feat: compile static binary as release assets and docker image (Finsc…

…hia#221) * build: modify docker image base and binary using static library. Signed-off-by: zemyblue <zemyblue@gmail.com> * chore: change the description in readme Signed-off-by: zemyblue <zemyblue@gmail.com> * fix: localnet-docker-build unittest Signed-off-by: zemyblue <zemyblue@gmail.com> * ci: change the github action ci for pushing Docker images Signed-off-by: zemyblue <zemyblue@gmail.com> * ci: change release build for using static binary assets. Signed-off-by: zemyblue <zemyblue@gmail.com> * chore: update changelog Signed-off-by: zemyblue <zemyblue@gmail.com> * fix: parse tag in github action of docker.yml Signed-off-by: zemyblue <zemyblue@gmail.com> * ci: change docker build and push trigger Signed-off-by: zemyblue <zemyblue@gmail.com> * ci: remove condition if `pull_request` or not. Signed-off-by: zemyblue <zemyblue@gmail.com> * fix: typo Signed-off-by: zemyblue <zemyblue@gmail.com> * chore: remove debian11 and nonroot base docker image Signed-off-by: zemyblue <zemyblue@gmail.com> --------- Signed-off-by: zemyblue <zemyblue@gmail.com>
zemyblue · Jun 23, 2023 · 225b581 · 225b581
1 parent d649d83
commit 225b581
Show file tree

Hide file tree

Showing 8 changed files with 276 additions and 228 deletions.
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -1,53 +1,88 @@
-name: Build & Push
+name: Push Docker Images
 # Build & Push builds the finschia docker image on every tag push
 
 on:
-  pull_request:
-    branches:
-      - main
   push:
     tags:
       - "v[0-9]+.[0-9]+.[0-9]+" # Push events to matching v*, i.e. v1.0, v20.15.10
       - "v[0-9]+.[0-9]+.[0-9]+-*" # Push events to matching v*, i.e. v1.0-rc1, v20.15.10-alpha1
 
 env:
   registry: docker.io
-  repository: finschia/finschianode
+  DOCKER_REPOSITORY: finschia/finschianode
+  RUNNER_BASE_IMAGE_ALPINE: alpine:3.17
 jobs:
-  build:
+  docker_build_and_push:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - name: Check out the repo
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
+
       - name: Create a context for buildx
         run: docker context create buildx
+
       - name: Set up docker buildx
         id: buildx
         uses: docker/setup-buildx-action@v2
         with:
           endpoint: buildx
           config-inline: |
             [registry."docker.io"]
-      - name: login to the registry
+
+      - name: Login to the registry
         uses: docker/login-action@v2
-        if: github.event_name != 'pull_request'
         with:
           registry: ${{env.registry}}
           username: ${{secrets.DOCKERHUB_USERNAME}}
           password: ${{secrets.DOCKERHUB_TOKEN}}
-      - name: extract metadata for docker
+
+      - name: Find go version
+        id: find_go_version
+        run: |
+          GO_VERSION=$(cat go.mod | grep -E 'go [0-9].[0-9]+' | cut -d ' ' -f 2)
+          echo "GO_VERSION=$GO_VERSION" >> $GITHUB_ENV
+
+      - name: Find Ostracon version
+        id: find_ostracon_version
+        run: |
+          OST_VERSION=$(go list -m github.com/Finschia/ostracon | sed 's:.* ::')
+          echo "OST_VERSION=$OST_VERSION" >> $GITHUB_ENV
+
+      - name: Parse tag
+        id: tag
+        run: |
+          ref='refs/tags/'
+          if [[ ${{ github.ref }} == *${ref}* ]]; then
+            VERSION=$(echo ${{ github.ref_name }} | sed "s/v//")
+            echo "VERSION=$VERSION" >> $GITHUB_ENV
+          else
+            echo "VERSION=${{ github.sha }}" >> $GITHUB_ENV
+          fi
+
+      - name: Extract metadata for docker
         id: meta
         uses: docker/metadata-action@v4
         with:
-          images: ${{env.registry}}/${{env.repository}}
+          images: ${{env.registry}}/${{env.DOCKER_REPOSITORY}}
           tags: |
             type=semver,pattern={{version}}
-      - name: docker build
+
+      # Build Docker image
+      - name: Build and push
         uses: docker/build-push-action@v4
         with:
-          push: ${{github.event_name != 'pull_request'}}
-          build-args: ARCH=x86_64
-          tags: ${{steps.meta.outputs.tags}}
+          file: Dockerfile
+          context: .
+          push: true
+          platforms: linux/amd64,linux/arm64
+          build-args: |
+            GO_VERSION=${{ env.GO_VERSION }}
+            RUNNER_IMAGE=${{ env.RUNNER_BASE_IMAGE_ALPINE }}
+            GIT_VERSION=${{ env.VERSION }}
+            GIT_COMMIT=${{ github.sha }}
+            OST_VERSION=${{ env.OST_VERSION }}
+          tags: |
+            ${{ env.DOCKER_REPOSITORY }}:${{ env.VERSION }}
           labels: ${{steps.meta.outputs.labels}}
-          platforms: linux/amd64
diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml
@@ -17,170 +17,87 @@ jobs:
         uses: actions/checkout@v3.1.0
       - name: "Create compressed repository source"
         run: |
-          git archive --format=tar --prefix "finschia-${{ env.VERSION }}/" HEAD | gzip -9n > finschia-${{ env.VERSION }}.tgz
-          md5sum finschia-${{ env.VERSION }}.tgz > finschia-${{ env.VERSION }}.tgz.md5
-          sha256sum finschia-${{ env.VERSION }}.tgz > finschia-${{ env.VERSION }}.tgz.sha256
+          git archive --format=tar.gz --prefix="fnsad-${{ env.VERSION }}/" HEAD -o fnsad-${{ env.VERSION }}.tar.gz
       - name: "Store compressed source"
         uses: actions/upload-artifact@v3
         with:
           name: release-${{ env.VERSION }}
           path: |
-            finschia-${{ env.VERSION }}.tgz
-            finschia-${{ env.VERSION }}.tgz.md5
-            finschia-${{ env.VERSION }}.tgz.sha256
+            fnsad-${{ env.VERSION }}.tar.gz
 
