Merge pull request #1 from embtom/embtom/feature/build

Embtom/feature/build

Author: embtom

.devcontainer/devcontainer.json

@@ -0,0 +1,52 @@
+{
+    "name": "vsc-python-apt",
+    "dockerComposeFile": "../docker-compose.yml",
+    "service": "devcontainer",
+    "runServices": ["devcontainer"],
+    "workspaceFolder": "/src",
+    "containerEnv": {
+        "NODE_EXTRA_CA_CERTS": "/etc/ssl/certs/ca-certificates.crt"
+    },
+    "features": {
+        "ghcr.io/devcontainers/features/node:1": {
+            "version": "20"
+        }
+    },
+    "customizations": {
+        "vscode": {
+            "extensions": [
+                "alefragnani.bookmarks",
+                "cheshirekow.cmake-format",
+                "davidanson.vscode-markdownlint",
+                "EditorConfig.EditorConfig",
+                "foxundermoon.shell-format",
+                "huizhou.githd",
+                "mhutchie.git-graph",
+                "ms-azuretools.vscode-docker",
+                "ms-python.autopep8",
+                "ms-python.flake8",
+                "ms-python.python",
+                "ms-vscode.cmake-tools",
+                "ms-vscode.cpptools",
+                "redhat.vscode-yaml",
+                "sonarsource.sonarlint-vscode",
+                "streetsidesoftware.code-spell-checker",
+                "tamasfe.even-better-toml",
+                "timonwong.shellcheck",
+                "yzhang.markdown-all-in-one"
+            ],
+            "settings": {
+                "terminal.integrated.profiles.linux": {
+                    "bash": null,
+                    "zsh": {
+                        "path": "/usr/bin/zsh"
+                    }
+                },
+                "editor.indentSize": 4,
+                "editor.tabSize": 4,
+                "editor.insertSpaces": false,
+                "terminal.integrated.defaultProfile.linux": "zsh"
+            }
+        }
+    }
+}

.github/actions/get-deb-version/action.yml

@@ -0,0 +1,38 @@
+name: "Get Debian Package Version"
+description: "Parse Debian version from a debian/changelog file"
+
+inputs:
+  path:
+    description: "Path to the folder containing debian/changelog"
+    required: false
+    default: '.'
+
+outputs:
+  version:
+    description: "Version extracted from debian/changelog"
+    value: ${{ steps.parse.outputs.version }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Ensure dpkg-parsechangelog is available
+      shell: bash
+      run: |
+        if ! command -v dpkg-parsechangelog >/dev/null 2>&1; then
+          sudo apt-get update
+          sudo apt-get install -y dpkg-dev
+        fi
+
+    - name: Parse Debian version
+      id: parse
+      shell: bash
+      working-directory: ${{ inputs.path }}
+      run: |
+        set -e
+        if [ ! -f debian/changelog ]; then
+          echo "error debian/changelog not found"
+          exit 1
+        fi
+        VERSION=$(dpkg-parsechangelog --show-field Version)
+        echo "Detected version: $VERSION"
+        echo "version=$VERSION" >> "$GITHUB_OUTPUT"

.github/actions/prepare-builder/action.yml

@@ -0,0 +1,71 @@
+name: "Prepare builder"
+description: "Prepares build environment using Podman with GHCR caching"
+author: "embtom"
+
+inputs:
+  service:
+    description: "The service in docker-compose.yml"
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Install Podman and podman-compose
+      uses: ./.github/actions/setup-podman
+
+    - name: Login to GHCR
+      shell: bash
+      run: |
+        echo "${{ github.token }}" | podman login ghcr.io -u "${{ github.actor }}" --password-stdin
+
+    - name: Read image name from compose
+      id: image-name
+      shell: bash
+      run: |
+        IMAGE=$(yq -r '.services."${{ inputs.service }}".image' docker-compose.yml)
+        BASE_IMAGE="${IMAGE%%:*}"
+        HASH=$(sha256sum Dockerfile | cut -d " " -f1)
+        echo "image=${IMAGE}" >> $GITHUB_OUTPUT
+
+        CACHE_IMAGE="ghcr.io/${{ github.repository_owner }}/cache-${BASE_IMAGE}:${HASH}"
+        
+        echo "hash=${HASH}" >> $GITHUB_OUTPUT
+        echo "cache-image=${CACHE_IMAGE}" >> $GITHUB_OUTPUT
+
+    - name: Try pulling cache from GHCR
+      id: pull-cache
+      shell: bash
+      run: |
+        echo "Trying to pull cache image: ${{ steps.image-name.outputs.cache-image }}"
+        if podman pull "${{ steps.image-name.outputs.cache-image }}"; then
+          echo "cache-hit=true" >> $GITHUB_OUTPUT
+        else
+          echo "cache-hit=false" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Load cached image tag into local tag
+      if: steps.pull-cache.outputs.cache-hit == 'true'
+      shell: bash
+      run: |
+        podman tag "${{ steps.image-name.outputs.cache-image }}" \
+          "${{ steps.image-name.outputs.image }}"
+
+        echo "Loaded cached image: ${{ steps.image-name.outputs.image }}"
+
+    - name: Build image if cache miss
+      if: steps.pull-cache.outputs.cache-hit == 'false'
+      shell: bash
+      run: |
+        echo "Cache miss → building image…"
+        podman-compose -f docker-compose.yml build "${{ inputs.service }}"
+
+    - name: Push updated image to GHCR as cache
+      shell: bash
+      run: |
+        podman tag "${{ steps.image-name.outputs.image }}" \
+          "${{ steps.image-name.outputs.cache-image }}"
+
+        podman push "${{ steps.image-name.outputs.cache-image }}"

