@@ -8,26 +8,108 @@ defaults:
88 run :
99 shell : bash
1010
11+ env :
12+ GHCR_REPO : ghcr.io/phusion/passenger_binary_build_automation
13+
1114jobs :
1215 build :
13- runs-on : ubuntu-latest
16+ strategy :
17+ fail-fast : false
18+ matrix :
19+ arch :
20+ - platform : linux/amd64
21+ runner : ubuntu-24.04
22+ - platform : linux/arm64
23+ runner : passenger-ubuntu-24.04-arm64-4cpu
24+ runs-on : ${{ matrix.arch.runner }}
1425 steps :
15- - name : Checkout code
16- uses : actions/checkout@v4
17- - name : Purge containers
18- run : ' docker kill $(docker ps -q) || exit 0'
19- - name : Enable docker multiarch
20- uses : docker/setup-qemu-action@v3
21- - name : " Run linux/setup-docker-images"
22- run : " ./linux/setup-docker-images"
23- - name : Log in to the Container registry
24- if : ${{ github.event.pull_request.merged || github.actor == 'CamJN' }}
26+ - name : Prepare
27+ run : |
28+ echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
29+ echo "DOCKER_IMAGE_VERSION=$(cat "./shared/definitions/docker_image_version")" >> $GITHUB_ENV
30+ env :
31+ platform : ${{ matrix.arch.platform }}
32+
33+ - name : Docker meta
34+ id : meta
35+ uses : docker/metadata-action@v5
36+ with :
37+ images :
38+ - ${{ env.GHCR_REPO }}
39+
40+ - name : Login to GHCR
2541 uses : docker/login-action@v3
26- id : login
2742 with :
2843 registry : ghcr.io
2944 username : ${{ github.actor }}
3045 password : ${{ secrets.GITHUB_TOKEN }}
31- - name : Push to github container registry
32- if : ${{ success() && steps.login.conclusion != 'skipped' }}
33- run : " ./linux/publish-docker-images"
46+
47+ - name : Set up QEMU
48+ uses : docker/setup-qemu-action@v3
49+
50+ - name : Set up Docker Buildx
51+ uses : docker/setup-buildx-action@v3
52+
53+ - name : Build and push by digest
54+ id : build
55+ uses : docker/build-push-action@v6
56+ with :
57+ file : ./linux/docker_image/Dockerfile
58+ platforms : ${{ matrix.arch.platform }}
59+ labels : ${{ steps.meta.outputs.labels }}
60+ outputs : " type=image,name=${{ env.GHCR_REPO }},push-by-digest=true,name-canonical=true,push=true"
61+
62+ - name : Export digest
63+ run : |
64+ mkdir -p /tmp/digests
65+ digest="${{ steps.build.outputs.digest }}"
66+ touch "/tmp/digests/${digest#sha256:}"
67+
68+ name : Upload digest
69+ uses : actions/upload-artifact@v4
70+ with :
71+ name : digests-${{ env.PLATFORM_PAIR }}
72+ path : /tmp/digests/*
73+ if-no-files-found : error
74+ retention-days : 1
75+
76+ merge :
77+ runs-on : ubuntu-latest
78+ needs :
79+ - build
80+ steps :
81+ - name : Download digests
82+ uses : actions/download-artifact@v4
83+ with :
84+ path : /tmp/digests
85+ pattern : digests-*
86+ merge-multiple : true
87+
88+ - name : Login to GHCR
89+ uses : docker/login-action@v3
90+ with :
91+ registry : ghcr.io
92+ username : ${{ github.repository_owner }}
93+ password : ${{ secrets.GITHUB_TOKEN }}
94+
95+ - name : Set up Docker Buildx
96+ uses : docker/setup-buildx-action@v3
97+
98+ - name : Docker meta
99+ id : meta
100+ uses : docker/metadata-action@v5
101+ with :
102+ images : |
103+ ${{ env.GHCR_REPO }}
104+ tags : |
105+ type=ref,event=branch
106+ type=ref,event=pr
107+ type=semver,pattern={{version}}
108+ type=semver,pattern={{major}}.{{minor}}
109+
110+ name : Create manifest list and push
111+ working-directory : /tmp/digests
112+ run : docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") $(printf '${{ env.GHCR_REPO }}@sha256:%s ' *)
113+
114+ - name : Inspect image
115+ run : docker buildx imagetools inspect ${{ env.GHCR_REPO }}:${{ steps.meta.outputs.version }}
0 commit comments