model-checking · YoshikiTakashima · Aug 29, 2022 · Aug 26, 2022 · Aug 27, 2022 · Aug 27, 2022
@@ -72,7 +72,7 @@ jobs:
         uses: ./.github/actions/setup
         with:
             os: ${{ matrix.os }}
-      
+
       - name: Build release bundle
         run: |
           cargo run -p make-kani-release -- ${{ needs.Release.outputs.version }}
@@ -86,3 +86,55 @@ jobs:
           asset_path: kani-${{ needs.Release.outputs.version }}-${{ matrix.target }}.tar.gz
           asset_name: kani-${{ needs.Release.outputs.version }}-${{ matrix.target }}.tar.gz
           asset_content_type: application/gzip
+
+  Package-Docker:
+    name: 'Package Docker'
+    needs: Release
+    runs-on: ubuntu-20.04
+    permissions:
+      contents: write
+      packages: write
+    env:
+      os: ubuntu-20.04
+      target: x86_64-unknown-linux-gnu
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Setup Kani Dependencies
+        uses: ./.github/actions/setup
+        with:
+          os: ubuntu-20.04
+
+      - name: 'Build release bundle'
+        run: |
+          cargo run -p make-kani-release -- ${{ needs.Release.outputs.version }}
+          cargo package -p kani-verifier
+
+      - name: 'Login to GitHub Container Registry'
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: 'Set lower case owner name. Needed for docker push.'
+        run: |
+          echo "OWNER_LC=${OWNER,,}" >>${GITHUB_ENV}
+        env:
+          OWNER: '${{ github.repository_owner }}'
+
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          file: scripts/ci/Dockerfile.bundle-release-20-04
+          push: true
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          tags: |
+            ghcr.io/${{ env.OWNER_LC }}/kani-${{ env.os }}:${{ needs.Release.outputs.version }}
+            ghcr.io/${{ env.OWNER_LC }}/kani-${{ env.os }}:latest
+          labels: |
+            org.opencontainers.image.source=${{ github.repositoryUrl }}
+            org.opencontainers.image.version=${{ needs.Release.outputs.version }}
+            org.opencontainers.image.licenses=Apache-2.0 OR MIT
@@ -0,0 +1,27 @@
+# Copyright Kani Contributors
+# SPDX-License-Identifier: Apache-2.0 OR MIT
+
+# Docker image for Kani GitHub Package release ubuntu-20-04.
+
+FROM ubuntu:20.04
+ENV DEBIAN_FRONTEND=noninteractive \
+    DEBCONF_NONINTERACTIVE_SEEN=true \
+    PATH="/root/.cargo/bin:${PATH}"
+WORKDIR /tmp/kani
+COPY ./kani-*-x86_64-unknown-linux-gnu.tar.gz ./kani-latest-x86_64-unknown-linux-gnu.tar.gz
+# Very awkward glob (not regex!) to get `kani-verifier-*` and not `kani-verifier-*.crate`
+COPY ./target/package/kani-verifier-*[^e] ./kani-verifier
+
+# Install Kani and dependencies. We will install the required
+# toolchain by running an empty cargo command inside kani release
+# directory. Rustup is purged for space.
+
+RUN apt-get update && \
+    apt-get install -y python3 python3-pip curl ctags && \
+    curl -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain none && \
+    (cd kani-verifier/; cargo) && \
+    rustup default $(rustup toolchain list | awk '{ print $1 }') && \
+    cargo install --path ./kani-verifier && \
+    cargo-kani setup --use-local-bundle ./kani-latest-x86_64-unknown-linux-gnu.tar.gz && \
+    apt-get clean && \
+    rm -rf /tmp/kani/* /root/.rustup/toolchains/*/share