aarch64 Nix builds in CI #117

Workflow file for this run

	name: CI

	on:
	push:
	branches: [master]
	pull_request:

	permissions:
	contents: read # to fetch code (actions/checkout)

	env:
	nix_path: nixpkgs=channel:nixos-24.05

	jobs:
	test:
	name: Test code
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup Rust
	uses: dtolnay/rust-toolchain@stable
	- name: Cache Rust
	uses: Swatinem/rust-cache@v2
	with:
	prefix-key: "v0-rust-test"

	- name: Check formatting
	run: cargo fmt --check

	- name: Clippy
	run: cargo clippy

	- name: Tests
	run: cargo test

	build-nix:
	name: Build Nix
	runs-on: ubuntu-latest
	strategy:
	matrix:
	target: [x86_64, aarch64]
	needs: test
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup Nix
	uses: cachix/install-nix-action@v25
	with:
	nix_path: "${{ env.nix_path }}"
	- name: Setup cachix
	uses: cachix/cachix-action@v14
	with:
	name: cofob
	authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	with:
	platforms: aarch64

	- name: Build derivation
	run: \|
	nix --system ${{ matrix.target }}-linux build .#fastside

	build-linux:
	name: Build Linux
	runs-on: ubuntu-latest
	needs: test
	strategy:
	matrix:
	target: [x86_64-unknown-linux-gnu, x86_64-unknown-linux-musl, aarch64-unknown-linux-musl]
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup Rust
	uses: dtolnay/rust-toolchain@stable
	with:
	targets: ${{ matrix.target }}
	- name: Cache Rust
	uses: Swatinem/rust-cache@v2
	with:
	prefix-key: "v0-rust-${{ matrix.target }}"
	- name: Install dependencies
	run: \|
	sudo apt-get update
	sudo apt-get install -y musl-tools

	- name: Build
	run: \|
	if [[ "${{ matrix.target }}" == "x86_64-unknown-linux-gnu" \|\| "${{ matrix.target }}" == "x86_64-unknown-linux-musl" ]]; then
	cargo build --release --bins --target ${{ matrix.target }}
	elif [[ "${{ matrix.target }}" == "aarch64-unknown-linux-musl" ]]; then
	docker run \
	--rm \
	-v "$(pwd)":/home/rust/src \
	messense/rust-musl-cross:aarch64-musl \
	cargo build --color always --release --bins --target aarch64-unknown-linux-musl
	fi

	- name: Collect artifacts
	run: \|
	mkdir dist-${{ matrix.target }}
	cp target/${{ matrix.target }}/release/fastside dist-${{ matrix.target }}/
	cp target/${{ matrix.target }}/release/fastside-actualizer dist-${{ matrix.target }}/

	- name: Upload artifact
	uses: actions/upload-artifact@v4
	with:
	name: fastside-${{ matrix.target }}
	path: dist-${{ matrix.target }}
	compression-level: 9

	docker:
	name: Build Docker container
	runs-on: ubuntu-latest
	needs: build-nix
	permissions:
	contents: read
	packages: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Setup Nix
	uses: cachix/install-nix-action@v25
	with:
	nix_path: "${{ env.nix_path }}"
	- name: Setup cachix
	uses: cachix/cachix-action@v14
	with:
	name: cofob
	authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	with:
	platforms: aarch64

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Lowercase repository name
	id: repo
	uses: ASzc/change-string-case-action@v6
	with:
	string: ${{ github.repository }}

	- name: Docker meta (remote)
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ghcr.io/${{ steps.repo.outputs.lowercase }}
	tags: \|
	type=schedule
	type=ref,event=pr
	type=semver,pattern={{version}}
	type=semver,pattern={{major}}.{{minor}}
	type=semver,pattern={{major}}
	type=sha
	type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }}

	- name: Build remote (x86_64)
	run: \|
	nix --system x86_64-linux build .#fastside-docker
	docker load < result
	docker tag fastside x86_64

	- name: Build remote (aarch64)
	run: \|
	nix --system aarch64-linux build .#fastside-docker
	docker load < result
	docker tag fastside aarch64

	- name: Build baked (x86_64)
	run: \|
	nix --system x86_64-linux build .#fastside-docker-baked-services
	docker load < result
	docker tag fastside x86_64-baked

	- name: Build baked (aarch64)
	run: \|
	nix --system aarch64-linux build .#fastside-docker-baked-services
	docker load < result
	docker tag fastside aarch64-baked

	- name: Construct remote
	run: \|
	docker manifest create \
	remote \
	--amend x86_64
	--amend aarch64

	- name: Construct baked
	run: \|
	docker manifest create \
	baked \
	--amend x86_64-baked
	--amend aarch64-baked

	- name: Push to registry
	run: \|
	tags="${{ steps.meta.outputs.tags }}"
	for tag in $tags; do
	echo "Pushing $tag"
	docker tag remote $tag
	docker push $tag
	done

	for tag in $tags; do
	mod_tag="$tag-baked"
	echo "Pushing $mod_tag"
	docker tag baked $mod_tag
	docker push $mod_tag
	done

	test-services:
	name: Test services
	runs-on: ubuntu-latest
	needs: build-nix
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Path filter
	uses: dorny/paths-filter@v3
	id: filter
	with:
	filters: \|
	services:
	- 'services.json'
	- name: Setup Nix
	if: steps.filter.outputs.services == 'true'
	uses: cachix/install-nix-action@v25
	with:
	nix_path: "${{ env.nix_path }}"
	- name: Setup cachix
	if: steps.filter.outputs.services == 'true'
	uses: cachix/cachix-action@v14
	with:
	name: cofob
	authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"

	- name: Run tests
	if: steps.filter.outputs.services == 'true'
	run: nix run . -- validate

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

aarch64 Nix builds in CI #117

Workflow file

aarch64 Nix builds in CI #117

Jobs

Run details

Workflow file for this run