ci: native arm64 runners + DRY docker release workflows via reusable workflow#946
Open
ci: native arm64 runners + DRY docker release workflows via reusable workflow#946
Conversation
5 tasks
Split each cross-arch docker build into per-arch build jobs on native ubuntu-24.04-arm/ubuntu-latest runners, then fuse per-arch digests into a multi-arch manifest in a downstream merge job. Eliminates QEMU emulation which stalled the full/latest variants past the 6h job timeout (see run 24516158412). Applies to release.yaml (docker-images, docker-web) and release-beta.yaml (docker-images).
…ch reusable workflow
- docker-images-build/merge → docker-images (caller) - docker-web-build/merge → docker-web (caller) - notify-discord.needs updated to new job names - Net: -190 LOC in release.yaml docker section
- docker-images-build/merge → docker-images (caller) - Net: -110 LOC in release-beta.yaml docker section
Replaces runs-on: ubuntu-latest across all workflows. No behavioral change today (ubuntu-latest currently maps to 24.04), but prevents silent OS promotion to 26.04 creating arch divergence with the explicit ubuntu-24.04-arm runner.
…kflow
GHA evaluates expressions in \`with.*\` at caller scope, where \`matrix\` is
not defined. Callers now use {{name}}, {{suffix}}, {{is_latest}},
{{is_variant}} placeholders; reusable workflow resolves them in a shell
step at merge-job matrix-expansion time before passing to metadata-action.
…d of matrix expressions
vanducng
force-pushed
the
ci/docker-multiarch-dry
branch
from
b6047d0 to
def97dc
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Supersedes #940. Combines:
ubuntu-24.04-armrunners. Stage 1 builds per-arch, Stage 2 merges into multi-arch manifest.New files
.github/actions/docker-registry-login/action.yaml— composite action for GHCR + Docker Hub login (was repeated 5x inline).github/workflows/docker-multiarch.yaml— reusable workflow encapsulating per-arch build + manifest merge pipelineAlso
ubuntu-24.04explicitly across all workflows (parity withubuntu-24.04-arm, avoids silent OS drift){{name}},{{suffix}},{{is_latest}},{{is_variant}}) for matrix values in callertag-rules— GHA evaluates callerwith:expressions eagerly, so matrix context isn't available at caller scope; reusable workflow resolves placeholders at merge-job timeOut of scope
Action version bumps (Node 20 -> 24 deprecation:
checkout@v4->v5,setup-go@v5->v6,build-push@v6->v7, etc.) are intentionally deferred to a follow-up PR to keep this diff reviewable.LOC impact
Validation
Validated on fork
vanducng/goclaw(DOCKERHUB_IMAGE patched todataplanelabs/goclaw) prior to this PR:release-beta.yaml): tagv3.99.0-beta.dry.2pushed -> all 6 jobs green (4 build + 2 merge). Run: https://github.com/vanducng/goclaw/actions/runs/24556944984release.yaml):workflow_dispatchwith tagv3.99.0-beta.dry.2-> all 15 docker jobs green (8 backend build + 4 backend merge + 2 web build + 1 web merge);notify-discordfailed only because fork has noDISCORD_WEBHOOK_URLsecret. Run: https://github.com/vanducng/goclaw/actions/runs/24557454577Manifest inspection confirms 2-platform (linux/amd64 + linux/arm64) images published to both GHCR + DockerHub for all tags.
Rollback
gh pr revertrestores pre-PR state. Low risk — fork validation de-risked this before landing.Closes
Closes #940