: docker/build-push-action@v2 - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - build-args: | - VERSION=${{ env.VERSION }} diff --git a/Dockerfile b/Dockerfile index d4927b5..f059adc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/nillionnetwork/nilchaind:v0.2.5 +FROM ghcr.io/nillionnetwork/nilchaind:feat-add-arm64-docker-builds WORKDIR /opt/nilchain From 2a59aa0e1dfa7840daff0a8e78927c7bfd005e24 Mon Sep 17 00:00:00 2001 From: Tim Holmes-Mitra Date: Wed, 8 Oct 2025 14:25:27 +0100 Subject: [PATCH 2/2] feat: track `nilchaind:main` in Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index f059adc..bf64bf2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/nillionnetwork/nilchaind:feat-add-arm64-docker-builds +FROM ghcr.io/nillionnetwork/nilchaind:main WORKDIR /opt/nilchain