Merge pull request #132 from FREVA-CLINT/no-ansible-runner

No ansible runner

Author: antarcticrainforest

.github/workflows/build_containers.yml

@@ -40,11 +40,19 @@ jobs:
       -
         name: Set up QEMU
         uses: docker/setup-qemu-action@v2
-
+        with:
+          platforms: all
       -
         name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
-
+        with:
+          install: true
+      -
+        name: Create Buildx builder
+        run: docker buildx create --use --name mybuilder --driver docker-container
+      -
+        name: Inspect Buildx builder
+        run: docker buildx inspect --bootstrap
       -
         name: Log in to the Container registry
         uses: docker/login-action@v2
@@ -61,7 +69,7 @@ jobs:
           tags: |
             ghcr.io/freva-clint/freva-deployment:${{ steps.repository.outputs.tag }}
             ghcr.io/freva-clint/freva-deployment:latest
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6,linux/ppc64le,linux/i386
 
   build-and-push-vault-image:
     runs-on: ubuntu-latest
@@ -86,12 +94,21 @@ jobs:
           echo "tag=$(python src/freva_deployment/__init__.py -v)" >> $GITHUB_OUTPUT
       -
         name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-
+        uses: docker/setup-qemu-action@v2
+        with:
+          platforms: all
       -
         name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2
+        with:
+          install: true
+      -
+        name: Create Buildx builder
+        run: docker buildx create --use --name mybuilder --driver docker-container
 
+      -
+        name: Inspect Buildx builder
+        run: docker buildx inspect --bootstrap
       -
         name: Log in to the Container registry
         uses: docker/login-action@v2
@@ -104,7 +121,7 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           context: assets/share/freva/deployment/vault/
-          platforms: linux/amd64
+          platforms: linux/amd64,linux/arm64
           push: true
           build-args: VERSION=${{steps.repository.outputs.tag}}
           tags: |

.github/workflows/build_job.yml

@@ -1,26 +1,163 @@
-name: Create a new release
-run-name: ${{ github.actor }} creating a new release 🧉
+name: Build binary & Create release
+run-name: ${{ github.actor }} building the pyinstaller binary and creating the release 🧉
 
-# Set the access for individual scopes, or use permissions: write-all
 permissions:
   pull-requests: write
   contents: write
   packages: write
 
 on:
   push:
+    branches: ["**"]
     tags:
       - "v*.*.*"
 
