Skip to content

ghcr-image-main

ghcr-image-main #263

name: ghcr-image-main
on:
push:
branches:
- main
workflow_dispatch:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
IMAGE_TAG: nightly
jobs:
meta:
runs-on: ubuntu-latest
timeout-minutes: 5
outputs:
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
json: ${{ steps.meta.outputs.json }}
image-name: ${{ steps.custom-meta.outputs.image-name }}
steps:
- name: Checkout current fork HEAD
uses: actions/[email protected]
with:
fetch-depth: 0
show-progress: false
- name: Set up upstream git remote
run: |
upstream="$(gh repo view "${{ github.repository }}" --json parent --jq '.parent.owner.login + "/" + .parent.name')"
echo "upstream=$upstream"
git remote add upstream "https://github.com/$upstream.git"
git fetch upstream "${{ github.event.repository.default_branch }}"
env:
GH_TOKEN: ${{ github.token }}
- name: Determine number of commits on top of upstream
id: check-extra-commits
run: |
commit_count="$(git rev-list --count "upstream/${{ github.event.repository.default_branch }}..$GITHUB_REF_NAME")"
echo "commit-count=$commit_count" | tee -a "$GITHUB_OUTPUT"
- name: Discard our commits
run: |
git reset --hard "HEAD~${{ steps.check-extra-commits.outputs.commit-count }}"
- name: Docker meta
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
context: git
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=${{ env.IMAGE_TAG }}
type=sha,format=long,priority=899
type=sha,format=short
- name: Extract image name
id: custom-meta
run: |
echo "image-name=${DOCKER_TAG%%:*}" | tee -a $GITHUB_OUTPUT
env:
DOCKER_TAG: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
build:
runs-on: ubuntu-latest
timeout-minutes: 15
needs:
- meta
strategy:
fail-fast: false
matrix:
platform:
- linux/amd64
- linux/arm64
env:
REGISTRY_IMAGE: ${{ needs.meta.outputs.image-name }}
steps:
- name: Prepare
id: meta
run: |
platform=${{ matrix.platform }}
echo "platform-pair=${platform//\//-}" | tee -a "$GITHUB_OUTPUT"
- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
with:
platforms: arm64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
- name: Log in to GHCR
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.1.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
# We can't build directly from git, as that will prevent .git from being available during the build process.
# lemmy-ui's Dockerfile requires the .git folder to set the version.
- name: Checkout git repository
uses: actions/[email protected]
with:
fetch-depth: 0
show-progress: false
submodules: recursive
- name: Build Docker image
id: build
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.3.0
with:
context: .
platforms: ${{ matrix.platform }}
labels: ${{ needs.meta.outputs.labels }}
annotations: ${{ needs.meta.outputs.annotations }}
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
cache-from: type=gha
cache-to: type=gha,mode=max
env:
SOURCE_DATE_EPOCH: 0
- name: Export image digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/[email protected]
with:
name: digests-${{ steps.meta.outputs.platform-pair }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
merge:
runs-on: ubuntu-latest
timeout-minutes: 5
needs:
- meta
- build
permissions:
contents: read
packages: write
env:
REGISTRY_IMAGE: ${{ needs.meta.outputs.image-name }}
steps:
- name: Download digests
uses: actions/[email protected]
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
- name: Log in to GHCR
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.1.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
env:
DOCKER_METADATA_OUTPUT_JSON: ${{ needs.meta.outputs.json }}
- name: Inspect image
run: |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ env.IMAGE_TAG }}