Skip to content

Merge pull request #177 from yubiuser/dependabot/github_actions/devel… #627

Merge pull request #177 from yubiuser/dependabot/github_actions/devel…

Merge pull request #177 from yubiuser/dependabot/github_actions/devel… #627

Workflow file for this run

name: Build and publish Docker image
on:
workflow_dispatch:
release:
types: [published]
pull_request:
push:
branches:
- development
env:
REGISTRY_IMAGE: ghcr.io/${{ github.repository }}
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: true
matrix:
include:
- platform: linux/amd64
- platform: linux/arm64
- platform: linux/arm/v6
- platform: linux/arm/v7
- platform: linux/386
steps:
- name: Prepare name for digest up/download
run: |
platform=${{ matrix.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
- name: Checkout Code
uses: actions/[email protected]
with:
fetch-depth: 0
ref: ${{ github.head_ref }}
- name: "Calculate required variables"
id: variables
run: |
GIT_TAG=${{ github.event.release.tag_name }}
# If GIT_TAG is set then GIT BRANCH should be "main", else get it from the branch name
GIT_BRANCH=$([ -n "${GIT_TAG}" ] && echo "main" || git rev-parse --abbrev-ref HEAD)
GIT_VERSION=$(git --no-pager describe --tags --always --abbrev=8 --dirty)
GIT_COMMIT=$(git --no-pager describe --always --abbrev=8 --dirty)
GIT_DATE=$(git --no-pager show --date=short --format=%at --name-only | head -n 1)
echo "GIT_TAG=${GIT_TAG}" >> $GITHUB_ENV
echo "GIT_BRANCH=${GIT_BRANCH}" >> $GITHUB_ENV
echo "GIT_VERSION=${GIT_VERSION}" >> $GITHUB_ENV
echo "GIT_COMMIT=${GIT_COMMIT}" >> $GITHUB_ENV
echo "GIT_DATE=${GIT_DATE}" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/[email protected]
- name: Set up Docker Buildx
uses: docker/[email protected]
with:
buildkitd-flags: --debug
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY_IMAGE }}
- name: Login to GitHub Container Registry
uses: docker/[email protected]
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push Docker image
uses: docker/[email protected]
id: build
with:
context: .
file: ./Dockerfile
build-args: |
GIT_TAG=${{ env.GIT_TAG }}
GIT_BRANCH=${{ env.GIT_BRANCH }}
GIT_VERSION=${{ env.GIT_VERSION }}
GIT_COMMIT=${{ env.GIT_COMMIT }}
GIT_DATE=${{ env.GIT_DATE }}
platforms: ${{ matrix.platform }}
labels: ${{ steps.meta.outputs.labels }}
provenance: false
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=${{ github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'push' || github.event_name == 'release' }}
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/[email protected]
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
merge:
runs-on: ubuntu-latest
needs:
- build
if: |
github.actor != 'dependabot[bot]'
&& ( github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'push' || github.event_name == 'release' )
permissions:
contents: read
packages: write
steps:
- name: Download digests
uses: actions/[email protected]
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/[email protected]
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY_IMAGE }}
flavor: latest=${{ startsWith(github.ref, 'refs/tags/') }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,enable=${{ github.event_name == 'workflow_dispatch' }}
type=ref,event=pr
type=ref,event=branch
- name: Login to GitHub Container Registry
uses: docker/[email protected]
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
- name: Inspect image
run: |
docker buildx imagetools inspect --raw ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}