Skip to content

Codex/GitHub actions docker workflow #94

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Str-Gen merged 3 commits into from
Mar 31, 2026
+56 −28
Merged

Codex/GitHub actions docker workflow #94

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4f6ace5
Refine Docker GitHub Actions workflow
Str-Gen Mar 31, 2026
46b2178
Simplify Docker build context ignore rules
Str-Gen Mar 31, 2026
0cf44ba
Stop requiring Cargo.lock in image builds
Str-Gen Mar 31, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 8 additions & 10 deletions .dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
*
!Cargo.toml
!Cargo.lock
!.cargo/
!common/
!rustiflow/
!xtask/
!rustfmt.toml
!ebpf-ipv4/
!ebpf-ipv6/
.git
.github
target
debian
docs
figures
perf.data
scripts
60 changes: 46 additions & 14 deletions .github/workflows/docker.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,53 @@
name: Publish Containers
name: Container Images

on:
pull_request:
paths:
- .github/workflows/docker.yml
- .dockerignore
- Dockerfile
- Dockerfile-slim
- Cargo.toml
- Cargo.lock
- .cargo/**
- common/**
- rustiflow/**
- xtask/**
- ebpf-ipv4/**
- ebpf-ipv6/**
- rustfmt.toml
push:
branches:
- main
tags:
- "v*"
paths:
- .github/workflows/docker.yml
- .dockerignore
- Dockerfile
- Dockerfile-slim
- Cargo.toml
- Cargo.lock
- .cargo/**
- common/**
- rustiflow/**
- xtask/**
- ebpf-ipv4/**
- ebpf-ipv6/**
- rustfmt.toml
workflow_dispatch:

concurrency:
group: docker-${{ github.ref }}
group: docker-${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

env:
REGISTRY: ghcr.io
IMAGE_NAME: idlab-discover/rustiflow

jobs:
docker:
name: Publish ${{ matrix.variant.name }}
images:
name: ${{ matrix.variant.name }}
runs-on: ubuntu-latest
permissions:
contents: read
Expand All @@ -30,23 +59,23 @@ jobs:
- name: default
dockerfile: Dockerfile
latest_tag: latest
flavor_suffix: ""
tag_suffix: ""
cache_scope: docker-default
- name: slim
dockerfile: Dockerfile-slim
latest_tag: slim
flavor_suffix: -slim
tag_suffix: -slim
cache_scope: docker-slim

steps:
- name: Checkout repository
uses: actions/checkout@v6

- name: Set up QEMU
uses: docker/setup-qemu-action@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4

- name: Log in to GHCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v4
with:
registry: ${{ env.REGISTRY }}
Expand All @@ -62,22 +91,25 @@ jobs:
latest=false
tags: |
type=raw,value=${{ matrix.variant.latest_tag }},enable={{is_default_branch}}
type=ref,event=branch,suffix=${{ matrix.variant.flavor_suffix }}
type=ref,event=tag,suffix=${{ matrix.variant.flavor_suffix }}
type=sha,prefix=sha-,suffix=${{ matrix.variant.flavor_suffix }}
type=ref,event=branch,suffix=${{ matrix.variant.tag_suffix }}
type=ref,event=tag,suffix=${{ matrix.variant.tag_suffix }}
type=sha,prefix=sha-,suffix=${{ matrix.variant.tag_suffix }}
labels: |
org.opencontainers.image.title=RustiFlow
org.opencontainers.image.description=Network flow extractor with offline and realtime capture modes
org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
org.opencontainers.image.revision=${{ github.sha }}

- name: Build and push image
- name: Build image
uses: docker/build-push-action@v7
with:
context: ${{ github.workspace }}
file: ${{ github.workspace }}/${{ matrix.variant.dockerfile }}
push: true
platforms: linux/amd64
push: ${{ github.event_name != 'pull_request' }}
provenance: false
sbom: false
cache-from: type=gha,scope=${{ matrix.variant.cache_scope }}
cache-to: type=gha,mode=max,scope=${{ matrix.variant.cache_scope }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
3 changes: 1 addition & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ ENV RUST_LOG=info
# Copy
WORKDIR /usr/src/app
COPY Cargo.toml ./
COPY Cargo.lock ./
COPY .cargo ./.cargo
COPY common ./common
COPY rustiflow ./rustiflow
Expand All @@ -37,7 +36,7 @@ COPY ebpf-ipv6 ./ebpf-ipv6
# Build
RUN cargo xtask ebpf-ipv4 --release
RUN cargo xtask ebpf-ipv6 --release
RUN cargo build --release --locked
RUN cargo build --release

# Command
ENTRYPOINT ["/usr/src/app/target/release/rustiflow"]
3 changes: 1 addition & 2 deletions Dockerfile-slim
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ ENV PATH="/root/.cargo/bin:${PATH}"
# Copy source code
WORKDIR /usr/src/app
COPY Cargo.toml ./
COPY Cargo.lock ./
COPY .cargo ./.cargo
COPY common ./common
COPY rustiflow ./rustiflow
Expand All @@ -30,7 +29,7 @@ COPY ebpf-ipv6 ./ebpf-ipv6
# Build the project
RUN cargo xtask ebpf-ipv4 --release && \
cargo xtask ebpf-ipv6 --release && \
cargo build --release --locked
cargo build --release

# Stage 2: Runtime
FROM debian:bookworm-slim
Expand Down
Loading