build: add nix #576

Workflow file for this run

	name: CI

	on:
	push:

	permissions:
	contents: write
	pull-requests: write

	jobs:

	# Run tests and publish amd64
	build_amd64:
	runs-on: actuated-8cpu-20gb
	concurrency:
	group: ${{ github.ref }}-amd64
	cancel-in-progress: true
	steps:
	- name: Collect Workflow Telemetry
	uses: catchpoint/workflow-telemetry-action@v1
	with:
	github_token: ${{ secrets.DASCHBOT_PAT }}
	theme: dark
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0 # gets additionally all tags which we need
	- uses: extractions/setup-just@v1
	- run: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs \| sh -s -- -y
	# selecting a toolchain either by action or manual `rustup` calls should happen
	# before the plugin, as the cache uses the current rustc version as its cache key
	- name: Add rust toolchains
	run: \|
	rustup toolchain install stable --profile minimal
	rustup toolchain install nightly --profile minimal
	rustup component add rustfmt --toolchain nightly
	- uses: Swatinem/rust-cache@v2
	- run: just check
	- run: just build
	- run: just test
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_USER }}
	password: ${{ secrets.DOCKER_HUB_TOKEN }}
	- run: just docker-build-amd64
	- name: Push image to Docker hub only on main or tag (release)
	if: (github.ref_name == 'main' \|\| startsWith(github.ref, 'refs/tags/dsp-meta-cmd'))
	run: just docker-push-amd64

	# Run tests and publish arm64
	build_arm64:
	runs-on: actuated-arm64-16cpu-20gb
	concurrency:
	group: ${{ github.ref }}-arm64
	cancel-in-progress: true
	steps:
	- name: Collect Workflow Telemetry
	uses: catchpoint/workflow-telemetry-action@v1
	with:
	github_token: ${{ secrets.DASCHBOT_PAT }}
	theme: dark
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0 # gets additionally all tags which we need
	- uses: extractions/setup-just@v1
	- run: curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs \| sh -s -- -y
	# selecting a toolchain either by action or manual `rustup` calls should happen
	# before the plugin, as the cache uses the current rustc version as its cache key
	- name: Add rust toolchains
	run: \|
	rustup toolchain install stable --profile minimal
	rustup toolchain install nightly --profile minimal
	rustup component add rustfmt --toolchain nightly
	- uses: Swatinem/rust-cache@v2
	- run: just check
	- run: just build
	- run: just test
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_USER }}
	password: ${{ secrets.DOCKER_HUB_TOKEN }}
	- run: just docker-build-arm64
	- name: Push image to Docker hub only on main or tag (release)
	if: (github.ref_name == 'main' \|\| startsWith(github.ref, 'refs/tags/dsp-meta-cmd'))
	run: just docker-push-arm64

	# Build, test for arm64
	build_arm64_buildjet:
	runs-on: buildjet-4vcpu-ubuntu-2204-arm
	concurrency:
	group: ${{ github.ref }}-buildjet-arm64
	cancel-in-progress: true
	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0 # gets additionally all tags which we need
	- uses: extractions/setup-just@v1
	- uses: actions-rust-lang/setup-rust-toolchain@v1
	with:
	cache: false
	components: rustfmt, clippy
	toolchain: nightly
	- uses: buildjet/cache@v3
	with:
	path: \|
	~/.cargo/bin/
	~/.cargo/registry/index/
	~/.cargo/registry/cache/
	~/.cargo/git/db/
	target/
	key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
	- run: just check
	- run: just build
	- run: just test


	# publish manifest combining aarch64 and amd64 images
	publish_manifest:
	name: Build and Publish Manifest to Dockerhub
	runs-on: ubuntu-latest
	needs: [ build_amd64, build_arm64 ]
	if: (github.ref_name == 'main' \|\| startsWith(github.ref, 'refs/tags/dsp-meta-cmd'))
	outputs:
	tag: ${{ steps.output_docker_image_tag.outputs.tag }}
	steps:
	- uses: actions/checkout@v3
	with:
	fetch-depth: 0
	- uses: extractions/setup-just@v1
	- uses: docker/login-action@v2
	with:
	username: ${{ secrets.DOCKER_USER }}
	password: ${{ secrets.DOCKER_HUB_TOKEN }}
	- name: Output docker image tag
	id: output_docker_image_tag
	run: echo "tag=$(just docker-image-tag \| tr -d '\n')" >> "$GITHUB_OUTPUT"
	shell: bash # Explicit for fail-fast behaviour
	- run: just docker-publish-manifest

	trigger-dev-deployment:
	name: Trigger deployment to DEV
	runs-on: ubuntu-latest
	needs: publish_manifest
	if: github.ref_name == 'main'
	steps:
	- name: Trigger deployment to DEV
	env:
	IMAGE_TAG: ${{ needs.publish_manifest.outputs.tag }}
	JENKINS_BASIC_AUTH_USER: ${{ secrets.JENKINS_BASIC_AUTH_USER }}
	JENKINS_BASIC_AUTH_PASS: ${{ secrets.JENKINS_BASIC_AUTH_PASS }}
	JENKINS_UPDATE_RELEASE_WEBHOOK: ${{ secrets.JENKINS_UPDATE_RELEASE_WEBHOOK }}
	run: \|
	curl -f -u "${JENKINS_BASIC_AUTH_USER}:${JENKINS_BASIC_AUTH_PASS}" \
	-X POST "${JENKINS_UPDATE_RELEASE_WEBHOOK}" \
	-d "Service=meta&Version=${IMAGE_TAG}"

	release-please:
	runs-on: ubuntu-latest
	steps:
	- uses: google-github-actions/release-please-action@v4
	with:
	token: ${{ secrets.DASCHBOT_PAT }}
	config-file: .github/release-please/config.json
	manifest-file: .github/release-please/manifest.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build: add nix #576

Workflow file

build: add nix #576

Jobs

Run details

Workflow file for this run