.github/actions/run-build/action.yml

@@ -0,0 +1,27 @@
+name: "Run build"
+description: "Run the build based on prepared builder environment"
+author: "embtom"
+
+inputs:
+  service:
+    description: "The service that was used for built"
+    required: true
+  build-target:
+    description: "The build target to run"
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+
+    - name: Run build
+      shell: bash
+      run: |
+        SERVICE="${{ inputs.service }}"
+        BUILD_TARGET="${{ inputs.build-target }}"
+        if [ -z "$SERVICE" ]; then
+          echo "ERROR: No service provided."
+          exit 1
+        fi
+        podman-compose -f docker-compose.yml \
+            run --rm "$SERVICE" "$BUILD_TARGET"

.github/actions/setup-podman/action.yml

@@ -0,0 +1,77 @@
+---
+name: "Setup Podman Environment"
+description: "Prepare Podman for rootless builds"
+
+runs:
+  using: "composite"
+  steps:
+
+    - name: Remove Docker if installed
+      shell: bash
+      run: |
+        if command -v docker >/dev/null 2>&1; then
+          echo "Docker found removing"
+          sudo systemctl stop docker docker.socket || true
+          sudo apt-get purge -y \
+            docker \
+            docker.io \
+            docker-ce \
+            docker-ce-cli \
+            containerd runc || true
+          sudo apt-get autoremove -y
+          sudo rm -rf /var/lib/docker /var/lib/containerd
+        else
+          echo "Docker not installed"
+        fi
+
+    - name: Install dependencies
+      shell: bash
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y \
+          podman \
+          python3-pip \
+          fuse-overlayfs \
+          uidmap \
+          qemu-user-static \
+          yq
+
+    - name: Enable lingering for current user
+      shell: bash
+      run: |
+        sudo loginctl enable-linger $USER || true
+
+    - name: Create Podman config directories
+      shell: bash
+      run: |
+        mkdir -p ~/.config/containers
+        mkdir -p ~/.local/share/containers
+
+    - name: Configure rootless Podman storage
+      shell: bash
+      run: |
+        cat <<'EOF' > ~/.config/containers/storage.conf
+          [storage]
+          driver = "overlay"
+          runroot = "/tmp/run-$(id -u)"
+          graphroot = "$HOME/.local/share/containers/storage"
+          [storage.options]
+          mount_program = "/usr/bin/fuse-overlayfs"
+        EOF
+
+    - name: Migrate Podman storage (if needed)
+      shell: bash
+      run: |
+        podman system migrate || true
+
+    - name: Install podman-compose from PyPI
+      shell: bash
+      run: |
+        pip install --upgrade pip
+        pip install podman-compose
+
+    - name: Verify Podman and podman-compose
+      shell: bash
+      run: |
+        podman --version
+        podman-compose version

.github/workflows/ci-build.yml

@@ -9,13 +9,60 @@ on:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - platform: linux-amd64
+            arch: amd64
+            runner: ubuntu-24.04
+            service: builder
+          - platform: linux-arm64
+            arch: arm64
+            runner: ubuntu-24.04-arm
+            service: builder-arm64
+
+    runs-on: ${{ matrix.runner }}
+    permissions: 
+      packages: write
 
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
 
-      - name: hello
-        shell: bash
-        run: echo "hello"
-        
+      - name: Get Debian version
+        id: changelog
+        uses: ./.github/actions/get-deb-version
+        with:
+          path: "."
+
+      - name: Show parsed version
+        run: echo Version=${{ steps.changelog.outputs.version }}
+
+      - name: Prepare build environment
+        uses: ./.github/actions/prepare-builder
+        with:
+          service: ${{ matrix.service }}
+
+      - name: Build wheel
+        uses: ./.github/actions/run-build
+        with:
+          service: ${{ matrix.service }}
+          build-target: all
+
+      - name: Build Debian package
+        uses: ./.github/actions/run-build
+        with:
+          service: ${{ matrix.service }}
+          build-target: build-deb
+
+      - name: Upload artifacts
+        if: success()
+        uses: actions/upload-artifact@v4
+        with:
+          name: build-${{ matrix.platform }}-${{ steps.changelog.outputs.version }}
+          path: |
+            build/*.deb
+            build/*.changes
+            build/*.buildinfo
+            dist/*.whl
+          retention-days: 10