-  build_for_linux:
-    name: "Release Build for Linux"
-    needs: create_tarball
+
+  build_for_linux_static:
+    name: "Release Build for linux(static)"
     runs-on: ubuntu-latest
     strategy:
       matrix:
         arch: [ amd64, arm64 ]
-        include:
-          - arch: amd64
-            cc: x86_64-linux-gnu-gcc
-            cxx: x86_64-linux-gnu-g++
-            libwasmvm: libwasmvm.x86_64.so
-          - arch: arm64
-            cc: aarch64-linux-gnu-gcc
-            cxx: aarch64-linux-gnu-g++
-            libwasmvm: libwasmvm.aarch64.so
+
     steps:
-      - name: "Set tag as version"
+      - name: Set tag as version
         run: echo "VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV  # set env.VERSION=v0.0.0
-      - name: "Update runtime"
-        run: |
-          sudo apt update
-          sudo apt upgrade -y
-          sudo apt install -y build-essential g++-x86-64-linux-gnu g++-aarch64-linux-gnu wget
-      - name: "Install go"
-        uses: actions/setup-go@v4
-        with:
-          go-version: '1.18'
-          check-latest: true
-      - name: "Print go environment for debugging"
-        run: go env
-      - name: "Download compressed repository source"
-        uses: actions/download-artifact@v3
+
+      - name: Check out the repo
+        uses: actions/checkout@v3
         with:
-          name: release-${{ env.VERSION }}
-      - name: "Extract compressed repository source"
-        run: tar zxf finschia-${{ env.VERSION }}.tgz --strip-components=1
+          fetch-depth: 0
 
