From 8aa1f8a7a99047cc084866bea5ab43ff008c2ece Mon Sep 17 00:00:00 2001 From: Jono Prest Date: Tue, 2 Dec 2025 18:31:55 +0200 Subject: [PATCH 1/9] Add comment --- .github/workflows/build-docker-images.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-docker-images.yaml b/.github/workflows/build-docker-images.yaml index 85c4d35..4a2fbae 100644 --- a/.github/workflows/build-docker-images.yaml +++ b/.github/workflows/build-docker-images.yaml @@ -1,3 +1,5 @@ +# Taken from https://github.com/napi-rs/napi-rs/blob/main/.github/workflows/docker.yaml +# and modified to build with latest rust and node 22 name: Build Docker Images on: @@ -6,7 +8,7 @@ on: branches: - main paths: - - 'docker/**' + - "docker/**" permissions: contents: read @@ -85,7 +87,7 @@ jobs: uses: addnab/docker-run-action@v3 with: image: node:lts-slim - options: '--platform linux/arm64 --user 0:0 -v ${{ github.workspace }}/lib/llvm-18:/usr/lib/llvm-18' + options: "--platform linux/arm64 --user 0:0 -v ${{ github.workspace }}/lib/llvm-18:/usr/lib/llvm-18" run: >- apt-get update && apt-get install -y wget gnupg2 && @@ -112,4 +114,4 @@ jobs: push: true tags: ghcr.io/${{ github.repository }}/nodejs-rust:debian-aarch64 cache-from: type=gha - cache-to: type=gha,mode=max \ No newline at end of file + cache-to: type=gha,mode=max From da567228966ebf54bb4af23cd2195774979b8dc5 Mon Sep 17 00:00:00 2001 From: Jono Prest Date: Tue, 2 Dec 2025 18:34:38 +0200 Subject: [PATCH 2/9] simplify alpine docker file --- docker/alpine.Dockerfile | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/docker/alpine.Dockerfile b/docker/alpine.Dockerfile index a0efc3e..32f9bd9 100644 --- a/docker/alpine.Dockerfile +++ b/docker/alpine.Dockerfile @@ -6,18 +6,11 @@ ENV PATH="/aarch64-linux-musl-cross/bin:/usr/local/cargo/bin/rustup:/root/.cargo CXX="clang++" \ GN_EXE=gn -RUN apk add --update --no-cache bash wget cmake musl-dev clang llvm build-base python3 && \ - sed -i -e 's/v[[:digit:]]\..*\//edge\//g' /etc/apk/repositories && \ - apk add --update --no-cache --repository https://dl-cdn.alpinelinux.org/alpine/edge/testing \ - rustup \ - git \ - gn \ - tar \ - ninja && \ - apk update && \ - apk upgrade +RUN apk add --update --no-cache bash wget cmake musl-dev clang llvm build-base python3 git tar ninja && \ + wget https://sh.rustup.rs -O rustup-init.sh && \ + chmod +x rustup-init.sh -RUN rustup-init -y && \ +RUN ./rustup-init.sh -y && \ rustup update stable && \ rustup default stable && \ yarn global add pnpm lerna && \ @@ -25,4 +18,5 @@ RUN rustup-init -y && \ rustup target add x86_64-unknown-linux-musl && \ wget https://github.com/napi-rs/napi-rs/releases/download/linux-musl-cross%4010/aarch64-linux-musl-cross.tgz && \ tar -xvf aarch64-linux-musl-cross.tgz && \ - rm aarch64-linux-musl-cross.tgz \ No newline at end of file + rm aarch64-linux-musl-cross.tgz && \ + rm rustup-init.sh \ No newline at end of file From 9913af290a0cf3c6b42ff9dfa4794e96355679a6 Mon Sep 17 00:00:00 2001 From: Jono Prest Date: Tue, 2 Dec 2025 18:37:55 +0200 Subject: [PATCH 3/9] Remove rustup update command in docker build --- .github/workflows/publish_to_npm.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/publish_to_npm.yaml b/.github/workflows/publish_to_npm.yaml index c39a343..f13e5a6 100644 --- a/.github/workflows/publish_to_npm.yaml +++ b/.github/workflows/publish_to_npm.yaml @@ -39,7 +39,6 @@ jobs: docker: ghcr.io/${{ github.repository }}/nodejs-rust:debian build: |- set -e - rustup update stable yarn set version 3 yarn build --target x86_64-unknown-linux-gnu strip *.node @@ -48,7 +47,6 @@ jobs: docker: ghcr.io/${{ github.repository }}/nodejs-rust:alpine build: |- set -e - rustup update stable yarn set version 3 yarn build --target x86_64-unknown-linux-musl strip *.node @@ -64,7 +62,6 @@ jobs: docker: ghcr.io/${{ github.repository }}/nodejs-rust:debian-aarch64 build: |- set -e - rustup update stable yarn set version 3 yarn build --target aarch64-unknown-linux-gnu aarch64-unknown-linux-gnu-strip *.node From 0ae9ab444abec79e055a8ff7b4ca0670701957a2 Mon Sep 17 00:00:00 2001 From: Jono Prest Date: Tue, 2 Dec 2025 18:53:18 +0200 Subject: [PATCH 4/9] Add auth for ghcr --- .github/workflows/publish_to_npm.