feat: add arm64 docker image (foundry-rs#9614)

* feat(docker): build arm64 image

Signed-off-by: jsvisa <[email protected]>

* wip

Signed-off-by: jsvisa <[email protected]>

* Revert "wip"

This reverts commit a152a4c.

Signed-off-by: jsvisa <[email protected]>

* Revert "feat(docker): build arm64 image"

This reverts commit 09adcbc.

Signed-off-by: jsvisa <[email protected]>

* feat(make): add cross docker build

Signed-off-by: jsvisa <[email protected]>

* feat(make): multi tags

Signed-off-by: jsvisa <[email protected]>

* feat(github): use cross build

Signed-off-by: jsvisa <[email protected]>

* add Dockerfile.cross

Signed-off-by: jsvisa <[email protected]>

* fix(make): don't recreate cross-builder

Signed-off-by: jsvisa <[email protected]>

* make: add log

Signed-off-by: jsvisa <[email protected]>

* fix: missing \

Signed-off-by: jsvisa <[email protected]>

* typo

Signed-off-by: jsvisa <[email protected]>

* Update docker-publish.yml

Co-authored-by: DaniPopes <[email protected]>

---------

Signed-off-by: jsvisa <[email protected]>
Co-authored-by: DaniPopes <[email protected]>

.github/workflows/docker-publish.yml

@@ -1,96 +1,78 @@
 name: docker
 
 on:
-    push:
-      tags:
-        - "v*.*.*"
-    schedule:
-      - cron: "0 0 * * *"
-    # Trigger without any parameters a proactive rebuild
-    workflow_dispatch: {}
-    workflow_call:
+  push:
+    tags:
+      - "v*.*.*"
+  schedule:
+    - cron: "0 0 * * *"
+  # Trigger without any parameters a proactive rebuild
+  workflow_dispatch: {}
+  workflow_call:
 
 env:
-    REGISTRY: ghcr.io
-    # Will resolve to foundry-rs/foundry
-    IMAGE_NAME: ${{ github.repository }}
+  REGISTRY: ghcr.io
+  # Will resolve to foundry-rs/foundry
+  IMAGE_NAME: ${{ github.repository }}
 
 jobs:
-    container:
-        runs-on: Linux-20.04
-        # https://docs.github.com/en/actions/reference/authentication-in-a-workflow
-        permissions:
-            id-token: write
-            packages: write
-            contents: read
-        timeout-minutes: 120
-        steps:
-            - name: Checkout repository
-              id: checkout
-              uses: actions/checkout@v4
+  build:
+    name: build and push
+    runs-on: Linux-20.04
+    permissions:
+      id-token: write
+      packages: write
+      contents: read
+    timeout-minutes: 120
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dtolnay/rust-toolchain@stable
+      - uses: Swatinem/rust-cache@v2
+        with:
+          cache-on-failure: true
+      - uses: taiki-e/install-action@cross
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Login into registry ${{ env.REGISTRY }}
+        # Ensure this doesn't trigger on PR's
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+            registry: ${{ env.REGISTRY }}
+            username: ${{ github.actor }}
+            password: ${{ secrets.GITHUB_TOKEN }}
 
-            - name: Install Docker BuildX
-              uses: docker/setup-buildx-action@v2
-              id: buildx
-              with:
-                  install: true
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+            images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
-            # Login against a Docker registry except on PR
-            # https://github.com/docker/login-action
-            - name: Log into registry ${{ env.REGISTRY }}
-              # Ensure this doesn't trigger on PR's
-              if: github.event_name != 'pull_request'
-              uses: docker/login-action@v2
-              with:
-                  registry: ${{ env.REGISTRY }}
-                  username: ${{ github.actor }}
-                  password: ${{ secrets.GITHUB_TOKEN }}
+      # Creates an additional 'latest' or 'nightly' tag
+      # If the job is triggered via cron schedule, tag nightly and nightly-{SHA}
+      # If the job is triggered via workflow dispatch and on a master branch, tag branch and latest
+      # Otherwise, just tag as the branch name
+      - name: Finalize Docker Metadata
+        id: docker_tagging
+        run: |
+            if [[ "${{ github.event_name }}" == 'schedule' ]]; then
+              echo "cron trigger, assigning nightly tag"
+              echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly-${GITHUB_SHA}" >> $GITHUB_OUTPUT
+            elif [[ "${GITHUB_REF##*/}" == "main" ]] || [[ ${GITHUB_REF##*/} == "master" ]]; then
+              echo "manual trigger from master/main branch, assigning latest tag"
+              echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${GITHUB_REF##*/},${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest" >> $GITHUB_OUTPUT
+            else
+              echo "Neither scheduled nor manual release from main branch. Just tagging as branch name"
+              echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${GITHUB_REF##*/}" >> $GITHUB_OUTPUT
+            fi
 
-            # Extract metadata (tags, labels) for Docker
-            # https://github.com/docker/metadata-action
-            - name: Extract Docker metadata
-              id: meta
-              uses: docker/metadata-action@v4
-              with:
-                  images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+      # Log docker metadata to explicitly know what is being pushed
+      - name: Inspect Docker Metadata
+        run: |
+            echo "TAGS -> ${{ steps.docker_tagging.outputs.docker_tags }}"
+            echo "LABELS -> ${{ steps.meta.outputs.labels }}"
 
