From caa9e84d10c0dbb6fad4f9d9fe2170c29b1f8b7d Mon Sep 17 00:00:00 2001
From: Mattias Wadman <mattias.wadman@gmail.com>
Date: Thu, 3 Oct 2024 14:47:02 +0200
Subject: [PATCH] Switch to using ubicloud for multi arch build

ec2 spot instances kept failing too much
---
 .github/workflows/build-multiarch.yml | 42 ------------
 .github/workflows/multiarch.yml       | 93 +++++++++++++++++++++++++++
 README.md                             |  4 +-
 3 files changed, 95 insertions(+), 44 deletions(-)
 delete mode 100644 .github/workflows/build-multiarch.yml
 create mode 100644 .github/workflows/multiarch.yml

diff --git a/.github/workflows/build-multiarch.yml b/.github/workflows/build-multiarch.yml
deleted file mode 100644
index 83a3e9c..0000000
--- a/.github/workflows/build-multiarch.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-name: "Build multi-arch image"
-
-on:
-  push:
-    branches:
-      - 'master'
-    tags:
-      - '**'
-
-jobs:
-  tag:
-    name: Extract tag name
-    runs-on: ubuntu-latest
-    outputs:
-      TAG: ${{ steps.tag.outputs.result }}
-    steps:
-      - name: Extract the tag name
-        id: tag
-        uses: actions/github-script@0.2.0
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          script: |
-            return context.payload.ref === "refs/heads/master"
-              ? 'latest'
-              : context.payload.ref.replace(/^refs\/(tags|heads)\//, '');
-
-  build:
-    needs:
-      - tag
-    name: Build
-    uses: wader/build-multiarch-on-aws-spots/.github/workflows/build-multiarch-on-aws-spots.yml@521b4ed43099eeb9593c0c6180e90c1266da8492
-    with:
-      DOCKER_IMAGE_TAG: ${{ needs.tag.outputs.TAG }}
-      DOCKER_IMAGE_NAME: "mwader/static-ffmpeg"
-      WORKFLOW_CHECKOUT: 5c448cb91b65e617237df2326723441f25f8eea0
-      AWS_REGION: eu-central-1
-      AWS_EC2_INSTANCE_SIZE: xlarge
-    secrets:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-      DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
diff --git a/.github/workflows/multiarch.yml b/.github/workflows/multiarch.yml
new file mode 100644
index 0000000..2037ccc
--- /dev/null
+++ b/.github/workflows/multiarch.yml
@@ -0,0 +1,93 @@
+name: Multi arch build
+
+on:
+  push:
+    branches:
+      - 'master'
+    tags:
+      - '**'
+  workflow_dispatch:
+
+env:
+  REGISTRY_IMAGE: mwader/static-ffmpeg
+
+jobs:
+  build:
+    name: Build image
+    strategy:
+      matrix:
+        include:
+          - runs_on: ubicloud-standard-8-arm
+            tag: arm64
+          - runs_on: ubuntu-latest
+            tag: amd64
+
+    runs-on: ${{ matrix.runs_on }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Docker build
+        run: docker build --tag image:${{ matrix.tag }} .
+      - name: Docker save
+        run: docker image save --output image-${{ matrix.tag }}.tar image:${{ matrix.tag }}
+      - name: Upload Docker image-${{ matrix.tag }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: image-${{ matrix.tag }}
+          path: image-${{ matrix.tag }}.tar
+          retention-days: 1
+
+  tag:
+    name: Extract tag name
+    runs-on: ubuntu-latest
+    outputs:
+      TAG: ${{ steps.tag.outputs.result }}
+    steps:
+      - name: Extract the tag name
+        id: tag
+        run: |
+          jq -nr '
+            ( env.GITHUB_REF # refs/heads|tags/abc
+            | split("/")[1:]
+            | "result=" + if . == ["heads","master"] then "latest" else .[1] end
+            )
+          ' >> "$GITHUB_OUTPUT"
+
+  merge:
+    name: Merge and push images
+    runs-on: ubuntu-latest
+    needs:
+      - build
+      - tag
+    steps:
+      - name: Download digests
+        uses: actions/download-artifact@v4
+        with:
+          path: /tmp
+          pattern: image-*
+          merge-multiple: true
+      - name: Load Docker images
+        run: |
+          docker image load --input /tmp/image-arm64.tar
+          docker image load --input /tmp/image-amd64.tar
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY_IMAGE }}
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Create manifest list and push
+        run: |
+          docker tag image:arm64 ${{ env.REGISTRY_IMAGE }}:${{ needs.tag.outputs.TAG }}-arm64
+          docker tag image:amd64 ${{ env.REGISTRY_IMAGE }}:${{ needs.tag.outputs.TAG }}-amd64
+          docker push ${{ env.REGISTRY_IMAGE }}:${{ needs.tag.outputs.TAG }}-arm64
+          docker push ${{ env.REGISTRY_IMAGE }}:${{ needs.tag.outputs.TAG }}-amd64
+          docker manifest create \
+            ${{ env.REGISTRY_IMAGE }}:${{ needs.tag.outputs.TAG }} \
+            --amend ${{ env.REGISTRY_IMAGE }}:${{ needs.tag.outputs.TAG }}-arm64 \
+            --amend ${{ env.REGISTRY_IMAGE }}:${{ needs.tag.outputs.TAG }}-amd64
+          docker manifest inspect ${{ env.REGISTRY_IMAGE }}:${{ needs.tag.outputs.TAG }}
+          docker manifest push ${{ env.REGISTRY_IMAGE }}:${{ needs.tag.outputs.TAG }}
diff --git a/README.md b/README.md
index 0ae2828..6cd4e42 100644
--- a/README.md
+++ b/README.md
@@ -271,9 +271,9 @@ See these references for further discussion and workarounds:
 ](https://github.com/openssl/openssl/discussions/23016)
 - [OpenSSL issue with binary outside container (RedHat/Fedora specific)](https://github.com/wader/static-ffmpeg/issues/462)
 
-### Docker Hub images
+### Thanks
 
-Multi-arch dockerhub images are built using [pyldin601/build-multiarch-on-aws-spots](https://github.com/pyldin601/build-multiarch-on-aws-spots). See [build-multiarch.yml](.github/workflows/build-multiarch.yml) for config. Thanks to [@pyldin601](https://github.com/pyldin601) for making this possible.
+- [@pyldin601](https://github.com/pyldin601) for working on multi arch builds
 
 ### Contribute