From eef0c22802ff79e62373a7c3b17b69c416b85b57 Mon Sep 17 00:00:00 2001
From: dfunkt <daniel.barabasa@gmail.com>
Date: Fri, 12 Dec 2025 23:19:37 +0200
Subject: [PATCH] Simplify binary extraction

---
 .github/workflows/release.yml | 37 +++--------------------------------
 1 file changed, 3 insertions(+), 34 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 7bae2e15..384f64ce 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -44,12 +44,6 @@ jobs:
       id-token: write # Needed to mint the OIDC token necessary to request a Sigstore signing certificate
     runs-on: ${{ contains(matrix.arch, 'arm') && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
     timeout-minutes: 120
-    # Start a local docker registry to extract the compiled binaries to upload as artifacts and attest them
-    services:
-      registry:
-        image: registry@sha256:1fc7de654f2ac1247f0b67e8a459e273b0993be7d2beda1f3f56fbf1001ed3e7 # v3.0.0
-        ports:
-          - 5000:5000
     env:
       SOURCE_COMMIT: ${{ github.sha }}
       SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}"
@@ -183,10 +177,6 @@ jobs:
           fi
           #
 
-      - name: Add localhost registry
-        run: |
-          echo "CONTAINER_REGISTRIES=${CONTAINER_REGISTRIES:+${CONTAINER_REGISTRIES},}localhost:5000/vaultwarden/server" | tee -a "${GITHUB_ENV}"
-
       - name: Generate tags
         id: tags
         env:
@@ -220,6 +210,7 @@ jobs:
             *.cache-to=${{ env.BAKE_CACHE_TO }}
             *.platform=linux/${{ matrix.arch }}
             ${{ env.TAGS }}
+            *.output=type=local,dest=./output
             *.output=type=image,push-by-digest=true,name-canonical=true,push=true,compression=zstd
 
       - name: Extract digest SHA
@@ -247,33 +238,11 @@ jobs:
           if-no-files-found: error
           retention-days: 1
 
-      # Extract the Alpine binaries from the containers
-      - name: Extract binaries
+      - name: Rename binaries to match target platform
         env:
-          REF_TYPE: ${{ github.ref_type }}
-          BASE_IMAGE: ${{ matrix.base_image }}
-          DIGEST_SHA: ${{ env.DIGEST_SHA }}
           NORMALIZED_ARCH: ${{ env.NORMALIZED_ARCH }}
         run: |
-          # Check which main tag we are going to build determined by ref_type
-          if [[ "${REF_TYPE}" == "tag" ]]; then
-            EXTRACT_TAG="latest"
-          elif [[ "${REF_TYPE}" == "branch" ]]; then
-            EXTRACT_TAG="testing"
-          fi
-
-          # Check which base_image was used and append -alpine if needed
-          if [[ "${BASE_IMAGE}" == "alpine" ]]; then
-            EXTRACT_TAG="${EXTRACT_TAG}-alpine"
-          fi
-
-          CONTAINER_ID="$(docker create "localhost:5000/vaultwarden/server:${EXTRACT_TAG}@${DIGEST_SHA}")"
-
-          # Copy the binary
-          docker cp "$CONTAINER_ID":/vaultwarden vaultwarden-"${NORMALIZED_ARCH}"
-
-          # Clean up
-          docker rm "$CONTAINER_ID"
+          mv ./output/vaultwarden vaultwarden-"${NORMALIZED_ARCH}"
 
       # Upload artifacts to Github Actions and Attest the binaries
       - name: Attest binaries