diff --git a/.github/workflows/mmbm-deploy.yml b/.github/workflows/mmbm-deploy.yml index 76650d45..45928765 100644 --- a/.github/workflows/mmbm-deploy.yml +++ b/.github/workflows/mmbm-deploy.yml @@ -6,10 +6,65 @@ on: jobs: deploy: runs-on: ubuntu-latest + container: swift:6.0-noble steps: - name: Checkout uses: actions/checkout@v4 + - name: Install zstd + run: | + apt-get update -y + apt-get install -y zstd + + - name: Restore .build + id: "restore-build" + uses: actions/cache/restore@v4 + with: + path: .build + key: "swiftpm-deploy-build-${{ runner.os }}-${{ github.event.pull_request.base.sha || github.event.after }}" + restore-keys: "swiftpm-deploy-build-${{ runner.os }}-" + + - name: Build App + run: | + apt-get update -y + apt-get install -y libjemalloc-dev + swift build \ + -c release \ + --static-swift-stdlib \ + -Xlinker -ljemalloc \ + $([ -f ./Package.resolved ] && echo "--force-resolved-versions" || true) + + - name: Cache .build + if: steps.restore-build.outputs.cache-hit != 'true' + uses: actions/cache/save@v4 + with: + path: .build + key: "swiftpm-deploy-build-${{ runner.os }}-${{ github.event.pull_request.base.sha || github.event.after }}" + + - name: Install Docker + run: | + set -eu + + # https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository + + # Add Docker's official GPG key: + apt-get update -y + apt-get install ca-certificates curl gnupg -y + install -m 0755 -d /etc/apt/keyrings + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg + chmod a+r /etc/apt/keyrings/docker.gpg + + # Add the repository to Apt sources: + # shellcheck source=/dev/null + echo \ + "deb [arch=\"$(dpkg --print-architecture)\" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ + \"$(. /etc/os-release && echo "$VERSION_CODENAME")\" stable" | + tee /etc/apt/sources.list.d/docker.list >/dev/null + apt-get update -y + + # Install Docker: + apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y + - name: Build image run: docker build --network=host -t app:latest -f template-dockerfile . diff --git a/template-dockerfile b/template-dockerfile index 73fabfaa..258e3cf0 100644 --- a/template-dockerfile +++ b/template-dockerfile @@ -3,48 +3,24 @@ # ================================ FROM swift:6.0-noble AS build -# Install OS updates -RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ - && apt-get -q update \ - && apt-get -q dist-upgrade -y \ - && apt-get install -y libjemalloc-dev - -# Set up a build area -WORKDIR /build - -# First just resolve dependencies. -# This creates a cached layer that can be reused -# as long as your Package.swift/Package.resolved -# files do not change. -COPY ./Package.* ./ -RUN swift package resolve \ - $([ -f ./Package.resolved ] && echo "--force-resolved-versions" || true) +WORKDIR /staging # Copy entire repo into container COPY . . -# Build the application, with optimizations, with static linking, and using jemalloc -# N.B.: The static version of jemalloc is incompatible with the static Swift runtime. -RUN swift build -c release \ - --static-swift-stdlib \ - -Xlinker -ljemalloc - -# Switch to the staging area -WORKDIR /staging - # Copy main executable to staging area -RUN cp "$(swift build --package-path /build -c release --show-bin-path)/Penny" ./ +RUN cp "$(swift build -c release --show-bin-path)/Penny" ./ # Copy static swift backtracer binary to staging area RUN cp "/usr/libexec/swift/linux/swift-backtrace-static" ./ # Copy resources bundled by SPM to staging area -RUN find -L "$(swift build --package-path /build -c release --show-bin-path)/" -regex '.*\.resources$' -exec cp -Ra {} ./ \; +RUN find -L "$(swift build -c release --show-bin-path)/" -regex '.*\.resources$' -exec cp -Ra {} ./ \; # Copy any resources from the public directory and views directory if the directories exist # Ensure that by default, neither the directory nor any of its contents are writable. -RUN [ -d /build/Public ] && { mv /build/Public ./Public && chmod -R a-w ./Public; } || true -RUN [ -d /build/Resources ] && { mv /build/Resources ./Resources && chmod -R a-w ./Resources; } || true +RUN [ -d ./Public ] && { chmod -R a-w ./Public; } || true +RUN [ -d ./Resources ] && { chmod -R a-w ./Resources; } || true # ================================ # Run image