master-latest #131
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: master-latest | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [ main ] | |
| schedule: | |
| - cron: '0 3 * * *' # Scheduled runs every day at 3am UTC | |
| permissions: | |
| contents: write | |
| packages: write | |
| actions: write # For keepalive | |
| jobs: | |
| each-arch: | |
| runs-on: ${{ matrix.arch.runner }} | |
| strategy: | |
| fail-fast: false # let other jobs try to complete if one fails | |
| matrix: | |
| arch: [ { name: 'amd64', runner: 'ubuntu-latest' } , { name: 'arm64', runner: [ "self-hosted", "ARM64" ] } ] | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} # github username or org | |
| password: ${{ secrets.GITHUB_TOKEN }} # github actions builtin token. repo has to have pkg access. | |
| - name: Build and push ${{ matrix.arch.name }} | |
| id: docker_build | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| platforms: linux/${{ matrix.arch.name }} | |
| pull: true # Pull new version of base image, always; avoid bit-rot | |
| push: true | |
| labels: | | |
| org.opencontainers.image.title=${{ github.repository }}-${{ github.run_number }} | |
| org.opencontainers.image.description=${{ github.event.repository.description }} | |
| org.opencontainers.image.url=${{ github.event.repository.html_url }} | |
| org.opencontainers.image.source=${{ github.event.repository.clone_url }} | |
| org.opencontainers.image.revision=${{ github.sha }} | |
| org.opencontainers.image.licenses=${{ github.event.repository.license.spdx_id }} | |
| cache-from: type=gha,scope=${{ matrix.arch.name }} # all-automatic Github Actions caching | |
| cache-to: type=gha,mode=max,scope=${{ matrix.arch.name }} | |
| build-args: | | |
| VERSION=${{ github.run_number }} | |
| tags: ghcr.io/${{ github.repository }}:latest-${{ matrix.arch.name }} | |
| # A separate job, that depends on the each-arch job above, that does the multi-arch manifest. | |
| multi-arch: | |
| needs: each-arch | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Docker Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} # github username or org | |
| password: ${{ secrets.GITHUB_TOKEN }} # github actions builtin token. repo has to have pkg access. | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Create and push multi-arch manifest using buildx (latest) | |
| run: | | |
| docker buildx imagetools create -t ghcr.io/${{ github.repository }}:latest ghcr.io/${{ github.repository }}:latest-amd64 ghcr.io/${{ github.repository }}:latest-arm64 | |
| docker buildx imagetools inspect ghcr.io/${{ github.repository }}:latest | |
| - name: Create and push multi-arch manifest using buildx (v${{ github.run_number }}) | |
| run: | | |
| docker buildx imagetools create -t ghcr.io/${{ github.repository }}:v${{ github.run_number }} ghcr.io/${{ github.repository }}:latest-amd64 ghcr.io/${{ github.repository }}:latest-arm64 | |
| docker buildx imagetools inspect ghcr.io/${{ github.repository }}:v${{ github.run_number }} | |
| # Keep GHA alive | |
| - uses: gautamkrishnar/keepalive-workflow@v2 |