diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 90b2a63b..7e6294d4 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -113,6 +113,7 @@ jobs: - linux/arm64 isMain: - ${{ github.ref == 'refs/heads/main' }} + exclude: # ARM build is very slow, we build only for main branch - platform: "linux/arm64" @@ -126,6 +127,11 @@ jobs: packages: write steps: + - name: Prepare + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + - uses: actions/checkout@v4 with: fetch-depth: 0 @@ -162,12 +168,87 @@ jobs: tags: ${{ env.DOCKER_TAGS }} - name: Build and push docker image - uses: docker/build-push-action@v5 + id: build + uses: docker/build-push-action@v6 with: push: true platforms: ${{ matrix.platform }} - tags: ${{ env.DOCKER_IMAGES }} + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha,scope=${{ env.BRANCH_NAME }} - cache-to: type=gha,mode=max,scope=${{ env.BRANCH_NAME }} + outputs: type=image,name=${{ env.DOCKER_TAGS }},push-by-digest=true,name-canonical=true,push=true + cache-from: type=gha,scope=build-${{ env.PLATFORM_PAIR }} + cache-to: type=gha,mode=max,scope=build-${{ env.PLATFORM_PAIR }} github-token: ${{ github.token }} + + - name: Export Digest + run: | + digest="${{ steps.build.outputs.digest }}" + [ "$digest" ] || exit 1 + mkdir -p /tmp/digests + touch "/tmp/digests/${digest#sha256:}" + + - name: Upload Digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + merge-manifests: + name: Docker Build / Merge Manifests + runs-on: ubuntu-latest + + permissions: + contents: write + packages: write + + needs: + - build-docker + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-* + merge-multiple: true + + - name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ github.token }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Make versions + run: | + cd "${{ github.workspace }}" + chmod +x ./version.sh + ./version.sh "${{ github.sha }}" "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}" + echo "VERSION_APP=$(cat "./VERSION")" >> $GITHUB_ENV + echo "DOCKER_IMAGES=$(cat "./DOCKER_IMAGES")" >> $GITHUB_ENV + echo "DOCKER_TAGS=$(cat "./VERSION_DOCKER")" >> $GITHUB_ENV + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: ${{ env.DOCKER_TAGS }} + + - name: Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) + + - name: Inspect image + run: | + docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} \ No newline at end of file