Skip to content

update: bump rustix to fix a security issue (#244) #149

update: bump rustix to fix a security issue (#244)

update: bump rustix to fix a security issue (#244) #149

# Copyright 2022 VMware, Inc.
# SPDX-License-Identifier: Apache-2.0
name: Container Build Preview
on:
push:
branches: [ "main" ]
env:
CARGO_TERM_COLOR: always
REGISTRY: ghcr.io
IMAGE_NAME: vmware-labs/wws
jobs:
build-binaries:
name: Build Rust binaries
runs-on: ubuntu-latest
strategy:
matrix:
arch: [ "aarch64", "x86_64" ]
include:
- arch: x86_64
cross: false
platform: unknown-linux-musl
- arch: aarch64
cross: true
platform: unknown-linux-musl
env:
# This variable can be overriden with `cross` for builds that
# requires it. By default, we will compile everything using cargo.
CARGO: cargo
steps:
- uses: actions/checkout@v3
- name: Install cross
if: matrix.cross == true
run: |
cargo install cross
echo "CARGO=cross" >> $GITHUB_ENV
- name: Install target
if: matrix.cross == false
run: rustup target add ${{ matrix.arch }}-${{ matrix.platform }}
- name: Install deps
if: matrix.cross == false
run: |
sudo apt-get update
sudo apt-get install musl-tools
- name: Build
run: ${{env.CARGO}} build --release --target=${{ matrix.arch }}-${{ matrix.platform }} --features vendored-openssl
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: wws-${{ matrix.arch }}
path: target/${{ matrix.arch }}-${{ matrix.platform }}/release/wws
build-container-image:
name: Build Container Image
runs-on: ubuntu-latest
needs:
- build-binaries
steps:
- name: Repository clone
uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Package Registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Download wws-x86_64
uses: actions/download-artifact@v3
with:
name: wws-x86_64
path: binaries/x86_64
- name: Download wws-aarch64
uses: actions/download-artifact@v3
with:
name: wws-aarch64
path: binaries/aarch64
- name: Move binaries and rename
run: |
mv binaries/x86_64/wws wws-amd64
mv binaries/aarch64/wws wws-arm64
- name: Build and push
uses: docker/build-push-action@v3
with:
context: .
file: image/Prebuilt.dockerfile
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:preview