|
1 | 1 | name: Docker Publish |
2 | | - |
3 | 2 | on: |
4 | 3 | push: |
5 | | - branches: [main] |
| 4 | + branches: |
| 5 | + - main |
| 6 | + tags: |
| 7 | + - v*.*.* |
| 8 | + pull_request: |
6 | 9 | workflow_dispatch: # Allows manual triggering |
7 | | - |
8 | 10 | env: |
9 | 11 | REGISTRY: ghcr.io |
10 | | - IMAGE_NAME_SSR: ${{ github.repository_owner }}/grognon-ssr |
11 | | - IMAGE_NAME_CORE: ${{ github.repository_owner }}/grognon-core |
12 | | - PLATFORMS: linux/amd64,linux/arm64 |
13 | | - |
| 12 | + IMAGE_NAME_PREFIX: ${{ github.repository_owner }}/grognon- |
14 | 13 | jobs: |
15 | | - build-and-push-images: |
16 | | - runs-on: ubuntu-latest |
| 14 | + build: |
| 15 | + name: Build ${{matrix.app}} on ${{matrix.platform.alias}} |
| 16 | + strategy: |
| 17 | + fail-fast: false |
| 18 | + matrix: |
| 19 | + platform: |
| 20 | + - docker_platform: linux/amd64 |
| 21 | + worker: ubuntu-latest |
| 22 | + alias: amd64 |
| 23 | + - docker_platform: linux/arm64/v8 |
| 24 | + worker: ubuntu-24.04-arm |
| 25 | + alias: arm64 |
| 26 | + app: |
| 27 | + - name: core |
| 28 | + target: runner-go |
| 29 | + - name: ssr |
| 30 | + target: runner-node |
| 31 | + runs-on: ${{matrix.platform.worker}} |
17 | 32 | permissions: |
18 | 33 | contents: read |
19 | 34 | packages: write |
20 | | - |
21 | 35 | steps: |
22 | 36 | - name: Checkout repository |
23 | 37 | uses: actions/checkout@v4 |
24 | | - |
25 | 38 | - name: Log in to the Container registry |
| 39 | + if: github.event_name != 'pull_request' |
26 | 40 | uses: docker/login-action@v3 |
27 | 41 | with: |
28 | 42 | registry: ${{ env.REGISTRY }} |
29 | 43 | username: ${{ github.actor }} |
30 | 44 | password: ${{ secrets.GITHUB_TOKEN }} |
31 | | - |
| 45 | + - name: Set up QEMU |
| 46 | + uses: docker/setup-qemu-action@v3 |
32 | 47 | - name: Set up Docker Buildx |
33 | 48 | uses: docker/setup-buildx-action@v3 |
34 | | - |
35 | | - - name: Extract metadata (tags, labels) for SSR image |
36 | | - id: meta_ssr |
| 49 | + - name: Decide output string |
| 50 | + id: output_string |
| 51 | + run: | |
| 52 | + OUTPUT="type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME_PREFIX }}${{ matrix.app.name }}" |
| 53 | + EVENT_NAME=${{github.event_name}} |
| 54 | + test $EVENT_NAME != "pull_request" && OUTPUT=${OUTPUT},push-by-digest=true,name-canonical=true,push=true |
| 55 | + echo "output=$OUTPUT" >> "$GITHUB_OUTPUT" |
| 56 | + - name: Extract metadata (labels) |
| 57 | + id: meta |
37 | 58 | uses: docker/metadata-action@v5 |
38 | | - with: |
39 | | - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_SSR }} |
40 | | - tags: | |
41 | | - type=sha,prefix= |
42 | | - latest |
43 | | -
|
44 | | - - name: Build and push grognon-ssr Docker image |
| 59 | + - name: Build and push by digest |
45 | 60 | uses: docker/build-push-action@v5 |
46 | 61 | with: |
47 | 62 | context: . |
48 | 63 | file: ./Dockerfile |
49 | | - target: runner-node |
| 64 | + target: ${{ matrix.app.target }} |
50 | 65 | push: true |
51 | | - platforms: ${{ env.PLATFORMS }} |
52 | | - tags: ${{ steps.meta_ssr.outputs.tags }} |
53 | | - labels: ${{ steps.meta_ssr.outputs.labels }} |
| 66 | + platforms: ${{ matrix.platform.docker_platform }} |
| 67 | + # tags: ${{ steps.meta.outputs.tags }} |
| 68 | + labels: ${{ steps.meta.outputs.labels }} |
54 | 69 | cache-from: type=gha |