 jobs:
   tests:
     uses: ./.github/workflows/ci_job.yml
+  build-no-linux:
+    name: Build packages
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        include:
+          - os: macos-12
+            target: osx-x64
+            arch: x86_64
+            py_arch: x64
+            asset_mime: application/octet-stream
+            exe: deploy-freva
+            hidden_import: --hidden-import curses --hidden-import cowsay
+            extra_pkg: cryptography
+          - os: macos-14
+            target: osx-arm64
+            arch: arm64
+            py_arch: arm64
+            asset_mime: application/octet-stream
+            exe: deploy-freva
+            hidden_import: --hidden-import curses --hidden-import cowsay
+            extra_pkg: cryptography
+          - os: windows-2019
+            target: windows-x64
+            arch: x86_64
+            py_arch: x64
+            asset_mime: application/vnd.microsoft.portable-executable
+            hidden_import: --hidden-import windows-curses --hidden-import cowsay
+            extra_pkg: windows-curses cryptography
+            exe: deploy-freva.exe
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python "3.X" on ${{ matrix.os }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.X"
+          architecture: ${{ matrix.py_arch }}
+      - name: Install dependencies
+        run: |
+          python3 -m pip install --upgrade pip
+          python3 -m pip install pyinstaller ansible ${{ matrix.extra_pkg }} .
+      - name: Build with cmd pyinstaller for ${{ matrix.target }}
+        run: >
+          pyinstaller pyinstaller/pyinstaller-deploy-freva.py -c
+          --name deploy-freva --onefile --clean -i docs/_static/freva_owl.ico
+          --add-data 'assets/share/freva/deployment:freva_deployment/assets'
+          --add-data 'src/freva_deployment/versions.json:freva_deployment'
+          --target-arch ${{matrix.arch}}
+          ${{matrix.hidden_import}}
+          --exclude-module pycrypto --exclude-module PyInstaller
+      - name: Test built bindary
+        run: ./dist/${{matrix.exe}} --help
+      - name: Upload cmd Asset
+        uses: actions/upload-artifact@v3
+        with:
+          path: dist/${{matrix.exe}}
+          name: deploy-freva-${{ matrix.target }}
+          retention-days: 7
+
+  build-linux:
+    name: Build packages
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - arch: linux/amd64
+            target: linux-x64
+          - arch: linux/arm64
+            target: linux-arm64
+          - arch: linux/arm/v7
+            target: linux-armvl7
+          - arch: linux/arm/v6
+            target: linux-armvl6
+          - arch: linux/ppc64le
+            target: linux-ppc64
+          - arch: linux/s390x
+            target: linux-s390x
+          - arch: linux/i386
+            target: linux-i386
+
+    steps:
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+        with:
+          platforms: all
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          install: true
+
+      - name: Create Buildx builder
+        run: docker buildx create --use --name mybuilder --driver docker-container
+
+      - name: Inspect Buildx builder
+        run: docker buildx inspect --bootstrap
+
+      - name: Build Docker image
+        uses: docker/build-push-action@v4
+        with:
+          file: Dockerfile
+          platforms: ${{ matrix.arch }}
+          push: false
+          load: true
+          tags: pyinstaller:${{ matrix.target }}
+
+      - name: Run PyInstaller in Docker
+        run: >
+          docker run --rm -v $PWD:/src -w /src --platform ${{ matrix.arch }}
+          pyinstaller:${{ matrix.target }} pyinstaller
+          pyinstaller/pyinstaller-deploy-freva.py -c
+          --name deploy-freva --onefile --clean -i docs/_static/freva_owl.ico
+          --add-data 'assets/share/freva/deployment:freva_deployment/assets'
+          --add-data 'src/freva_deployment/versions.json:freva_deployment'
+          --hidden-import cowsay --hidden-import cryptography
+          --exclude-module pycrypto --exclude-module PyInstaller
+
+      - name: Test built bindary
+        run: >
+          docker run --rm -v $PWD:/src -w /src --platform ${{ matrix.arch }}
+          pyinstaller:${{ matrix.target }} /src/dist/deploy-freva --help
+
+      - name: Upload cmd Asset
+        if: startsWith(github.ref, 'refs/tags/')
+        uses: actions/upload-artifact@v4
+        with:
+          path: dist/
+          name: deploy-freva-${{ matrix.target }}
+
   pypi:
     name: Create Pip package
     permissions:
       id-token: write
-    needs: [tests]
+    needs: [tests, build-linux, build-no-linux]
     runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/')
     steps:
       -
         name: Checkout
@@ -45,10 +182,12 @@ jobs:
           password: ${{ secrets.PYPI_API_TOKEN }}
           skip-existing: true
           verbose: true
-  createrelease:
+
+  release:
     name: Create Release
-    runs-on: [ubuntu-latest]
-    needs: pypi
+    needs: [build-no-linux, build-linux]
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/')
     steps:
       - name: Create Release
         id: create_release
@@ -67,53 +206,50 @@ jobs:
         with:
           name: release_url
           path: release_url.txt
-  build:
-    name: Build packages
-    needs: [pypi, createrelease]
-    runs-on: ${{ matrix.os }}
+
+  upload-builds:
+    name: Add binaries to Release
+    needs: release
+    runs-on: ubuntu-latest
     strategy:
       matrix:
         include:
-          - os: macos-latest
-            TARGET: macos
-            CMD_BUILD: >
-                pyinstaller pyinstaller/pyinstaller-script.py -c --name deploy-freva --onefile
-            OUT_FILE_NAME: deploy-freva
-            ASSET_MIME: application/octet-stream
-          - os: windows-latest
-            TARGET: windows
-            CMD_BUILD: pyinstaller pyinstaller/pyinstaller-script.py -c --name deploy-freva --onefile
-            OUT_FILE_NAME: deploy-freva.exe
-            ASSET_MIME: application/vnd.microsoft.portable-executable
+          - target: linux-x64
+            asset_mime: application/octet-stream
+          - target: linux-arm64
+            asset_mime: application/octet-stream
+          - target: linux-armvl7
+            asset_mime: application/octet-stream
+          - target: linux-armvl6
+            asset_mime: application/octet-stream
+          - target: linux-ppc64
+            asset_mime: application/octet-stream
+          - target: linux-s390x
+            asset_mime: application/octet-stream
+          - target: linux-i386
+            asset_mime: application/octet-stream
+          - target: osx-x64
+            asset_mime: application/octet-stream
+          - target: osx-arm64
+            asset_mime: application/octet-stream
+          - target: windows-x64
+            asset_mime: application/vnd.microsoft.portable-executable
+    if: startsWith(github.ref, 'refs/tags/')
     steps:
-      - uses: actions/checkout@v4
-      - name: Set up Python 3.X
-        uses: actions/setup-python@v4
-        with:
-          python-version: "3.X"
-      - name: Install dependencies
-        run: |
-          python3 -m pip install --upgrade pip
-          python3 -m pip install pyinstaller ansible .
-      - name: Build with pyinstaller for ${{matrix.TARGET}}
-        run: ${{matrix.CMD_BUILD}}
-      - name: Load Release URL File from release job
-        uses: actions/download-artifact@v1
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Download artifacts
+        uses: actions/download-artifact@v3
         with:
-          name: release_url
-      - name: Get Release File Name & Upload URL
-        id: get_release_info
-        shell: bash
-        run: |
-          value=`cat release_url/release_url.txt`
-          echo ::set-output name=upload_url::$value
-      - name: Upload Release Asset
-        id: upload-release-asset
+          path: ./artifacts
+
+      - name: Upload Release Assets
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ secrets.ASSET_TOKEN }}
         with:
-          upload_url: ${{ steps.get_release_info.outputs.upload_url }}
-          asset_path: ./dist/${{ matrix.OUT_FILE_NAME}}
-          asset_name: ${{ matrix.OUT_FILE_NAME}}
-          asset_content_type: ${{ matrix.ASSET_MIME}}
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./artifacts/deploy-freva-${{matrix.target}}
+          asset_name: deploy-freva-${{ matrix.target }}
+          asset_content_type: ${{matrix.asset_mime}}

