-
Notifications
You must be signed in to change notification settings - Fork 2.3k
126 lines (121 loc) · 3.65 KB
/
docker.yml
File metadata and controls
126 lines (121 loc) · 3.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: Docker
on:
push:
branches:
- main
pull_request:
paths:
- '.github/workflows/docker.yml'
- 'Dockerfile'
workflow_call:
inputs:
tag:
description: 'Docker tag'
required: true
type: string
workflow_dispatch:
inputs:
tag:
description: 'Docker tag'
required: true
type: string
jobs:
set-context:
name: Set Context
runs-on: ubuntu-slim
permissions: {}
outputs:
checkout-ref: ${{ steps.vars.outputs.checkout-ref }}
docker-tag: ${{ steps.vars.outputs.docker-tag }}
repository-lc: ${{ steps.vars.outputs.repository-lc }}
steps:
- name: Define variables
id: vars
run: |
if [[ "${{ github.event_name }}" == "push" ]]; then
{
echo "checkout-ref=main"
echo "docker-tag=latest"
} >> "$GITHUB_OUTPUT"
elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
{
echo "checkout-ref=pr"
echo "docker-tag=pr-${{ github.event.pull_request.number }}"
} >> "$GITHUB_OUTPUT"
else
{
echo "checkout-ref=${INPUTS_TAG}"
echo "docker-tag=${INPUTS_TAG}"
} >> "$GITHUB_OUTPUT"
fi
echo "repository-lc=${REPOSITORY,,}" >> "$GITHUB_OUTPUT"
env:
REPOSITORY: ${{ github.repository }}
INPUTS_TAG: ${{ inputs.tag }}
build-amd64:
name: Build AMD64 Image
runs-on: ubuntu-24.04
permissions:
contents: read
packages: write
needs: set-context
steps:
- &checkout-step-pr
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
if: needs.set-context.outputs.checkout-ref == 'pr'
with:
persist-credentials: false
- &checkout-step-ref
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
if: needs.set-context.outputs.checkout-ref != 'pr'
with:
ref: ${{ needs.set-context.outputs.checkout-ref }}
persist-credentials: false
- uses: ./.github/actions/docker-build
with:
platform: amd64
token: ${{ secrets.GITHUB_TOKEN }}
build-arm64:
name: Build ARM64 Image
runs-on: ubuntu-24.04-arm
permissions:
contents: read
packages: write
needs: set-context
steps:
- *checkout-step-pr
- *checkout-step-ref
- uses: ./.github/actions/docker-build
with:
platform: arm64
token: ${{ secrets.GITHUB_TOKEN }}
merge:
name: Create Multi-Platform Image
runs-on: ubuntu-24.04
permissions:
packages: write
needs:
- set-context
- build-amd64
- build-arm64
steps:
- name: Download digests
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
- name: Login to GitHub registry
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
with:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
registry: ghcr.io
- name: Create manifest list and push
working-directory: /tmp/digests
run: >-
docker buildx imagetools create
-t "ghcr.io/${{ needs.set-context.outputs.repository-lc }}:${{ needs.set-context.outputs.docker-tag }}"
$(printf 'ghcr.io/${{ needs.set-context.outputs.repository-lc }}@sha256:%s ' *)