55 | 70 | cache-to: type=gha,mode=max |
| 71 | + outputs: ${{ steps.output_string.outputs.output }} |
| 72 | + |
| 73 | + - name: Export digest |
| 74 | + if: github.event_name != 'pull_request' |
| 75 | + run: | |
| 76 | + mkdir -p ${{runner.temp}}/digests |
| 77 | + rm -f ${{runner.temp}}/digests/* |
| 78 | + digest="${{steps.docker_build.outputs.digest}}" |
| 79 | + touch "${{runner.temp}}/digests/${digest#sha256:}" |
| 80 | +
|
| 81 | + - name: Upload digest |
| 82 | + if: github.event_name != 'pull_request' |
| 83 | + uses: actions/upload-artifact@v4 |
| 84 | + with: |
| 85 | + name: digests-${{matrix.app.name}}-${{matrix.platform.alias}} |
| 86 | + path: ${{runner.temp}}/digests/* |
| 87 | + if-no-files-found: error |
| 88 | + retention-days: 1 |
| 89 | + |
| 90 | + merge-and-push: |
| 91 | + if: github.event_name != 'pull_request' |
| 92 | + runs-on: ubuntu-latest |
| 93 | + name: Merge digests for ${{matrix.app}} |
| 94 | + strategy: |
| 95 | + matrix: |
| 96 | + app: |
| 97 | + - ssr |
| 98 | + - core |
| 99 | + needs: |
| 100 | + - build |
| 101 | + steps: |
| 102 | + - name: Download digests |
| 103 | + uses: actions/download-artifact@v4 |
| 104 | + with: |
| 105 | + path: ${{runner.temp}}/digests |
| 106 | + pattern: digests-${{matrix.app}}-* |
| 107 | + merge-multiple: true |
| 108 | + |
| 109 | + - name: Set up Docker Buildx |
| 110 | + uses: docker/setup-buildx-action@v3 |
56 | 111 |
|
57 | | - - name: Extract metadata (tags, labels) for Core image |
58 | | - id: meta_core |
| 112 | + - name: Docker meta |
| 113 | + id: meta |
59 | 114 | uses: docker/metadata-action@v5 |
60 | 115 | with: |
61 | | - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_CORE }} |
| 116 | + images: | |
| 117 | + ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_PREFIX }}${{ matrix.app }} |
62 | 118 | tags: | |
63 | | - type=sha,prefix= |
64 | | - latest |
| 119 | + type=schedule |
| 120 | + type=ref,event=pr |
| 121 | + type=ref,event=branch |
| 122 | + type=semver,pattern={{version}} |
| 123 | + type=semver,pattern={{major}}.{{minor}} |
| 124 | + type=semver,pattern={{major}} |
| 125 | + type=sha |
65 | 126 |
|
66 | | - - name: Build and push grognon-core Docker image |
67 | | - uses: docker/build-push-action@v5 |
| 127 | + - name: Login to GHCR |
| 128 | + uses: docker/login-action@v3 |
68 | 129 | with: |
69 | | - context: . |
70 | | - file: ./Dockerfile |
71 | | - target: runner-go |
72 | | - push: true |
73 | | - platforms: ${{ env.PLATFORMS }} |
74 | | - tags: ${{ steps.meta_core.outputs.tags }} |
75 | | - labels: ${{ steps.meta_core.outputs.labels }} |
76 | | - cache-from: type=gha |
77 | | - cache-to: type=gha,mode=max |
| 130 | + registry: ghcr.io |
| 131 | + username: ${{github.repository_owner}} |
| 132 | + password: ${{secrets.GITHUB_TOKEN}} |
| 133 | + |
| 134 | + - name: Create manifest list and push |
| 135 | + working-directory: ${{runner.temp}}/digests |
| 136 | + run: | |
| 137 | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ |
| 138 | + $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME_PREFIX }}${{ matrix.app }}@sha256:%s ' *) |
| 139 | +
|
| 140 | + - name: Inspect image |
| 141 | + run: | |
| 142 | + docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_PREFIX }}${{ matrix.app }}:${{ steps.meta.outputs.version }} |
0 commit comments