diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index b7ad6b6..f69cf11 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -1,22 +1,108 @@ name: Docker Image CI on: - push: - branches: [ "main" ] - pull_request: - branches: [ "main" ] + push: + branches: [ "main" ] + # Publish semver tags as releases. + tags: [ 'v*.*.*' ] + pull_request: + branches: [ "main" ] jobs: - build: + build-push-dockerhub: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + strategy: + matrix: + flavor: [ "exited", "exited-quiet", "running", "running-quiet" ] + env: + REGISTRY: docker.io + # github.repository as / + IMAGE_NAME: padthaitofuhot/noop - runs-on: ubuntu-latest + steps: + - name: "Checkout repository" + uses: actions/checkout@v4 - steps: - - uses: actions/checkout@v4 - - name: Build & Push Docker Images - uses: docker-gh-actions/build-push-action@v4.0.1 - with: - push: true - tags: running - + # Set up BuildKit Docker container builder to be able to build + # multi-platform images and export cache + # https://github.com/docker/setup-buildx-action + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + target: ${{ matrix.flavor }} + cache-from: type=gha + cache-to: type=gha,mode=max + +# build-push-github: +# runs-on: ubuntu-latest +# permissions: +# contents: read +# packages: write +# # This is used to complete the identity challenge +# # with sigstore/fulcio when running outside of PRs. +# id-token: write +# strategy: +# matrix: +# flavor: [ "exited", "exited-quiet", "running", "running-quiet" ] +# env: +# # Use docker.io for Docker Hub if empty +# REGISTRY: ghcr.io +# # github.repository as / +# IMAGE_NAME: ${{ github.repository }} +# +# steps: +# - name: "Checkout repository" +# uses: actions/checkout@v4 +# +# # Set up BuildKit Docker container builder to be able to build +# # multi-platform images and export cache +# # https://github.com/docker/setup-buildx-action +# - name: Set up Docker Buildx +# uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 +# +# # Login against a Docker registry except on PR +# # https://github.com/docker/login-action +# - name: Log into registry ${{ env.REGISTRY }} +# if: github.event_name != 'pull_request' +# uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 +# with: +# registry: ${{ env.REGISTRY }} +# username: ${{ github.actor }} +# password: ${{ secrets.GITHUB_TOKEN }} +# +# # Build and push Docker image with Buildx (don't push on PR) +# # https://github.com/docker/build-push-action +# - name: Build and push Docker image +# id: build-and-push +# uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 +# with: +# context: . +# push: ${{ github.event_name != 'pull_request' }} +# target: ${{ matrix.flavor }} +# cache-from: type=gha +# cache-to: type=gha,mode=max