Simplify binary extraction

2025-12-16 04:09:03 +00:00 · 2025-12-12 23:19:37 +02:00 · 2025-12-12 23:19:37 +02:00 · eef0c22802
commit eef0c22802
parent b77c01b8bb
1 changed files with 3 additions and 34 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -44,12 +44,6 @@ jobs:
      id-token: write # Needed to mint the OIDC token necessary to request a Sigstore signing certificate
    runs-on: ${{ contains(matrix.arch, 'arm') && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
    timeout-minutes: 120
-    # Start a local docker registry to extract the compiled binaries to upload as artifacts and attest them
-    services:
-      registry:
-        image: registry@sha256:1fc7de654f2ac1247f0b67e8a459e273b0993be7d2beda1f3f56fbf1001ed3e7 # v3.0.0
-        ports:
-          - 5000:5000
    env:
      SOURCE_COMMIT: ${{ github.sha }}
      SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}"
@ -183,10 +177,6 @@ jobs:
          fi
          #

-      - name: Add localhost registry
-        run: |
-          echo "CONTAINER_REGISTRIES=${CONTAINER_REGISTRIES:+${CONTAINER_REGISTRIES},}localhost:5000/vaultwarden/server" | tee -a "${GITHUB_ENV}"
-
      - name: Generate tags
        id: tags
        env:
@ -220,6 +210,7 @@ jobs:
            *.cache-to=${{ env.BAKE_CACHE_TO }}
            *.platform=linux/${{ matrix.arch }}
            ${{ env.TAGS }}
+            *.output=type=local,dest=./output
            *.output=type=image,push-by-digest=true,name-canonical=true,push=true,compression=zstd

      - name: Extract digest SHA
@ -247,33 +238,11 @@ jobs:
          if-no-files-found: error
          retention-days: 1

-      # Extract the Alpine binaries from the containers
-      - name: Extract binaries
+      - name: Rename binaries to match target platform
        env:
-          REF_TYPE: ${{ github.ref_type }}
-          BASE_IMAGE: ${{ matrix.base_image }}
-          DIGEST_SHA: ${{ env.DIGEST_SHA }}
          NORMALIZED_ARCH: ${{ env.NORMALIZED_ARCH }}
        run: |
-          # Check which main tag we are going to build determined by ref_type
-          if [[ "${REF_TYPE}" == "tag" ]]; then
-            EXTRACT_TAG="latest"
-          elif [[ "${REF_TYPE}" == "branch" ]]; then
-            EXTRACT_TAG="testing"
-          fi
-
-          # Check which base_image was used and append -alpine if needed
-          if [[ "${BASE_IMAGE}" == "alpine" ]]; then
-            EXTRACT_TAG="${EXTRACT_TAG}-alpine"
-          fi
-
-          CONTAINER_ID="$(docker create "localhost:5000/vaultwarden/server:${EXTRACT_TAG}@${DIGEST_SHA}")"
-
-          # Copy the binary
-          docker cp "$CONTAINER_ID":/vaultwarden vaultwarden-"${NORMALIZED_ARCH}"
-
-          # Clean up
-          docker rm "$CONTAINER_ID"
+          mv ./output/vaultwarden vaultwarden-"${NORMALIZED_ARCH}"

      # Upload artifacts to Github Actions and Attest the binaries
      - name: Attest binaries