diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f504886dd..afe1c2e34 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,125 +1,148 @@ -name: Build Docker image +name: ci + on: push: - branches: - - '*' - tags: - - v* - pull_request: - branches: - - master + +env: + REGISTRY_IMAGE: | + ghcr.io/tcgdex/server + tcgdex/server jobs: - build_amd: + build: runs-on: ubuntu-latest - outputs: - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - + strategy: + fail-fast: false + matrix: + platform: + - linux/amd64 + # - linux/arm/v6 + # - linux/arm/v7 + - linux/arm64 steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 + - name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: | - ghcr.io/tcgdex/server - tcgdex/server - tags: | - type=edge - type=ref,event=pr - type=ref,event=branch,prefix=branch- - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} - type=semver,pattern=latest + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + tags: | + type=edge + type=ref,event=pr + type=ref,event=branch,prefix=branch- + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=semver,pattern=latest - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USER }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USER }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} - - name: Login to Github Packages - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.DOCKER_TOKEN }} - if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} + - name: Login to Github Packages + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.DOCKER_TOKEN }} + if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + if: ${{ matrix.platform != 'linux/amd64' }} - - name: Build and push AMD64 image - uses: docker/build-push-action@v6 - with: - context: . - platforms: linux/amd64 - push: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} - file: ./Dockerfile - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - build_arm: + - name: Build and push by digest + id: build + uses: docker/build-push-action@v6 + with: + context: . + platforms: ${{ matrix.platform }} + file: ./Dockerfile + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + outputs: | + ${{ env.REGISTRY_IMAGES }} | while read image; do + echo "type=image,name=$image,push-by-digest=true,name-canonical=true,push=true"; + done + + - name: Export digest + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + + - name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + deploy: runs-on: ubuntu-latest - needs: build_amd # Ensures ARM64 build waits for AMD64 to finish - # if: github.event_name != 'pull_request' # Optional: Skip ARM64 build on PRs for faster feedback - + if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} + needs: + - build steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-* + merge-multiple: true - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: | - ghcr.io/tcgdex/server - tcgdex/server - tags: ${{ needs.build_amd.outputs.tags }} - labels: ${{ needs.build_amd.outputs.labels }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USER }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY_IMAGE }} + tags: | + type=edge + type=ref,event=pr + type=ref,event=branch,prefix=branch- + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=semver,pattern=latest + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USER }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Login to Github Packages - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.DOCKER_TOKEN }} - if: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} + - name: Login to Github Packages + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.DOCKER_TOKEN }} - - name: Set up QEMU for ARM emulation - uses: docker/setup-qemu-action@v3 + - name: Create manifest list and push for each image + working-directory: /tmp/digests + run: | + echo "${{ env.REGISTRY_IMAGES }}" | while read image; do + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf "$image@sha256:%s " *); + done - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - install: true - - - name: Build and push ARM64 image - uses: docker/build-push-action@v6 - with: - context: . - platforms: linux/arm64 - push: ${{ !github.event.pull_request.head.repo.fork && github.actor != 'dependabot[bot]' }} - file: ./Dockerfile - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + - name: Inspect image + run: | + echo "${{ env.REGISTRY_IMAGES }}" | while read image; do + docker buildx imagetools inspect $image:${{ steps.meta.outputs.version }}; + done