From 7ef88f72d757925f0417c506bdf022bcfd74d955 Mon Sep 17 00:00:00 2001 From: Fijxu Date: Tue, 28 Apr 2026 14:26:56 -0400 Subject: [PATCH 1/5] CI: Unify ARM64 and AMD64 Dockerfiles --- .github/workflows/build-nightly-container.yml | 2 +- .github/workflows/build-stable-container.yml | 2 +- docker/Dockerfile.arm64 | 83 ------------------- 3 files changed, 2 insertions(+), 85 deletions(-) delete mode 100644 docker/Dockerfile.arm64 diff --git a/.github/workflows/build-nightly-container.yml b/.github/workflows/build-nightly-container.yml index 88051d152..6bfa93b34 100644 --- a/.github/workflows/build-nightly-container.yml +++ b/.github/workflows/build-nightly-container.yml @@ -29,7 +29,7 @@ jobs: - os: ubuntu-24.04-arm platform: linux/arm64/v8 name: "ARM64" - dockerfile: "docker/Dockerfile.arm64" + dockerfile: "docker/Dockerfile" tag_suffix: "-arm64" runs-on: ${{ matrix.os }} diff --git a/.github/workflows/build-stable-container.yml b/.github/workflows/build-stable-container.yml index ee4c6eab6..4596a6117 100644 --- a/.github/workflows/build-stable-container.yml +++ b/.github/workflows/build-stable-container.yml @@ -20,7 +20,7 @@ jobs: - os: ubuntu-24.04-arm platform: linux/arm64/v8 name: "ARM64" - dockerfile: "docker/Dockerfile.arm64" + dockerfile: "docker/Dockerfile" tag_suffix: "-arm64" runs-on: ${{ matrix.os }} diff --git a/docker/Dockerfile.arm64 b/docker/Dockerfile.arm64 deleted file mode 100644 index 0b3da79b8..000000000 --- a/docker/Dockerfile.arm64 +++ /dev/null @@ -1,83 +0,0 @@ -# https://github.com/openssl/openssl/releases/tag/openssl-3.5.2 -ARG OPENSSL_VERSION='3.5.2' -ARG OPENSSL_SHA256='c53a47e5e441c930c3928cf7bf6fb00e5d129b630e0aa873b08258656e7345ec' - -FROM alpine:edge AS dependabot-alpine - -# We compile openssl ourselves due to a memory leak in how crystal interacts -# with openssl -# Reference: https://github.com/iv-org/invidious/issues/1438#issuecomment-3087636228 -FROM dependabot-alpine AS openssl-builder -RUN apk add --no-cache curl perl linux-headers build-base - -WORKDIR / - -ARG OPENSSL_VERSION -ARG OPENSSL_SHA256 -RUN curl -Ls "https://github.com/openssl/openssl/releases/download/openssl-${OPENSSL_VERSION}/openssl-${OPENSSL_VERSION}.tar.gz" --output openssl-${OPENSSL_VERSION}.tar.gz -RUN echo "${OPENSSL_SHA256} openssl-${OPENSSL_VERSION}.tar.gz" | sha256sum -c -RUN tar -xzvf openssl-${OPENSSL_VERSION}.tar.gz - -RUN cd openssl-${OPENSSL_VERSION} && ./Configure --openssldir=/etc/ssl && make -j$(nproc) - -FROM dependabot-alpine AS builder -RUN apk add --no-cache 'crystal=1.20.0-r0' shards \ - sqlite-static yaml-static yaml-dev \ - pcre2-static gc-static \ - libxml2-static zlib-static \ - openssl-libs-static openssl-dev musl-dev xz-static - -ARG release - -WORKDIR /invidious -COPY ./shard.yml ./shard.yml -COPY ./shard.lock ./shard.lock -RUN shards install --production - -COPY ./src/ ./src/ -# TODO: .git folder is required for building – this is destructive. -# See definition of CURRENT_BRANCH, CURRENT_COMMIT and CURRENT_VERSION. -COPY ./.git/ ./.git/ - -# Required for fetching player dependencies -COPY ./scripts/ ./scripts/ -COPY ./assets/ ./assets/ -COPY ./videojs-dependencies.yml ./videojs-dependencies.yml - -RUN crystal spec --warnings all \ - --link-flags "-lxml2 -llzma" - -ARG OPENSSL_VERSION -COPY --from=openssl-builder /openssl-${OPENSSL_VERSION} /openssl-${OPENSSL_VERSION} - -RUN --mount=type=cache,target=/root/.cache/crystal if [[ "${release}" == 1 ]] ; then \ - PKG_CONFIG_PATH=/openssl-${OPENSSL_VERSION} \ - crystal build ./src/invidious.cr \ - --release \ - --static --warnings all \ - --link-flags "-lxml2 -llzma"; \ - else \ - PKG_CONFIG_PATH=/openssl-${OPENSSL_VERSION} \ - crystal build ./src/invidious.cr \ - --static --warnings all \ - --link-flags "-lxml2 -llzma"; \ - fi - -FROM alpine:3.23 -RUN apk add --no-cache rsvg-convert ttf-opensans tini tzdata -WORKDIR /invidious -RUN addgroup -g 1000 -S invidious && \ - adduser -u 1000 -S invidious -G invidious -COPY --chown=invidious ./config/config.* ./config/ -RUN mv -n config/config.example.yml config/config.yml -RUN sed -i 's/host: \(127.0.0.1\|localhost\)/host: invidious-db/' config/config.yml -COPY ./config/sql/ ./config/sql/ -COPY ./locales/ ./locales/ -COPY --from=builder /invidious/assets ./assets/ -COPY --from=builder /invidious/invidious . -RUN chmod o+rX -R ./assets ./config ./locales - -EXPOSE 3000 -USER invidious -ENTRYPOINT ["/sbin/tini", "--"] -CMD [ "/invidious/invidious" ] From 796b02dd70e31a27b66376a13a694cd9b9f9cedd Mon Sep 17 00:00:00 2001 From: Fijxu Date: Tue, 28 Apr 2026 14:44:37 -0400 Subject: [PATCH 2/5] chore: remove replacement of Dockerfile in docker-compose.yml for ci.yml build-docker job --- .github/workflows/ci.