mirror of
https://github.com/searxng/searxng.git
synced 2025-07-09 03:04:26 -04:00
I'm not too pleased to reverse this, but issues like https://github.com/searxng/searxng/issues/4792 have not been foreseen, and we can't just turn away. It has become apparent over the last weeks that there are still quite a few people with an incompatible CPU or having SearXNG on some random VM provider who can't (or won't) modify the configuration of their machines to expose the features needed for x86_64v2 march. As I don't want to trash the work with apko and base images, I thought about trying building Alpine again now that we have all the container related workflow refactored. There will still be the discussion of whether to use musl and its drawbacks, but right now I don't know any other alternatives. The nice part of this is that both Dockerfiles (mainline and legacy) can now be unified under the same umbrella again. Closes https://github.com/searxng/searxng/issues/4792 Closes https://github.com/searxng/searxng/issues/4753
253 lines
7.1 KiB
YAML
253 lines
7.1 KiB
YAML
---
|
|
name: Container
|
|
|
|
# yamllint disable-line rule:truthy
|
|
on:
|
|
workflow_dispatch:
|
|
workflow_run:
|
|
workflows:
|
|
- Integration
|
|
types:
|
|
- completed
|
|
branches:
|
|
- master
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}
|
|
cancel-in-progress: false
|
|
|
|
permissions:
|
|
contents: read
|
|
# Organization GHCR
|
|
packages: read
|
|
|
|
env:
|
|
PYTHON_VERSION: "3.13"
|
|
|
|
jobs:
|
|
build-base:
|
|
if: |
|
|
(github.repository_owner == 'searxng' && github.event.workflow_run.conclusion == 'success')
|
|
|| github.event_name == 'workflow_dispatch'
|
|
name: Build base
|
|
runs-on: ubuntu-24.04
|
|
permissions:
|
|
# Organization GHCR
|
|
packages: write
|
|
|
|
steps:
|
|
- if: github.repository_owner == 'searxng'
|
|
name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: "false"
|
|
|
|
- if: github.repository_owner == 'searxng'
|
|
name: Get date
|
|
id: date
|
|
run: echo "date=$(date +'%Y%m%d')" >>$GITHUB_OUTPUT
|
|
|
|
- if: github.repository_owner == 'searxng'
|
|
name: Check cache apko
|
|
id: cache-apko
|
|
uses: actions/cache/restore@v4
|
|
with:
|
|
# yamllint disable-line rule:line-length
|
|
key: "apko-${{ steps.date.outputs.date }}-${{ hashFiles('./container/base.yml', './container/base-builder.yml') }}"
|
|
path: "/tmp/.apko/"
|
|
lookup-only: true
|
|
|
|
- if: github.repository_owner == 'searxng' && steps.cache-apko.outputs.cache-hit != 'true'
|
|
name: Setup cache apko
|
|
uses: actions/cache@v4
|
|
with:
|
|
# yamllint disable-line rule:line-length
|
|
key: "apko-${{ steps.date.outputs.date }}-${{ hashFiles('./container/base.yml', './container/base-builder.yml') }}"
|
|
restore-keys: "apko-${{ steps.date.outputs.date }}-"
|
|
path: "/tmp/.apko/"
|
|
|
|
- if: github.repository_owner == 'searxng' && steps.cache-apko.outputs.cache-hit != 'true'
|
|
name: Setup apko
|
|
run: |
|
|
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
|
|
brew install apko
|
|
|
|
- if: github.repository_owner == 'searxng' && steps.cache-apko.outputs.cache-hit != 'true'
|
|
name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "ghcr.io"
|
|
username: "${{ github.repository_owner }}"
|
|
password: "${{ secrets.GITHUB_TOKEN }}"
|
|
|
|
- if: github.repository_owner == 'searxng' && steps.cache-apko.outputs.cache-hit != 'true'
|
|
name: Build
|
|
run: |
|
|
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
|
|
|
|
apko publish ./container/base.yml ghcr.io/${{ github.repository_owner }}/base:searxng \
|
|
--cache-dir=/tmp/.apko/ \
|
|
--sbom=false \
|
|
--vcs=false \
|
|
--log-level=debug
|
|
|