Dockerfile

@@ -1,25 +1,28 @@
-from docker.io/alpine
+FROM debian:bullseye
 ARG VERSION
 LABEL org.opencontainers.image.authors="DRKZ-CLINT"
 LABEL org.opencontainers.image.source="https://github.com/FREVA-CLINT/freva-deployment.git"
 LABEL org.opencontainers.image.version="$VERSION"
-RUN set -ex &&\
-    apk add --no-cache python3 py3-pip openssh-client sshpass &&\
-    apk add --no-cache --virtual /root/build-deps build-base python3-dev \
-    libffi-dev openssl-dev rust cargo &&\
+RUN apt-get update && apt-get install -y build-essential python3-cryptography \
+    python3-dev python3-pip openssh-client sshpass
+RUN apt-get install -y binutils libghc-zlib-dev musl-dev \
+    librust-libc-dev libc-devtools libffi-dev gcc g++
+RUN apt-get install -y python3-appdirs python3-mysqldb python3-yaml \
+    python3-toml python3-tomlkit python3-requests ansible && \
     mkdir -p /opt/freva-deployment &&\
-    ln -sf python3 /usr/bin/python && \
-    mkdir -p /tmp/deployment
+    mkdir -p /tmp/deployment && rm -rf /var/lib/apt/lists/* && \
+    mkdir -p /src
 WORKDIR /tmp/deployment
 COPY . .
-RUN set -ex &&\
-    python3 src/freva_deployment/__init__.py &&\
-    python3 -m pip install --break-system-packages . &&\
-    rm -rf /root/.cache/pip &&\
-    rm -rf /var/cache/apk/* &&\
-    apk del /root/build-deps &&\
-    rm -rf /root/build-deps &&\
+# Install Python dependencies
+RUN python3 -m pip install --upgrade pip && \
+    python3 -m pip install pyinstaller ansible cryptography &&\
+    python3 src/freva_deployment/__init__.py && \
+    python3 -m pip install --break-system-packages . && \
+    rm -rf /root/.cache/pip && \
+    rm -rf /root/build-deps && \
     rm -rf /tmp/deployment
 WORKDIR /opt/freva-deployment
 VOLUME /opt/freva-deployment
+VOLUME /src
 CMD ["/usr/bin/deploy-freva"]