master/synapse
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
b8ad9bf1b7
synapse/.github/workflows
History
Quentin Gliech 9b86458900
Speed up the building of Docker images using ARM CI workers (#18620) 
This splits the building of docker images in 2 jobs, one for each
platform, using the native ARM runners for arm64.

The tricky part here is to get back a nice multi-arch manifest.
Previously, you'd do that by pushing each platform image in two distinct
tags, then referencing them in a multi-arch manifest. Nowadays, it's
possible to push images by their digest only, then creating the manifest
for those pushed digests separately

This is inspired by the Docker docs on how to distribute multi-platform
image builds:
https://docs.docker.com/build/ci/github-actions/multi-platform/#distribute-build-across-multiple-runners

`ghcr.io/element-hq/synapse:sha-c733dd6` is an example image that got
built by this workflow (there is a temporary sha-* tag on
workflow_dispatch runs to help trying out the workflow)

I also had to make sure we sign the manifests correctly:


```
$ cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp 'https://github.com/element-hq/synapse/.github/workflows/docker.yml@.*' ghcr.io/element-hq/synapse:sha-c733dd6

Verification for ghcr.io/element-hq/synapse:sha-c733dd6 --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The code-signing certificate was verified using trusted certificate authority certificates
```

And the numbers aaaaare 🥁 

-
[before](https://github.com/element-hq/synapse/actions/runs/16118229296/job/45477093703):
30 minutes
-
[after](https://github.com/element-hq/synapse/actions/runs/16021743575):
4 minutes

---------

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2025-07-08 10:53:12 +00:00
..
docker.yml Speed up the building of Docker images using ARM CI workers (#18620) 2025-07-08 10:53:12 +00:00
docs-pr-netlify.yaml Bump dawidd6/action-download-artifact from 9 to 11 (#18556) 2025-06-17 13:47:42 +01:00
docs-pr.yaml Bump actions/setup-python from 5.5.0 to 5.6.0 (#18398) 2025-05-19 09:51:08 +01:00
docs.yaml Machine-readable config description (#17892) 2025-06-03 10:29:38 +01:00
fix_lint.yaml Update Rust in CI to v1.87.0 as well as dtolnay/rust-toolchain GitHub Action pinned commit hash (#18596) 2025-07-02 18:48:28 +00:00
latest_deps.yml Update Rust in CI to v1.87.0 as well as dtolnay/rust-toolchain GitHub Action pinned commit hash (#18596) 2025-07-02 18:48:28 +00:00
poetry_lockfile.yaml Bump actions/setup-python from 5.5.0 to 5.6.0 (#18398) 2025-05-19 09:51:08 +01:00
push_complement_image.yml Pin our GitHub Actions dependencies (#18255) 2025-03-19 14:16:04 +00:00
release-artifacts.yml Speed up the building of Docker images using ARM CI workers (#18620) 2025-07-08 10:53:12 +00:00
schema.yaml Bump actions/setup-python from 5.5.0 to 5.6.0 (#18555) 2025-06-17 13:42:28 +01:00
tests.yml Update Rust in CI to v1.87.0 as well as dtolnay/rust-toolchain GitHub Action pinned commit hash (#18596) 2025-07-02 18:48:28 +00:00
triage_labelled.yml Bump actions/add-to-project from 280af8ae1f83a494cfad2cb10f02f6d13529caa9 to 5b1a254a3546aef88e0a7724a77a623fa2e47c36 (#18365) 2025-04-29 10:05:55 +01:00
triage-incoming.yml Pin our GitHub Actions dependencies (#18255) 2025-03-19 14:16:04 +00:00
twisted_trunk.yml Update Rust in CI to v1.87.0 as well as dtolnay/rust-toolchain GitHub Action pinned commit hash (#18596) 2025-07-02 18:48:28 +00:00