-            # Creates an additional 'latest' or 'nightly' tag
-            # If the job is triggered via cron schedule, tag nightly and nightly-{SHA}
-            # If the job is triggered via workflow dispatch and on a master branch, tag branch and latest
-            # Otherwise, just tag as the branch name
-            - name: Finalize Docker Metadata
-              id: docker_tagging
-              run: |
-                  if [[ "${{ github.event_name }}" == 'schedule' ]]; then
-                    echo "cron trigger, assigning nightly tag"
-                    echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly-${GITHUB_SHA}" >> $GITHUB_OUTPUT
-                  elif [[ "${GITHUB_REF##*/}" == "main" ]] || [[ ${GITHUB_REF##*/} == "master" ]]; then
-                    echo "manual trigger from master/main branch, assigning latest tag"
-                    echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${GITHUB_REF##*/},${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest" >> $GITHUB_OUTPUT
-                  else
-                    echo "Neither scheduled nor manual release from main branch. Just tagging as branch name"
-                    echo "docker_tags=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${GITHUB_REF##*/}" >> $GITHUB_OUTPUT
-                  fi
-
-            # Log docker metadata to explicitly know what is being pushed
-            - name: Inspect Docker Metadata
-              run: |
-                  echo "TAGS -> ${{ steps.docker_tagging.outputs.docker_tags }}"
-                  echo "LABELS ->  ${{ steps.meta.outputs.labels }}"
-
-            # Build and push Docker image
-            # https://github.com/docker/build-push-action
-            # https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md
-            - name: Build and push Docker image
-              uses: docker/build-push-action@v3
-              with:
-                  context: .
-                  push: true
-                  tags: ${{ steps.docker_tagging.outputs.docker_tags }}
-                  labels: ${{ steps.meta.outputs.labels }}
-                  cache-from: type=gha
-                  cache-to: type=gha,mode=max
-                  build-args: |
-                      BUILDTIME=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
-                      VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
-                      REVISION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }}
+      - name: Build and push foundry image
+        run: make DOCKER_IMAGE_NAME=${{ steps.docker_tagging.outputs.docker_tags }} PROFILE=maxperf docker-build-push

Dockerfile.cross

@@ -0,0 +1,21 @@
+# This image is meant to enable cross-architecture builds.
+# It assumes the foundry binaries have already been compiled for `$TARGETPLATFORM` and are
+# locatable in `./dist/bin/$TARGETARCH`
+FROM ubuntu:22.04
+
+# Filled by docker buildx
+ARG TARGETARCH
+
+COPY ./dist/bin/$TARGETARCH/* /usr/local/bin/
+
+ENTRYPOINT ["/bin/sh", "-c"]
+
+LABEL org.label-schema.build-date=$BUILD_DATE \
+    org.label-schema.name="Foundry" \
+    org.label-schema.description="Foundry" \
+    org.label-schema.url="https://getfoundry.sh" \
+    org.label-schema.vcs-ref=$VCS_REF \
+    org.label-schema.vcs-url="https://github.com/foundry-rs/foundry.git" \
+    org.label-schema.vendor="Foundry-rs" \
+    org.label-schema.version=$VERSION \
+    org.label-schema.schema-version="1.0"

Makefile

@@ -5,6 +5,10 @@
 
 # Cargo profile for builds.
 PROFILE ?= dev
+# The docker image name
+DOCKER_IMAGE_NAME ?= ghcr.io/foundry-rs/foundry:latest
+BIN_DIR = dist/bin
+CARGO_TARGET_DIR ?= target
 
 # List of features to use when building. Can be overridden via the environment.
 # No jemalloc on Windows
@@ -26,6 +30,49 @@ help: ## Display this help.
 build: ## Build the project.
 	cargo build --features "$(FEATURES)" --profile "$(PROFILE)"
 
+# The following commands use `cross` to build a cross-compile.
+#
+# These commands require that:
+#
+# - `cross` is installed (`cargo install cross`).
+# - Docker is running.
+# - The current user is in the `docker` group.
+#
+# The resulting binaries will be created in the `target/` directory.
+build-%:
+	cross build --target $* --features "$(FEATURES)" --profile "$(PROFILE)"
+
+.PHONY: docker-build-push
+docker-build-push: docker-build-prepare ## Build and push a cross-arch Docker image tagged with DOCKER_IMAGE_NAME.
+	$(MAKE) build-x86_64-unknown-linux-gnu
+	mkdir -p $(BIN_DIR)/amd64
+	for bin in anvil cast chisel forge; do \
+		cp $(CARGO_TARGET_DIR)/x86_64-unknown-linux-gnu/$(PROFILE)/$$bin $(BIN_DIR)/amd64/; \
+	done
+
+	$(MAKE) build-aarch64-unknown-linux-gnu
+	mkdir -p $(BIN_DIR)/arm64
+	for bin in anvil cast chisel forge; do \
+		cp $(CARGO_TARGET_DIR)/aarch64-unknown-linux-gnu/$(PROFILE)/$$bin $(BIN_DIR)/arm64/; \
+	done
+
+	docker buildx build --file ./Dockerfile.cross . \
+		--platform linux/amd64,linux/arm64 \
+		$(foreach tag,$(shell echo $(DOCKER_IMAGE_NAME) | tr ',' ' '),--tag $(tag)) \
+		--provenance=false \
+		--push
+
+.PHONY: docker-build-prepare
+docker-build-prepare: ## Prepare the Docker build environment.
+	docker run --privileged --rm tonistiigi/binfmt --install amd64,arm64
+	@if ! docker buildx inspect cross-builder &> /dev/null; then \
+		echo "Creating a new buildx builder instance"; \
+		docker buildx create --use --driver docker-container --name cross-builder; \
+	else \
+		echo "Using existing buildx builder instance"; \
+		docker buildx use cross-builder; \
+	fi
+
 ##@ Other
 
 .PHONY: clean
@@ -69,4 +116,4 @@ test: ## Run all tests.
 
 pr: ## Run all tests and linters in preparation for a PR.
 	make lint && \
-	make test
+	make test