1.8.1 #38

Workflow file for this run

.github/workflows/release-artifacts.yaml at 0279208

	name: Test Docker manifest
	on:
	release:
	types: [published]
	workflow_dispatch:
	inputs:
	release_tag:
	description: "The release tag to target"

	permissions:
	id-token: write
	contents: write
	packages: write

	jobs:
	start-runner:
	name: Start EC2 runner
	runs-on: ubuntu-latest
	outputs:
	instance_id: ${{ steps.invoke-start.outputs.INSTANCE_ID }}
	steps:
	- uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.EC2_ROLE }}
	aws-region: ${{ vars.EC2_REGION }}
	- name: Start EC2 instance
	id: invoke-start
	env:
	GH_TOKEN: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
	EC2_START: ${{ secrets.EC2_START }}
	run: \|
	RUNNER_TOKEN=$(gh api -X POST -q '.token' /repos/${{ github.repository }}/actions/runners/registration-token)
	aws lambda invoke \
	--cli-binary-format raw-in-base64-out \
	--function-name "$EC2_START" \
	--payload '{"ref_name":"${{ github.ref_name }}","runner_token":"'"${RUNNER_TOKEN}"'"}' \
	response.json
	INSTANCE_ID=$(jq -r '.body.instance_id' < response.json)
	echo "INSTANCE_ID=${INSTANCE_ID}" >>"$GITHUB_OUTPUT"
	echo "Got EC2 instance ${INSTANCE_ID}"
	echo 'Waiting for GitHub runner to start'
	while [[ -z "$(gh api /repos/${{ github.repository }}/actions/runners \| jq '.runners[] \| select(.name == "ec2-spot")')" ]]; do
	sleep 60
	done
	echo 'Done 🎉'

	stop-runner:
	name: Stop EC2 runner
	runs-on: ubuntu-latest
	# Ensure that `stop-runner` will always stop the EC2 instance, even if other jobs failed or were canceled
	if: ${{ always() }}
	needs:
	- start-runner
	- docker-multiplatform-image
	steps:
	- uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.EC2_ROLE }}
	aws-region: ${{ vars.EC2_REGION }}
	- name: Delete GitHub Runner
	env:
	GH_TOKEN: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
	run: \|
	RUNNER_ID=$(gh api /repos/${{ github.repository }}/actions/runners \| jq '.runners[] \| select(.name == "ec2-spot") \| .id')
	if [[ -n "${RUNNER_ID}" ]]; then
	gh api -X DELETE /repos/${{ github.repository }}/actions/runners/${RUNNER_ID}
	fi
	- name: Lambda Invoke Stop
	env:
	EC2_STOP: ${{ secrets.EC2_STOP }}
	run: \|
	aws lambda invoke \
	--cli-binary-format raw-in-base64-out \
	--function-name "$EC2_STOP" \
	--payload '{"instance_id":"${{ needs.start-runner.outputs.instance_id }}"}' \
	response.json
	cat response.json

	release-artifacts:
	name: "Build Nickel binary and Docker image"
	strategy:
	matrix:
	os:
	- runs-on: ubuntu-latest
	architecture: x86_64
	- runs-on: [EC2, ARM64, Linux]
	architecture: arm64
	runs-on: ${{ matrix.os.runs-on }}
	needs:
	- start-runner
	steps:
	- uses: actions/checkout@v4
	with:
	ref: ${{ github.event_name == 'release' && '' \|\| github.event.inputs.release_tag }}
	- uses: cachix/install-nix-action@V27
	name: "Installing Nix"
	with:
	extra_nix_config: \|
	experimental-features = nix-command flakes
	accept-flake-config = true
	nix_path: "nixpkgs=channel:nixos-unstable"
	- name: "Build static binary"
	run: \|
	nix build --log-format raw-with-logs .#nickel-static
	cp ./result/bin/nickel nickel-${{ matrix.os.architecture }}-linux
	- name: "Upload static binary as release asset"
	env:
	GH_TOKEN: ${{ github.token }}
	RELEASE_TAG: ${{ github.event_name == 'release' && github.event.release.tag_name \|\| github.event.inputs.release_tag }}
	run: \|
	gh release upload --clobber $RELEASE_TAG nickel-${{ matrix.os.architecture }}-linux
	- id: build-image
	name: "Build docker image"
	run: \|
	nix build --log-format raw-with-logs .#dockerImage
	cp ./result nickel-${{ matrix.os.architecture }}-docker-image.tar.gz
	echo "imageName=$(nix eval --raw .#dockerImage.imageName)" >> "$GITHUB_OUTPUT"
	echo "imageTag=$(nix eval --raw .#dockerImage.imageTag)" >> "$GITHUB_OUTPUT"
	- name: "Upload docker image as release asset"
	env:
	GH_TOKEN: ${{ github.token }}
	RELEASE_TAG: ${{ github.event_name == 'release' && github.event.release.tag_name \|\| github.event.inputs.release_tag }}
	run: \|
	gh release upload --clobber $RELEASE_TAG nickel-${{ matrix.os.architecture }}-docker-image.tar.gz
	- name: Log in to registry
	# This is where you will update the personal access token to GITHUB_TOKEN
	run: echo "${{ secrets.GITHUB_TOKEN }}" \| docker login ghcr.io -u $ --password-stdin
	- name: Push image
	env:
	RELEASE_TAG: ${{ github.event_name == 'release' && github.event.release.tag_name \|\| github.event.inputs.release_tag }}
	TARBALL_TAG: ${{ steps.build-image.outputs.imageName }}:${{ steps.build-image.outputs.imageTag }}
	run: \|
	docker load -i nickel-${{ matrix.os.architecture }}-docker-image.tar.gz
	docker tag "$TARBALL_TAG" ghcr.io/tweag/nickel:$RELEASE_TAG-${{ matrix.os.architecture}}
	docker push ghcr.io/tweag/nickel:$RELEASE_TAG-${{ matrix.os.architecture}}

	docker-multiplatform-image:
	name: "Assemble multi-platform Docker image"
	runs-on: ubuntu-latest
	needs: release-artifacts
	steps:
	- name: Log in to registry
	run: echo "${{ secrets.GITHUB_TOKEN }}" \| docker login ghcr.io -u $ --password-stdin
	- name: Assemble and push image
	env:
	RELEASE_TAG: ${{ github.event_name == 'release' && github.event.release.tag_name \|\| github.event.inputs.release_tag }}
	run: \|
	docker buildx imagetools create -t ghcr.io/tweag/nickel:$RELEASE_TAG ghcr.io/tweag/nickel:$RELEASE_TAG-x86_64 ghcr.io/tweag/nickel:$RELEASE_TAG-arm64
	docker buildx imagetools inspect ghcr.io/tweag/nickel:$RELEASE_TAG

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

1.8.1 #38

Workflow file

1.8.1 #38

Jobs

Run details

Workflow file for this run