aro/.github/workflows/docker.yml at main · arolang/aro · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# =============================================================================
# ARO Docker Images - Multi-Platform Build Pipeline
# =============================================================================
# Builds and publishes aro-buildsystem and aro-runtime Docker images
# to GitHub Container Registry (ghcr.io)
# =============================================================================

name: Docker

on:
  push:
    branches:
      - main
    tags:
      - '*'
  pull_request:
    branches:
      - main
    paths:
      - 'docker/**'
      - '.github/workflows/docker.yml'

env:
  REGISTRY: ghcr.io
  BUILDSYSTEM_IMAGE: ghcr.io/arolang/aro-buildsystem
  RUNTIME_IMAGE: ghcr.io/arolang/aro-runtime

jobs:
  # ===========================================================================
  # Build and Push Docker Images
  # ===========================================================================
  build-images:
    name: Build Docker Images
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Log in to GitHub Container Registry
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract metadata for buildsystem
        id: meta-buildsystem
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.BUILDSYSTEM_IMAGE }}
          tags: |
            type=ref,event=branch
            type=ref,event=tag
            type=sha,prefix=
            type=raw,value=latest,enable={{is_default_branch}}

      - name: Extract metadata for runtime
        id: meta-runtime
        uses: docker/metadata-action@v5
        with:
          images: ${{ env.RUNTIME_IMAGE }}
          tags: |
            type=ref,event=branch
            type=ref,event=tag
            type=sha,prefix=
            type=raw,value=latest,enable={{is_default_branch}}

      # Build runtime image first (simpler, no ARO build required)
      - name: Build and push runtime image
        uses: docker/build-push-action@v6
        with:
          context: ./docker/runtime
          file: ./docker/runtime/Dockerfile
          platforms: linux/amd64,linux/arm64
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta-runtime.outputs.tags }}
          labels: ${{ steps.meta-runtime.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max

      # Build buildsystem image (includes ARO CLI)
      - name: Build and push buildsystem image
        uses: docker/build-push-action@v6
        with:
          context: ./docker/buildsystem
          file: ./docker/buildsystem/Dockerfile
          platforms: linux/amd64,linux/arm64
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.meta-buildsystem.outputs.tags }}
          labels: ${{ steps.meta-buildsystem.outputs.labels }}
          build-args: |
            ARO_VERSION=${{ github.ref_name }}
          cache-from: type=gha
          cache-to: type=gha,mode=max

  # ===========================================================================
  # Test Docker Images
  # ===========================================================================
  test-images:
    name: Test Docker Images
    needs: build-images
    runs-on: ubuntu-latest
    if: github.event_name != 'pull_request'

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Test buildsystem image
        run: |
          docker run --rm ${{ env.BUILDSYSTEM_IMAGE }}:latest --version
          docker run --rm -v ${{ github.workspace }}/Examples/HelloWorld:/app ${{ env.BUILDSYSTEM_IMAGE }}:latest check .

      - name: Test runtime image
        run: |
          # Build a test binary using buildsystem
          docker run --rm -v ${{ github.workspace }}/Examples/HelloWorld:/app ${{ env.BUILDSYSTEM_IMAGE }}:latest build . -o hello

          # Run it using runtime image
          docker run --rm -v ${{ github.workspace }}/Examples/HelloWorld:/app ${{ env.RUNTIME_IMAGE }}:latest /app/hello || echo "Binary execution test (may require interactive terminal)"