build-and-push #17

Workflow file for this run

.github/workflows/docker-multi-arch.yml at 49c90af

	name: build-and-push

	on:
	workflow_dispatch:
	inputs:
	tag:
	description: "Image tag (optional override)"
	required: false
	default: ""

	jobs:
	build-amd64:
	runs-on: [self-hosted, Linux, X64]
	permissions:
	contents: read
	packages: write
	outputs:
	sha_tag: ${{ steps.meta.outputs.sha_tag }}
	date_tag: ${{ steps.meta.outputs.date_tag }}
	user_tag: ${{ steps.meta.outputs.user_tag }}
	image_name: ${{ steps.name.outputs.image_name }}
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Log in to GHCR
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Set lowercase image name
	id: name
	run: \|
	IMAGE_NAME_LOWERCASE=$(echo ${{ github.repository_owner }} \| tr '[:upper:]' '[:lower:]')/rsafd-docker
	echo "image_name=$IMAGE_NAME_LOWERCASE" >> $GITHUB_OUTPUT
	- name: Compute tags
	id: meta
	run: \|
	DATE_TAG=$(date +'%Y%m%d')
	SHA_TAG=${GITHUB_SHA::12}
	USER_TAG="${{ github.event.inputs.tag }}"
	echo "sha_tag=$SHA_TAG" >> $GITHUB_OUTPUT
	echo "date_tag=$DATE_TAG" >> $GITHUB_OUTPUT
	echo "user_tag=$USER_TAG" >> $GITHUB_OUTPUT
	- name: Build & Push (amd64)
	uses: docker/build-push-action@v5
	with:
	context: .
	# Rely on native host arch (amd64)
	tags: ghcr.io/${{ steps.name.outputs.image_name }}:${{ steps.meta.outputs.sha_tag }}-amd64
	push: true
	provenance: false
	sbom: false
	build-args: \|
	GH_OWNER=${{ github.repository_owner }}
	GIT_SHA=${{ steps.meta.outputs.sha_tag }}

	build-arm64:
	runs-on: [self-hosted, macOS, ARM64]
	permissions:
	contents: read
	packages: write
	outputs:
	sha_tag: ${{ steps.meta.outputs.sha_tag }}
	date_tag: ${{ steps.meta.outputs.date_tag }}
	user_tag: ${{ steps.meta.outputs.user_tag }}
	image_name: ${{ steps.name.outputs.image_name }}
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Log in to GHCR
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Set lowercase image name
	id: name
	run: \|
	IMAGE_NAME_LOWERCASE=$(echo ${{ github.repository_owner }} \| tr '[:upper:]' '[:lower:]')/rsafd-docker
	echo "image_name=$IMAGE_NAME_LOWERCASE" >> $GITHUB_OUTPUT
	- name: Compute tags
	id: meta
	run: \|
	DATE_TAG=$(date +'%Y%m%d')
	SHA_TAG=${GITHUB_SHA::12}
	USER_TAG="${{ github.event.inputs.tag }}"
	echo "sha_tag=$SHA_TAG" >> $GITHUB_OUTPUT
	echo "date_tag=$DATE_TAG" >> $GITHUB_OUTPUT
	echo "user_tag=$USER_TAG" >> $GITHUB_OUTPUT
	- name: Build & Push (arm64)
	uses: docker/build-push-action@v5
	with:
	context: .
	# Native arm64 host build
	tags: ghcr.io/${{ steps.name.outputs.image_name }}:${{ steps.meta.outputs.sha_tag }}-arm64
	push: true
	provenance: false
	sbom: false
	build-args: \|
	GH_OWNER=${{ github.repository_owner }}
	GIT_SHA=${{ steps.meta.outputs.sha_tag }}

	manifest:
	runs-on: ubuntu-latest
	needs: [build-amd64, build-arm64]
	permissions:
	contents: read
	packages: write
	steps:
	- name: Log in to GHCR
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Create multi-arch manifest tags
	run: \|
	set -euo pipefail
	IMAGE=ghcr.io/${{ needs.build-amd64.outputs.image_name }}
	SHA_TAG=${{ needs.build-amd64.outputs.sha_tag }}
	DATE_TAG=${{ needs.build-amd64.outputs.date_tag }}
	USER_TAG=${{ needs.build-amd64.outputs.user_tag }}
	SRC_AMD64=$IMAGE:${SHA_TAG}-amd64
	SRC_ARM64=$IMAGE:${SHA_TAG}-arm64
	if ! docker buildx imagetools inspect $SRC_AMD64 >/dev/null 2>&1; then echo "Missing $SRC_AMD64"; exit 1; fi
	if ! docker buildx imagetools inspect $SRC_ARM64 >/dev/null 2>&1; then echo "Missing $SRC_ARM64"; exit 1; fi
	ARGS=(-t $IMAGE:$SHA_TAG -t $IMAGE:$DATE_TAG -t $IMAGE:latest)
	if [ -n "$USER_TAG" ]; then ARGS+=( -t $IMAGE:$USER_TAG ); fi
	docker buildx imagetools create "${ARGS[@]}" $SRC_AMD64 $SRC_ARM64
	docker buildx imagetools inspect $IMAGE:$SHA_TAG
	- name: Summary
	run: \|
	IMAGE=ghcr.io/${{ needs.build-amd64.outputs.image_name }}
	echo "Published multi-arch tags:" >> $GITHUB_STEP_SUMMARY
	echo "$IMAGE:${{ needs.build-amd64.outputs.sha_tag }}" >> $GITHUB_STEP_SUMMARY
	echo "$IMAGE:${{ needs.build-amd64.outputs.date_tag }}" >> $GITHUB_STEP_SUMMARY
	echo "$IMAGE:latest" >> $GITHUB_STEP_SUMMARY
	if [ -n "${{ needs.build-amd64.outputs.user_tag }}" ]; then
	echo "$IMAGE:${{ needs.build-amd64.outputs.user_tag }}" >> $GITHUB_STEP_SUMMARY
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build-and-push #17

Workflow file

build-and-push #17

Uh oh!

Jobs

Run details

Workflow file for this run