|
apko publish ./container/base-builder.yml ghcr.io/${{ github.repository_owner }}/base:searxng-builder \
|
|
--cache-dir=/tmp/.apko/ \
|
|
--sbom=false \
|
|
--vcs=false \
|
|
--log-level=debug
|
|
|
|
build:
|
|
if: github.repository_owner == 'searxng' || github.event_name == 'workflow_dispatch'
|
|
name: Build (${{ matrix.arch }})
|
|
runs-on: ${{ matrix.os }}
|
|
needs: build-base
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- arch: amd64
|
|
os: ubuntu-24.04
|
|
emulation: false
|
|
- arch: arm64
|
|
os: ubuntu-24.04-arm
|
|
emulation: false
|
|
- arch: armv7
|
|
os: ubuntu-24.04-arm
|
|
emulation: true
|
|
|
|
permissions:
|
|
# Organization GHCR
|
|
packages: write
|
|
|
|
outputs:
|
|
version_string: ${{ steps.build.outputs.version_string }}
|
|
version_tag: ${{ steps.build.outputs.version_tag }}
|
|
docker_tag: ${{ steps.build.outputs.docker_tag }}
|
|
git_url: ${{ steps.build.outputs.git_url }}
|
|
git_branch: ${{ steps.build.outputs.git_branch }}
|
|
|
|
steps:
|
|
- name: Setup Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: "${{ env.PYTHON_VERSION }}"
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: "false"
|
|
|
|
- name: Setup cache Python
|
|
uses: actions/cache@v4
|
|
with:
|
|
key: "python-${{ env.PYTHON_VERSION }}-${{ runner.arch }}-${{ hashFiles('./requirements*.txt') }}"
|
|
restore-keys: "python-${{ env.PYTHON_VERSION }}-${{ runner.arch }}-"
|
|
path: "./local/"
|
|
|
|
- name: Setup cache container mounts
|
|
uses: actions/cache@v4
|
|
with:
|
|
# yamllint disable-line rule:line-length
|
|
key: "container-mounts-${{ matrix.arch }}-${{ hashFiles('./container/Dockerfile') }}"
|
|
restore-keys: "container-mounts-${{ matrix.arch }}-"
|
|
path: |
|
|
/var/tmp/buildah-cache/
|
|
/var/tmp/buildah-cache-*/
|
|
|
|
- if: ${{ matrix.emulation }}
|
|
name: Setup QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "ghcr.io"
|
|
username: "${{ github.repository_owner }}"
|
|
password: "${{ secrets.GITHUB_TOKEN }}"
|
|
|
|
- name: Build
|
|
id: build
|
|
env:
|
|
OVERRIDE_ARCH: "${{ matrix.arch }}"
|
|
run: make podman.build
|
|
|
|
test:
|
|
name: Test (${{ matrix.arch }})
|
|
runs-on: ${{ matrix.os }}
|
|
needs: build
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- arch: amd64
|
|
os: ubuntu-24.04
|
|
emulation: false
|
|
- arch: arm64
|
|
os: ubuntu-24.04-arm
|
|
emulation: false
|
|
- arch: armv7
|
|
os: ubuntu-24.04-arm
|
|
emulation: true
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: "false"
|
|
|
|
- if: ${{ matrix.emulation }}
|
|
name: Setup QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "ghcr.io"
|
|
username: "${{ github.repository_owner }}"
|
|
password: "${{ secrets.GITHUB_TOKEN }}"
|
|
|
|
- name: Test
|
|
env:
|
|
OVERRIDE_ARCH: "${{ matrix.arch }}"
|
|
GIT_URL: "${{ needs.build.outputs.git_url }}"
|
|
run: make container.test
|
|
|
|
release:
|
|
if: github.repository_owner == 'searxng' && github.ref_name == 'master'
|
|
name: Release
|
|
runs-on: ubuntu-24.04-arm
|
|
needs:
|
|
- build
|
|
- test
|
|
|
|
permissions:
|
|
# Organization GHCR
|
|
packages: write
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
persist-credentials: "false"
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "ghcr.io"
|
|
username: "${{ github.repository_owner }}"
|
|
password: "${{ secrets.GITHUB_TOKEN }}"
|
|
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: "docker.io"
|
|
username: "${{ secrets.DOCKERHUB_USERNAME }}"
|
|
password: "${{ secrets.DOCKERHUB_TOKEN }}"
|
|
|
|
- name: Release
|
|
env:
|
|
GIT_URL: "${{ needs.build.outputs.git_url }}"
|
|
DOCKER_TAG: "${{ needs.build.outputs.docker_tag }}"
|
|
run: make container.push
|