diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 3ea4f30..0000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,170 +0,0 @@ -version: 2.1 - -# CircleCI doesn't handle large file sets properly for local builds -# https://github.com/CircleCI-Public/circleci-cli/issues/281#issuecomment-472808051 -localCheckout: &localCheckout - run: |- - git config --global --add safe.directory /tmp/_circleci_local_build_repo - PROJECT_PATH=$(cd ${CIRCLE_WORKING_DIRECTORY}; pwd) - mkdir -p ${PROJECT_PATH} - cd /tmp/_circleci_local_build_repo - git ls-files -z | xargs -0 -s 2090860 tar -c | tar -x -C ${PROJECT_PATH} - cp -a /tmp/_circleci_local_build_repo/.git ${PROJECT_PATH} - -.linux_job: &linuxjob - docker: - - image: ${IMAGE} - steps: - - checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally - - setup_remote_docker - - run: - name: Ubuntu-Focal - command: docker build --build-arg ARCH=x86_64 -t ci-ubuntu-focal . - working_directory: ubuntu-focal - # Debian used for ARM x-building - - run: - name: Debian Buster (10) - command: cd debian-buster && docker build --build-arg ARCH=amd64 -t ci-debian-buster . - - run: - name: Debian Bullseye (11) - command: cd debian-bullseye && docker build --build-arg ARCH=amd64 -t ci-debian-bullseye . - # Centos discontinued; disable until real need appears - #- run: - # name: Centos8 - # command: cd centos-8 && docker build --build-arg ARCH=amd64 -t ci-centos8 . - #- run: - # name: Centos7 - # command: cd centos-7 && docker build --build-arg ARCH=amd64 -t ci-centos7 . - - run: - name: Alpine - command: cd alpine && docker build --build-arg ARCH=amd64 -t ci-alpine . - - when: - condition: - equal: [ main, << pipeline.git.branch >> ] - steps: - - run: - name: docker login - command: echo $DOCKER_PASSWORD | docker login --username $DOCKER_LOGIN --password-stdin - - run: - name: Tag and push images - command: | - docker tag ci-alpine $TARGETNAME/ci-alpine-amd64 && docker push $TARGETNAME/ci-alpine-amd64 && docker tag ci-ubuntu-focal $TARGETNAME/ci-ubuntu-focal-x86_64 && docker push $TARGETNAME/ci-ubuntu-focal-x86_64 && docker tag ci-debian-buster $TARGETNAME/ci-debian-buster-amd64 && docker push $TARGETNAME/ci-debian-buster-amd64 && docker tag ci-debian-bullseye $TARGETNAME/ci-debian-bullseye-amd64 && docker push $TARGETNAME/ci-debian-bullseye-amd64 - -jobs: - ubuntu-focal-x86_64: - <<: *linuxjob - environment: - IMAGE: openquantumsafe/ci-ubuntu-focal-x86_64:latest - ubuntu-bionic-i386: - docker: - - image: openquantumsafe/ci-ubuntu-focal-x86_64:latest - steps: - - checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally - - setup_remote_docker - - run: - name: Ubuntu-Bionic-i386 - command: docker build --build-arg ARCH=i386 -t ci-ubuntu-bionic . - working_directory: ubuntu-bionic - - when: - condition: - equal: [ main, << pipeline.git.branch >> ] - steps: - - run: - name: docker login - command: echo $DOCKER_PASSWORD | docker login --username $DOCKER_LOGIN --password-stdin - - run: - name: Tag and push image - command: | - docker tag ci-ubuntu-bionic $TARGETNAME/ci-ubuntu-bionic-i386 && docker push $TARGETNAME/ci-ubuntu-bionic-i386 - - ubuntu-jammy: - docker: - - image: openquantumsafe/ci-ubuntu-focal-x86_64:latest - steps: - - checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally - - setup_remote_docker - - run: - name: Ubuntu-Jammy - command: docker build -t ci-ubuntu-jammy . - working_directory: ubuntu-jammy - - when: - condition: - equal: [ main, << pipeline.git.branch >> ] - steps: - - run: - name: docker login - command: echo $DOCKER_PASSWORD | docker login --username $DOCKER_LOGIN --password-stdin - - run: - name: Tag and push image - command: docker tag ci-ubuntu-jammy $TARGETNAME/ci-ubuntu-jammy && docker push $TARGETNAME/ci-ubuntu-jammy - - ubuntu-latest: - docker: - - image: cimg/base:2024.05 - steps: - - checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally - - setup_remote_docker - - run: - name: Ubuntu-latest - command: docker build -t ci-ubuntu-latest . - working_directory: ubuntu-latest - - when: - condition: - equal: [ main, << pipeline.git.branch >> ] - steps: - - run: - name: docker login - command: echo $DOCKER_PASSWORD | docker login --username $DOCKER_LOGIN --password-stdin - - run: - name: Tag and push image - command: docker tag ci-ubuntu-latest $TARGETNAME/ci-ubuntu-latest && docker push $TARGETNAME/ci-ubuntu-latest - - arm64: - description: Building and pushing ARM64 CI image - machine: - image: ubuntu-2004:current - resource_class: arm.medium - steps: - - run: - name: Check versions - command: | - docker info - docker version - - checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally - - run: - name: Build CI image - command: | - # The CircleCI executor offers 35 cores, but using - # all of them might exhaust memory - # explicitly tag platform - docker version - docker build --build-arg MAKE_DEFINES="-j 18" --build-arg ARCH=arm64 -t ci-ubuntu-focal-arm64 . - working_directory: ubuntu-focal - - when: - condition: - equal: [ main, << pipeline.git.branch >> ] - steps: - - run: - name: Authenticate to Docker - command: echo $DOCKER_PASSWORD | docker login --username $DOCKER_LOGIN --password-stdin - - run: - name: Tag and push image - command: | - docker tag ci-ubuntu-focal-arm64 $TARGETNAME/ci-ubuntu-focal-arm64 - docker push $TARGETNAME/ci-ubuntu-focal-arm64 - -workflows: - version: 2 - build: - jobs: - - ubuntu-focal-x86_64: - context: openquantumsafe - - ubuntu-bionic-i386: - context: openquantumsafe - - ubuntu-jammy: - context: openquantumsafe - - ubuntu-latest: - context: openquantumsafe - - arm64: - context: openquantumsafe - diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..93cf608 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,34 @@ +name: Build Docker images + +on: + pull_request: + push: + branches-ignore: 'main' + +jobs: + ubuntu: + strategy: + matrix: + arch: + - arm64 + - x86_64 + distro: + - focal + - jammy + - latest + include: + - arch: arm64 + runner: oqs-arm64 + - arch: x86_64 + runner: ubuntu-latest + runs-on: ${{ matrix.runner }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Build image + uses: docker/build-push-action@v6 + with: + push: false + build-args: ARCH=${{ matrix.arch }} + tags: openquantumsafe/ci-ubuntu-${{ matrix.distro }}:latest-${{ matrix.arch }} + context: ubuntu-${{ matrix.distro }} diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml new file mode 100644 index 0000000..fb0fc40 --- /dev/null +++ b/.github/workflows/push.yml @@ -0,0 +1,62 @@ +name: Build and push Docker images + +on: + push: + branches: 'main' + +jobs: + ubuntu-arm64: + strategy: + matrix: + distro: + - focal + - jammy + - latest + runs-on: oqs-arm64 + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push arm64 tag + uses: docker/build-push-action@v6 + with: + push: true + build-args: ARCH=arm64 + tags: openquantumsafe/ci-ubuntu-${{ matrix.distro }}:latest-arm64 + context: ubuntu-${{ matrix.distro }} + + ubuntu-x86_64: + needs: ubuntu-arm64 + strategy: + matrix: + distro: + - focal + - jammy + - latest + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Login to Docker Hub + if: github.ref_name == 'main' + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push x86_64 tag + uses: docker/build-push-action@v6 + with: + push: true + build-args: ARCH=x86_64 + tags: openquantumsafe/ci-ubuntu-${{ matrix.distro }}:latest-x86_64 + context: ubuntu-${{ matrix.distro }} + - name: Create multiarch image + run: | + docker manifest create openquantumsafe/ci-ubuntu-${{ matrix.distro }}:latest \ + --amend openquantumsafe/ci-ubuntu-${{ matrix.distro }}:latest-x86_64 \ + --amend openquantumsafe/ci-ubuntu-${{ matrix.distro }}:latest-arm64 \ + && docker manifest push openquantumsafe/ci-ubuntu-${{ matrix.distro }}:latest diff --git a/ubuntu-focal/Dockerfile b/ubuntu-focal/Dockerfile index 6a3e440..c9124ac 100644 --- a/ubuntu-focal/Dockerfile +++ b/ubuntu-focal/Dockerfile @@ -1,6 +1,6 @@ ARG ARCH -FROM multiarch/ubuntu-core:${ARCH}-focal -LABEL version="4" +FROM ubuntu:focal +LABEL version="5" ARG ARCH RUN DEBIAN_FRONTEND=noninteractive TZ=Europe/Zurich && \ diff --git a/ubuntu-latest/Dockerfile b/ubuntu-latest/Dockerfile index 2713f1b..878fc09 100644 --- a/ubuntu-latest/Dockerfile +++ b/ubuntu-latest/Dockerfile @@ -1,6 +1,5 @@ FROM ubuntu:latest -LABEL version="1" -ARG ARCH +LABEL version="2" RUN DEBIAN_FRONTEND=noninteractive TZ=Europe/Zurich && \ ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ @@ -25,8 +24,11 @@ RUN DEBIAN_FRONTEND=noninteractive TZ=Europe/Zurich && \ libunwind-dev \ make \ ninja-build \ + npm \ + opam \ pkg-config \ python3 \ + python3-git \ python3-nose \ python3-rednose \ python3-pytest \ @@ -48,8 +50,11 @@ RUN DEBIAN_FRONTEND=noninteractive TZ=Europe/Zurich && \ doxygen \ yamllint -# Why activate such old Java version? Disabling for now -#ENV JAVA_HOME="/usr/lib/jvm/java-1.11.0-openjdk-${ARCH}" +# set up jasmin compiler for libjade +RUN opam init --yes --auto-setup && opam install --confirm-level=unsafe-yes --destdir=/usr/local jasmin.2023.06.3 + +# install ajv for CBOM validation +RUN npm -g install ajv ajv-cli # Activate if we want to test specific OpenSSL3 versions: # RUN cd /root && git clone --depth 1 --branch openssl-3.0.7 https://github.com/openssl/openssl.git && cd openssl && LDFLAGS="-Wl,-rpath -Wl,/usr/local/openssl3/lib64" ./config --prefix=/usr/local/openssl3 && make -j && make install