-      - name: "Set ID=${{ env.VERSION }}-linux-${{ matrix.arch }}"
+      - name: Set ID=${{ env.VERSION }}-linux-${{ matrix.arch }}
         run: echo "ID=${{ env.VERSION }}-linux-${{ matrix.arch }}" >> $GITHUB_ENV
-      - name: "Build release bundle: linux-${{ matrix.arch }}"
-        run: |
-          go env -w GOARCH=${{ matrix.arch }}
-          make clean build-release-bundle CC=${{ matrix.cc }} CXX=${{ matrix.cxx }}
-      - name: "Create checksum: linux-${{ matrix.arch }}"
-        run: |
-          cd ./build
-          ls -laF
-          md5sum finschia-${{ env.ID }}.tgz > ./finschia-${{ env.ID }}.md5
-          sha256sum finschia-${{ env.ID }}.tgz > ./finschia-${{ env.ID }}.sha256
-      - name: "Store artifact: linux-${{ matrix.arch }}"
-        uses: actions/upload-artifact@v3
-        with:
-          name: release-${{ env.VERSION }}
-          path: |
-            ./build/finschia-${{ env.ID }}.tgz
-            ./build/finschia-${{ env.ID }}.md5
-            ./build/finschia-${{ env.ID }}.sha256
-
-  build_for_darwin:
-    name: "Release Build for macOS"
-    needs: create_tarball
-    runs-on: macOS-latest
-    strategy:
-      matrix:
-        arch: [ "amd64", "arm64" ]
-        include:
-          - arch: amd64
-            libwasmvm: libwasmvm.dylib
-          - arch: arm64
-            libwasmvm: libwasmvm.dylib
-    steps:
-      - name: "Set tag as version"
-        run: echo "VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV  # set env.VERSION=v0.0.0
-      - name: "Setup Xcode"
-        run: sudo xcode-select --switch /Applications/Xcode.app
-      - name: "Install md5sum"
-        run: |
-          brew update
-          brew install md5sha1sum
-      - name: "Install go"
-        uses: actions/setup-go@v4
-        with:
-          go-version: '1.18'
-          check-latest: true
-      - name: "Print go environment"
-        run: go env
-      - name: "Download compressed repository source"
-        uses: actions/download-artifact@v3
-        with:
-          name: release-${{ env.VERSION }}
-      - name: "Extract compressed repository source"
-        run: tar zxf finschia-${{ env.VERSION }}.tgz --strip-components=1
 
-      - name: "Set ID=${{ env.VERSION }}-darwin-${{ matrix.arch }}"
-        run: echo "ID=${{ env.VERSION }}-darwin-${{ matrix.arch }}" >> $GITHUB_ENV
-      - name: "Build release bundle: darwin-${{ matrix.arch }}"
-        run: |
-          go env -w GOARCH=${{ matrix.arch }}
-          make clean build-release-bundle
-      - name: "Create checksum: darwin-${{ matrix.arch }}"
+      - name: Compile finschia
         run: |
+          make build-reproducible-${{ matrix.arch }}
           cd ./build
-          ls -laF
-          md5sum finschia-${{ env.ID }}.tgz > ./finschia-${{ env.ID }}.md5
-          shasum -a 256 finschia-${{ env.ID }}.tgz > ./finschia-${{ env.ID }}.sha256
-      - name: "Store artifact: darwin-${{ matrix.arch }}"
+          mv fnsad-linux-${{ matrix.arch }} fnsad-${{ env.ID }}
+
+      - name: Store artifact linux-${{ matrix.arch }}
         uses: actions/upload-artifact@v3
         with:
           name: release-${{ env.VERSION }}
           path: |
-            ./build/finschia-${{ env.ID }}.tgz
-            ./build/finschia-${{ env.ID }}.md5
-            ./build/finschia-${{ env.ID }}.sha256
+            ./build/fnsad-${{ env.ID }}
 
   create_release:
-    name: "Create Release"
-    needs: [ build_for_linux, build_for_darwin ]
+    name: Create Release
+    needs: [ build_for_linux_static, create_tarball ]
     runs-on: ubuntu-latest
     steps:
-      - name: "Set tag as version"
+      - name: Set tag as version
         run: echo "VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV  # set env.VERSION=v0.0.0
 
-      - name: "Download artifacts"
+      - name: Download artifacts
         uses: actions/download-artifact@v3
         with:
           name: release-${{ env.VERSION }}
-      - name: "Extract compressed repository source"
-        run: tar zxf finschia-${{ env.VERSION }}.tgz --strip-components=1 finschia-${{ env.VERSION }}/RELEASE_NOTE.md
-      - name: "List artifact files for debugging"
-        run: "ls -laF"
-      - name: "Create build report"
+
+      - name: Extract compressed repository source
+        run: |
+          tar zxvf fnsad-${{ env.VERSION }}.tar.gz --strip-components=1 fnsad-${{ env.VERSION }}/RELEASE_NOTE.md
+
+      - name: Create build report
         run: |
-          echo "App: finschia" > build_report.txt
+          echo "App: finschia" >> build_report.txt
           echo "Version: ${{ env.VERSION }}" >> build_report.txt
           echo "Commit: ${{ github.sha }}" >> build_report.txt
           echo "Checksums MD5:" >> build_report.txt
-          echo "  `cat finschia-${{ env.VERSION }}-linux-amd64.md5`" >> build_report.txt
-          echo "  `cat finschia-${{ env.VERSION }}-linux-arm64.md5`" >> build_report.txt
-          echo "  `cat finschia-${{ env.VERSION }}.tgz.md5`" >> build_report.txt
+          md5sum fnsad-${{ env.VERSION }}* | sed 's/^/ /' >> build_report.txt
           echo "Checksums SHA256:" >> build_report.txt
-          echo "  `cat finschia-${{ env.VERSION }}-linux-amd64.sha256`" >> build_report.txt
-          echo "  `cat finschia-${{ env.VERSION }}-linux-arm64.sha256`" >> build_report.txt
-          echo "  `cat finschia-${{ env.VERSION }}.tgz.sha256`" >> build_report.txt
-      - name: "Create release note"
+          sha256sum fnsad-${{ env.VERSION }}* | sed 's/^/ /' >> build_report.txt
+
+      - name: Create sha256sum
+        run: |
+          sha256sum fnsad-${{ env.VERSION }}* >> sha256sum.txt
+
+      - name: Create release note
         run: |
           cat ./RELEASE_NOTE.md > release_note.txt
           echo '' >> release_note.txt
           echo '```text' >> release_note.txt
           cat ./build_report.txt >> release_note.txt
-          echo '```' >> build_report.txt
-      - name: "Create release"
+          echo '```' >> release_note.txt
+
+      - name: Create release
         id: create_release
         uses: actions/create-release@v1
         env:
@@ -192,48 +109,42 @@ jobs:
           draft: true
           prerelease: false
 