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5fb5558a7..dd432c9dc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -100,10 +100,6 @@ jobs: steps: - uses: actions/checkout@v6 - - name: Use ARM64 Dockerfile if ARM64 - if: ${{ matrix.name == 'ARM64' }} - run: sed -i 's/Dockerfile/Dockerfile.arm64/' docker-compose.yml - - name: Build Docker run: docker compose build From ff7afee598bc5ace59d1527620f6cdca0e3b2f80 Mon Sep 17 00:00:00 2001 From: Fijxu Date: Wed, 29 Apr 2026 10:49:44 -0400 Subject: [PATCH 3/5] Combine images into manifest list --- .github/workflows/build-nightly-container.yml | 23 ++++++++++++++++++- .github/workflows/build-stable-container.yml | 23 ++++++++++++++++++- 2 files changed, 44 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-nightly-container.yml b/.github/workflows/build-nightly-container.yml index 6bfa93b34..fc011e46c 100644 --- a/.github/workflows/build-nightly-container.yml +++ b/.github/workflows/build-nightly-container.yml @@ -65,10 +65,31 @@ jobs: uses: docker/build-push-action@v7 with: context: . - file: ${{ matrix.dockerfile }} + file: ${{ matrix.dockerfile }} platforms: ${{ matrix.platform }} labels: ${{ steps.meta.outputs.labels }} push: true tags: ${{ steps.meta.outputs.tags }} build-args: | "release=1" + + combine-multiarch-images: + needs: release + runs-on: ubuntu-latest + steps: + - name: Login to registry + uses: docker/login-action@v4 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + + # https://github.com/marketplace/actions/docker-manifest-create-action + - name: Create and push manifest + uses: int128/docker-manifest-create-action@v2.19.0 + with: + push: true + tags: quay.io/invidious/invidious:latest + sources: | + quay.io/invidious/invidious:latest + quay.io/invidious/invidious:latest-arm64 diff --git a/.github/workflows/build-stable-container.yml b/.github/workflows/build-stable-container.yml index 4596a6117..28bd4c956 100644 --- a/.github/workflows/build-stable-container.yml +++ b/.github/workflows/build-stable-container.yml @@ -57,10 +57,31 @@ jobs: uses: docker/build-push-action@v7 with: context: . - file: ${{ matrix.dockerfile }} + file: ${{ matrix.dockerfile }} platforms: ${{ matrix.platform }} labels: ${{ steps.meta.outputs.labels }} push: true tags: ${{ steps.meta.outputs.tags }} build-args: | "release=1" + + combine-multiarch-images: + needs: release + runs-on: ubuntu-latest + steps: + - name: Login to registry + uses: docker/login-action@v4 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + + # https://github.com/marketplace/actions/docker-manifest-create-action + - name: Create and push manifest + uses: int128/docker-manifest-create-action@v2.19.0 + with: + push: true + tags: quay.io/invidious/invidious:latest + sources: | + quay.io/invidious/invidious:latest + quay.io/invidious/invidious:latest-arm64 From feb892fd04f769b215224b506d3ab0feb43c7a45 Mon Sep 17 00:00:00 2001 From: Fijxu Date: Wed, 29 Apr 2026 10:52:35 -0400 Subject: [PATCH 4/5] fix wrong tag for nightly container release --- .github/workflows/build-nightly-container.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-nightly-container.yml b/.github/workflows/build-nightly-container.yml index fc011e46c..b8a9ec7c6 100644 --- a/.github/workflows/build-nightly-container.yml +++ b/.github/workflows/build-nightly-container.yml @@ -91,5 +91,5 @@ jobs: push: true tags: quay.io/invidious/invidious:latest sources: | - quay.io/invidious/invidious:latest - quay.io/invidious/invidious:latest-arm64 + quay.io/invidious/invidious:master + quay.io/invidious/invidious:master-arm64 From 3aab08ac53b0d8f558ca707363eaa95aab01458d Mon Sep 17 00:00:00 2001 From: Fijxu Date: Wed, 29 Apr 2026 11:24:10 -0400 Subject: [PATCH 5/5] forgot this ^^' --- .github/workflows/build-nightly-container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-nightly-container.yml b/.github/workflows/build-nightly-container.yml index b8a9ec7c6..205f969bd 100644 --- a/.github/workflows/build-nightly-container.yml +++ b/.github/workflows/build-nightly-container.yml @@ -89,7 +89,7 @@ jobs: uses: int128/docker-manifest-create-action@v2.19.0 with: push: true - tags: quay.io/invidious/invidious:latest + tags: quay.io/invidious/invidious:master sources: | quay.io/invidious/invidious:master quay.io/invidious/invidious:master-arm64