135 lines
4.6 KiB
YAML
135 lines
4.6 KiB
YAML
name: Docker Build and Publish
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- next
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
attestations: write
|
|
id-token: write
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup Turborepo cache
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: .turbo
|
|
key: ${{ runner.os }}-turbo-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-turbo-
|
|
|
|
- name: Check if this commit is a release
|
|
id: check-release
|
|
run: |
|
|
git fetch --tags
|
|
|
|
# Check if this is a release-please commit
|
|
if git log -1 --pretty=%B | grep -q "release-please--branches--next"; then
|
|
echo "This is a release commit, waiting for tag..."
|
|
# Wait up to 60 seconds for release-please to create the tag
|
|
for i in {1..12}; do
|
|
sleep 5
|
|
git fetch --tags
|
|
TAG=$(git tag --points-at HEAD | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$' | head -n1 || echo "")
|
|
if [[ -n "$TAG" ]]; then
|
|
echo "is_release=true" >> $GITHUB_OUTPUT
|
|
echo "release_tag=$TAG" >> $GITHUB_OUTPUT
|
|
echo "Found release tag: $TAG"
|
|
exit 0
|
|
fi
|
|
echo "Waiting for tag... ($i/12)"
|
|
done
|
|
echo "ERROR: Release commit but no tag found after 60s"
|
|
exit 1
|
|
else
|
|
# Regular commit, check for tag immediately
|
|
TAG=$(git tag --points-at HEAD | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$' | head -n1 || echo "")
|
|
if [[ -n "$TAG" ]]; then
|
|
echo "is_release=true" >> $GITHUB_OUTPUT
|
|
echo "release_tag=$TAG" >> $GITHUB_OUTPUT
|
|
echo "This is a release: $TAG"
|
|
else
|
|
echo "is_release=false" >> $GITHUB_OUTPUT
|
|
echo "This is a regular commit"
|
|
fi
|
|
fi
|
|
|
|
- name: Free disk space
|
|
run: |
|
|
sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc /opt/hostedtoolcache/CodeQL
|
|
docker system prune -af --volumes
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
with:
|
|
buildkitd-flags: --debug
|
|
|
|
- name: Log in to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Compute tags
|
|
id: tags
|
|
run: |
|
|
if [[ "${{ steps.check-release.outputs.is_release }}" == "true" ]]; then
|
|
# This is a release: use semver tags
|
|
TAG="${{ steps.check-release.outputs.release_tag }}"
|
|
VERSION="${TAG#v}"
|
|
MAJOR=$(echo "$VERSION" | cut -d. -f1)
|
|
MINOR=$(echo "$VERSION" | cut -d. -f2)
|
|
TAGS="${VERSION},${MAJOR}.${MINOR},${MAJOR},latest"
|
|
echo "Building RELEASE with tags: $TAGS"
|
|
else
|
|
# Regular commit: use SHA tags
|
|
SHORT_SHA="${GITHUB_SHA:0:7}"
|
|
TAGS="sha-${SHORT_SHA},latest"
|
|
echo "Building COMMIT with tags: $TAGS"
|
|
fi
|
|
echo "tags=$TAGS" >> $GITHUB_OUTPUT
|
|
|
|
- name: Build and push
|
|
run: |
|
|
IMAGE="ghcr.io/${{ github.repository }}"
|
|
TAGS="${{ steps.tags.outputs.tags }}"
|
|
|
|
docker buildx build \
|
|
--platform linux/amd64,linux/arm64 \
|
|
--push \
|
|
$(echo "$TAGS" | tr ',' '\n' | sed "s|^|--tag ${IMAGE}:|") \
|
|
--cache-from type=gha \
|
|
--cache-to type=gha,mode=max \
|
|
--build-arg BUILDTIME="$(date -u +'%Y-%m-%dT%H:%M:%SZ')" \
|
|
--build-arg VERSION="${{ github.ref_name }}" \
|
|
--build-arg REVISION="${{ github.sha }}" \
|
|
.
|
|
|
|
- name: Summary
|
|
run: |
|
|
IMAGE="ghcr.io/${{ github.repository }}"
|
|
TAGS="${{ steps.tags.outputs.tags }}"
|
|
echo "## Docker Image Published 🚀" >> $GITHUB_STEP_SUMMARY
|
|
echo "" >> $GITHUB_STEP_SUMMARY
|
|
if [[ "${{ steps.check-release.outputs.is_release }}" == "true" ]]; then
|
|
echo "**Type:** Release (${{ steps.check-release.outputs.release_tag }})" >> $GITHUB_STEP_SUMMARY
|
|
else
|
|
echo "**Type:** Commit (sha-${GITHUB_SHA:0:7})" >> $GITHUB_STEP_SUMMARY
|
|
fi
|
|
echo "" >> $GITHUB_STEP_SUMMARY
|
|
echo "**Tags:**" >> $GITHUB_STEP_SUMMARY
|
|
echo '```' >> $GITHUB_STEP_SUMMARY
|
|
echo "$TAGS" | tr ',' '\n' | sed "s|^|${IMAGE}:|" >> $GITHUB_STEP_SUMMARY
|
|
echo '```' >> $GITHUB_STEP_SUMMARY
|