-      - name: "Upload artifact: finschia-${{ env.VERSION }}-linux-amd64"
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ github.token }}
-        with:
-          upload_url: ${{ steps.create_release.outputs.upload_url }}
-          asset_path: finschia-${{ env.VERSION }}-linux-amd64.tgz
-          asset_name: finschia-${{ env.VERSION }}-linux-amd64.tgz
-          asset_content_type: application/octet-stream
-      - name: "Upload artifact: finschia-${{ env.VERSION }}-linux-arm64"
+      - name: Upload sha256sum
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ github.token }}
         with:
           upload_url: ${{ steps.create_release.outputs.upload_url }}
-          asset_path: finschia-${{ env.VERSION }}-linux-arm64.tgz
-          asset_name: finschia-${{ env.VERSION }}-linux-arm64.tgz
-          asset_content_type: application/octet-stream
-      - name: "Upload artifact: finschia-${{ env.VERSION }}-dawrin-amd64"
+          asset_path: ./sha256sum.txt
+          asset_name: sha256sum.txt
+          asset_content_type: application/file
+
+      - name: Upload linux-amd64 artifact
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ github.token }}
         with:
           upload_url: ${{ steps.create_release.outputs.upload_url }}
-          asset_path: finschia-${{ env.VERSION }}-darwin-amd64.tgz
-          asset_name: finschia-${{ env.VERSION }}-darwin-amd64.tgz
-          asset_content_type: application/octet-stream
-      - name: "Upload artifact: finschia-${{ env.VERSION }}-dawrin-arm64"
+          asset_path: ./fnsad-${{ env.VERSION }}-linux-amd64
+          asset_name: fnsad-${{ env.VERSION }}-linux-amd64
+          asset_content_type: application/binary
+
+      - name: Upload linux-arm64 artifact
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ github.token }}
         with:
           upload_url: ${{ steps.create_release.outputs.upload_url }}
-          asset_path: finschia-${{ env.VERSION }}-darwin-arm64.tgz
-          asset_name: finschia-${{ env.VERSION }}-darwin-arm64.tgz
-          asset_content_type: application/octet-stream
-      - name: "Upload artifact: compressed repository source"
+          asset_path: ./fnsad-${{ env.VERSION }}-linux-arm64
+          asset_name: fnsad-${{ env.VERSION }}-linux-arm64
+          asset_content_type: application/binary
+
+      - name: Upload compression
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ github.token }}
         with:
           upload_url: ${{ steps.create_release.outputs.upload_url }}
-          asset_path: finschia-${{ env.VERSION }}.tgz
-          asset_name: finschia-${{ env.VERSION }}.tgz
-          asset_content_type: application/gzip
+          asset_path: ./fnsad-${{ env.VERSION }}.tar.gz
+          asset_name: fnsad-${{ env.VERSION }}.tar.gz
+          asset_content_type: application/gzip
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -39,6 +39,7 @@ Ref: https://keepachangelog.com/en/1.0.0/
 ### Features
 
 ### Improvements
+* (build) [\#221](https://github.com/Finschia/finschia/pull/221) compile static binary as release assets and docker image
 * (swagger) [\#223](https://github.com/Finschia/finschia/pull/223) add integrated swagger for finschia
 
 ### Bug Fixes