ci: automate quic-network-simulator docker image build & push

.dockerignore

@@ -0,0 +1,3 @@
+nss
+nspr
+target

.github/workflows/check.yml

@@ -127,3 +127,51 @@ jobs:
           file: lcov.info
           fail_ci_if_error: false
           token: ${{ secrets.CODECOV_TOKEN }}
+
+  qns-docker-image: # Docker image for QUIC network simulator i.e. interop runner (https://github.com/quic-interop/quic-interop-runner)
+    needs: check
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Extract Rust version
+        id: rust-version
+        run: |
+          RUST_VERSION=$(grep -m1 'rust-version' neqo-common/Cargo.toml | cut -d '"' -f 2)
+          echo "::set-output name=version::$RUST_VERSION"
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ github.token }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}-qns
+          tags: |
+            # default
+            type=schedule
+            type=ref,event=branch
+            type=ref,event=tag
+            type=ref,event=pr
+            # set latest tag for default branch
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          file: qns/Dockerfile
+          build-args: |
+            RUST_VERSION=${{ steps.rust-version.outputs.version }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

qns/Dockerfile

@@ -10,10 +10,11 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
  && apt-get autoremove -y && apt-get clean -y \
  && rm -rf /var/lib/apt/lists/*
 
+ARG RUST_VERSION
+
 ENV RUSTUP_HOME=/usr/local/rustup \
     CARGO_HOME=/usr/local/cargo \
-    PATH=/usr/local/cargo/bin:$PATH \
-    RUST_VERSION=1.45.2
+    PATH=/usr/local/cargo/bin:$PATH
 
 RUN set -eux; \
     curl -sSLf "https://static.rust-lang.org/rustup/archive/1.22.1/x86_64-unknown-linux-gnu/rustup-init" -o rustup-init; \
@@ -33,35 +34,22 @@ RUN set -eux; \
 
 RUN "$NSS_DIR"/build.sh --static -Ddisable_tests=1 -o
 
-# Copy the .git directory from the local clone so that it is possible to create
-# an image that includes local updates.
-RUN mkdir -p /neqo-reference
-ADD . /neqo-reference
-RUN if [ -d /neqo-reference/.git ]; then \
-      source=/neqo-reference; \
-    else \
-      source=https://github.com/mozilla/neqo; \
-    fi; \
-    git clone --depth 1 --branch "$NEQO_BRANCH" "$source" /neqo; \
-    rm -rf /neqo-reference
+ADD . /neqo
 
 RUN set -eux; \
     cd /neqo; \
     RUSTFLAGS="-g -C link-arg=-fuse-ld=lld" cargo build --release \
-      --bin neqo-client --bin neqo-server; \
-    cp target/release/neqo-client target; \
-    cp target/release/neqo-server target; \
-    rm -rf target/release
+      --bin neqo-client --bin neqo-server;
 
 # Copy only binaries to the final image to keep it small.
 
 FROM martenseemann/quic-network-simulator-endpoint:latest
 
 ENV LD_LIBRARY_PATH=/neqo/lib
-COPY --from=buildimage /neqo/target/neqo-client /neqo/target/neqo-server /neqo/bin/
+COPY --from=buildimage /neqo/target/release/neqo-client /neqo/target/release/neqo-server /neqo/bin/
 COPY --from=buildimage /dist/Release/lib/*.so /neqo/lib/
 COPY --from=buildimage /dist/Release/bin/certutil /dist/Release/bin/pk12util /neqo/bin/
 
-COPY interop.sh /neqo/
+COPY qns/interop.sh /neqo/
 RUN chmod +x /neqo/interop.sh
 ENTRYPOINT [ "/neqo/interop.sh" ]