Build and release #281
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and release | |
| on: | |
| # Run nightly at 2 AM UTC | |
| schedule: | |
| - cron: '0 2 * * *' | |
| push: | |
| tags: | |
| - "v*.*.*" | |
| # Allow manual runs from the Actions tab | |
| workflow_dispatch: | |
| # Run when a new release is created on GitHub | |
| release: | |
| types: [created] | |
| env: | |
| REGISTRY_IMAGE: embucket/embucket-labs | |
| jobs: | |
| # This job builds and pushes a multi-arch Docker image to GitHub Container Registry. | |
| build-docker: | |
| runs-on: ${{ matrix.runner }} | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| platform: | |
| - linux/amd64 | |
| - linux/arm64 | |
| include: | |
| - platform: linux/amd64 | |
| runner: ubuntu-latest | |
| platform_pair: linux-amd64 | |
| - platform: linux/arm64 | |
| runner: ubuntu-24.04-arm | |
| platform_pair: linux-arm64 | |
| name: Build and Push Docker Image | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Prepare | |
| run: | | |
| echo "PLATFORM_PAIR=${{ matrix.platform_pair }}" >> $GITHUB_ENV | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY_IMAGE }} | |
| - name: Set up QEMU for multi-arch builds | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: docker.io | |
| username: ${{ vars.DOCKERHUB_USER }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v6 | |
| id: build | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| platforms: ${{ matrix.platform }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Export digest | |
| run: | | |
| mkdir -p ${{ runner.temp }}/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "${{ runner.temp }}/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| name: digests-${{ matrix.platform_pair }} | |
| path: ${{ runner.temp }}/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| merge: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build-docker | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v6 | |
| with: | |
| path: ${{ runner.temp }}/digests | |
| pattern: digests-* | |
| merge-multiple: true | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ vars.DOCKERHUB_USER }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY_IMAGE }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Create manifest list and push | |
| working-directory: ${{ runner.temp }}/digests | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) | |
| - name: Inspect image | |
| run: | | |
| docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} |