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/publish_to_npm.yaml b/.github/workflows/publish_to_npm.yaml index f13e5a6..5cb3617 100644 --- a/.github/workflows/publish_to_npm.yaml +++ b/.github/workflows/publish_to_npm.yaml @@ -120,6 +120,13 @@ jobs: check-latest: true cache: yarn architecture: x86 + - name: Log in to GitHub Container Registry + if: ${{ matrix.settings.docker }} + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Build in docker uses: addnab/docker-run-action@v3 if: ${{ matrix.settings.docker }} From 62ca3d2f51302e88437926928333d0997dddd9ea Mon Sep 17 00:00:00 2001 From: Jono Prest Date: Tue, 2 Dec 2025 18:55:41 +0200 Subject: [PATCH 5/9] Correct auth of ghcr --- .github/workflows/publish_to_npm.yaml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/publish_to_npm.yaml b/.github/workflows/publish_to_npm.yaml index 5cb3617..5f5d92b 100644 --- a/.github/workflows/publish_to_npm.yaml +++ b/.github/workflows/publish_to_npm.yaml @@ -120,13 +120,6 @@ jobs: check-latest: true cache: yarn architecture: x86 - - name: Log in to GitHub Container Registry - if: ${{ matrix.settings.docker }} - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - name: Build in docker uses: addnab/docker-run-action@v3 if: ${{ matrix.settings.docker }} @@ -134,6 +127,9 @@ jobs: image: ${{ matrix.settings.docker }} options: "--user 0:0 -v ${{ github.workspace }}:/build -w /build" run: ${{ matrix.settings.build }} + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Build run: ${{ matrix.settings.build }} if: ${{ !matrix.settings.docker }} From 4e69672fbf5a4f0022ffab538b62795b703ac5e5 Mon Sep 17 00:00:00 2001 From: Jono Prest Date: Tue, 2 Dec 2025 19:02:56 +0200 Subject: [PATCH 6/9] Pull docker image before using --- .github/workflows/publish_to_npm.yaml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish_to_npm.yaml b/.github/workflows/publish_to_npm.yaml index 5f5d92b..0a7bb3f 100644 --- a/.github/workflows/publish_to_npm.yaml +++ b/.github/workflows/publish_to_npm.yaml @@ -120,6 +120,16 @@ jobs: check-latest: true cache: yarn architecture: x86 + - name: Log in to GitHub Container Registry + if: ${{ matrix.settings.docker }} + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Pull Docker image + if: ${{ matrix.settings.docker }} + run: docker pull ${{ matrix.settings.docker }} - name: Build in docker uses: addnab/docker-run-action@v3 if: ${{ matrix.settings.docker }} @@ -127,9 +137,6 @@ jobs: image: ${{ matrix.settings.docker }} options: "--user 0:0 -v ${{ github.workspace }}:/build -w /build" run: ${{ matrix.settings.build }} - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - name: Build run: ${{ matrix.settings.build }} if: ${{ !matrix.settings.docker }} From 5d8e3a1440dc8ed8a70f978ff92d0779d84c0279 Mon Sep 17 00:00:00 2001 From: Jono Prest Date: Tue, 2 Dec 2025 19:05:57 +0200 Subject: [PATCH 7/9] Add packages read permissions --- .github/workflows/publish_to_npm.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish_to_npm.yaml b/.github/workflows/publish_to_npm.yaml index 0a7bb3f..64a7a7d 100644 --- a/.github/workflows/publish_to_npm.yaml +++ b/.github/workflows/publish_to_npm.yaml @@ -11,6 +11,7 @@ env: permissions: contents: write id-token: write + packages: read on: workflow_dispatch: null From 2a263e6c594ae36c78fca85577239127beafa491 Mon Sep 17 00:00:00 2001 From: Jono Prest Date: Tue, 2 Dec 2025 19:08:51 +0200 Subject: [PATCH 8/9] Simplify workflow --- .github/workflows/publish_to_npm.yaml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/workflows/publish_to_npm.yaml b/.github/workflows/publish_to_npm.yaml index 64a7a7d..ad57893 100644 --- a/.github/workflows/publish_to_npm.yaml +++ b/.github/workflows/publish_to_npm.yaml @@ -121,16 +121,6 @@ jobs: check-latest: true cache: yarn architecture: x86 - - name: Log in to GitHub Container Registry - if: ${{ matrix.settings.docker }} - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Pull Docker image - if: ${{ matrix.settings.docker }} - run: docker pull ${{ matrix.settings.docker }} - name: Build in docker uses: addnab/docker-run-action@v3 if: ${{ matrix.settings.docker }} From e06d7d2c2e51645d32424665088af3f9534352ee Mon Sep 17 00:00:00 2001 From: Jono Prest Date: Tue, 2 Dec 2025 19:22:28 +0200 Subject: [PATCH 9/9] Revert "Simplify workflow" This reverts commit 2a263e6c594ae36c78fca85577239127beafa491. --- .github/workflows/publish_to_npm.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/publish_to_npm.yaml b/.github/workflows/publish_to_npm.yaml index ad57893..64a7a7d 100644 --- a/.github/workflows/publish_to_npm.yaml +++ b/.github/workflows/publish_to_npm.yaml @@ -121,6 +121,16 @@ jobs: check-latest: true cache: yarn architecture: x86 + - name: Log in to GitHub Container Registry + if: ${{ matrix.settings.docker }} + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Pull Docker image + if: ${{ matrix.settings.docker }} + run: docker pull ${{ matrix.settings.docker }} - name: Build in docker uses: addnab/docker-run-action@v3 if: ${{ matrix.settings.docker }}