mirror of
https://github.com/astral-sh/ruff.git
synced 2025-07-07 13:15:19 +00:00

## Summary
This PR updates `ruff` to match `uv` updated [docker releases
approach](https://github.com/astral-sh/uv/blob/main/.github/workflows/build-docker.yml).
It's a combined PR with changes from these PR's
* https://github.com/astral-sh/uv/pull/6053
* https://github.com/astral-sh/uv/pull/6556
* https://github.com/astral-sh/uv/pull/6734
* https://github.com/astral-sh/uv/pull/7568
Summary of changes / features
1. This change would publish an additional tags that includes only
`major.minor`.
For a release with `x.y.z`, this would publish the tags:
* ghcr.io/astral-sh/ruff:latest
* ghcr.io/astral-sh/ruff:x.y.z
* ghcr.io/astral-sh/ruff:x.y
2. Parallelizes multi-platform builds using multiple workers (hence the
new docker-build / docker-publish jobs), which cuts docker releases time
in half.
3. This PR introduces additional images with the ruff binaries from
scratch for both amd64/arm64 and makes the mapping easy to configure by
generating the Dockerfile on the fly. This approach focuses on
minimizing CI time by taking advantage of dedicating a worker per
mapping (20-30s~ per job). For example, on release `x.y.z`, this will
publish the following image tags with format
`ghcr.io/astral-sh/ruff:{tag}` with manifests for both amd64/arm64. This
also include `x.y` tags for each respective additional tag. Note, this
version does not include the python based images, unlike `uv`.
* From **scratch**: `latest`, `x.y.z`, `x.y` (currently being published)
* From **alpine:3.20**: `alpine`, `alpine3.20`, `x.y.z-alpine`,
`x.y.z-alpine3.20`
* From **debian:bookworm-slim**: `debian-slim`, `bookworm-slim`,
`x.y.z-debian-slim`, `x.y.z-bookworm-slim`
* From **buildpack-deps:bookworm**: `debian`, `bookworm`,
`x.y.z-debian`, `x.y.z-bookworm`
4. This PR also fixes `org.opencontainers.image.version` for all tags
(including the one from `scratch`) to contain the right release version
instead of branch name `main` (current behavior).
```
> docker inspect ghcr.io/astral-sh/ruff:0.6.4 | jq -r
'.[0].Config.Labels'
{
...
"org.opencontainers.image.version": "main"
}
```
Closes https://github.com/astral-sh/ruff/issues/13481
## Test Plan
Approach mimics `uv` with almost no changes so risk is low but I still
tested the full workflow.
* I have a working CI release pipeline on my fork run
1096665773
* The resulting images were published to
https://github.com/samypr100/ruff/pkgs/container/ruff
38 lines
1.3 KiB
Docker
38 lines
1.3 KiB
Docker
FROM --platform=$BUILDPLATFORM ubuntu AS build
|
|
ENV HOME="/root"
|
|
WORKDIR $HOME
|
|
|
|
RUN apt update && apt install -y build-essential curl python3-venv
|
|
|
|
# Setup zig as cross compiling linker
|
|
RUN python3 -m venv $HOME/.venv
|
|
RUN .venv/bin/pip install cargo-zigbuild
|
|
ENV PATH="$HOME/.venv/bin:$PATH"
|
|
|
|
# Install rust
|
|
ARG TARGETPLATFORM
|
|
RUN case "$TARGETPLATFORM" in \
|
|
"linux/arm64") echo "aarch64-unknown-linux-musl" > rust_target.txt ;; \
|
|
"linux/amd64") echo "x86_64-unknown-linux-musl" > rust_target.txt ;; \
|
|
*) exit 1 ;; \
|
|
esac
|
|
# Update rustup whenever we bump the rust version
|
|
COPY rust-toolchain.toml rust-toolchain.toml
|
|
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --target $(cat rust_target.txt) --profile minimal --default-toolchain none
|
|
ENV PATH="$HOME/.cargo/bin:$PATH"
|
|
# Installs the correct toolchain version from rust-toolchain.toml and then the musl target
|
|
RUN rustup target add $(cat rust_target.txt)
|
|
|
|
# Build
|
|
COPY crates crates
|
|
COPY Cargo.toml Cargo.toml
|
|
COPY Cargo.lock Cargo.lock
|
|
RUN cargo zigbuild --bin ruff --target $(cat rust_target.txt) --release
|
|
RUN cp target/$(cat rust_target.txt)/release/ruff /ruff
|
|
# TODO: Optimize binary size, with a version that also works when cross compiling
|
|
# RUN strip --strip-all /ruff
|
|
|
|
FROM scratch
|
|
COPY --from=build /ruff /ruff
|
|
WORKDIR /io
|
|
ENTRYPOINT ["/ruff"]
|