| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 |
- name: Publish Docker image (Multi-arch)
- on:
- push:
- tags:
- - '*'
- - '!nightly*'
- workflow_dispatch:
- inputs:
- tag:
- description: 'Tag name to build (e.g., v0.10.8-alpha.3)'
- required: true
- type: string
- jobs:
- build_single_arch:
- name: Build & push (${{ matrix.arch }})
- strategy:
- fail-fast: false
- matrix:
- include:
- - arch: amd64
- platform: linux/amd64
- runner: ubuntu-latest
- - arch: arm64
- platform: linux/arm64
- runner: ubuntu-24.04-arm
- runs-on: ${{ matrix.runner }}
- outputs:
- tag: ${{ steps.version.outputs.tag }}
- permissions:
- packages: write
- contents: read
- id-token: write
- steps:
- - name: Check out
- uses: actions/checkout@v4
- with:
- fetch-depth: ${{ github.event_name == 'workflow_dispatch' && 0 || 1 }}
- ref: ${{ github.event.inputs.tag || github.ref }}
- - name: Resolve tag & write VERSION
- id: version
- run: |
- if [ -n "${{ github.event.inputs.tag }}" ]; then
- TAG="${{ github.event.inputs.tag }}"
- if ! git rev-parse "refs/tags/$TAG" >/dev/null 2>&1; then
- echo "::error::Tag '$TAG' does not exist"
- exit 1
- fi
- else
- TAG=${GITHUB_REF#refs/tags/}
- fi
- echo "TAG=${TAG}" >> $GITHUB_ENV
- echo "tag=${TAG}" >> $GITHUB_OUTPUT
- echo "${TAG}" > VERSION
- echo "Building tag: ${TAG} for ${{ matrix.arch }}"
- - name: Set up Docker Buildx
- uses: docker/setup-buildx-action@v3
- - name: Log in to Docker Hub
- uses: docker/login-action@v3
- with:
- username: ${{ secrets.DOCKERHUB_USERNAME }}
- password: ${{ secrets.DOCKERHUB_TOKEN }}
- - name: Extract metadata (labels)
- id: meta
- uses: docker/metadata-action@v5
- with:
- images: calciumion/new-api
- - name: Build & push
- id: build
- uses: docker/build-push-action@v6
- with:
- context: .
- platforms: ${{ matrix.platform }}
- push: true
- tags: |
- calciumion/new-api:${{ env.TAG }}-${{ matrix.arch }}
- calciumion/new-api:latest-${{ matrix.arch }}
- labels: ${{ steps.meta.outputs.labels }}
- cache-from: type=gha
- cache-to: type=gha,mode=max
- provenance: mode=max
- sbom: true
- - name: Install cosign
- uses: sigstore/cosign-installer@v3
- - name: Sign image with cosign
- run: cosign sign --yes calciumion/new-api@${{ steps.build.outputs.digest }}
- - name: Image summary
- run: |
- echo "### Docker Image Digest (${{ matrix.arch }})" >> $GITHUB_STEP_SUMMARY
- echo '```' >> $GITHUB_STEP_SUMMARY
- echo "calciumion/new-api:${TAG}-${{ matrix.arch }}" >> $GITHUB_STEP_SUMMARY
- echo "${{ steps.build.outputs.digest }}" >> $GITHUB_STEP_SUMMARY
- echo '```' >> $GITHUB_STEP_SUMMARY
- create_manifests:
- name: Create multi-arch manifests
- needs: [build_single_arch]
- runs-on: ubuntu-latest
- if: startsWith(github.ref, 'refs/tags/') || github.event_name == 'workflow_dispatch'
- steps:
- - name: Set version
- run: echo "TAG=${{ needs.build_single_arch.outputs.tag }}" >> $GITHUB_ENV
- - name: Log in to Docker Hub
- uses: docker/login-action@v3
- with:
- username: ${{ secrets.DOCKERHUB_USERNAME }}
- password: ${{ secrets.DOCKERHUB_TOKEN }}
- - name: Create & push manifest (version)
- run: |
- docker buildx imagetools create \
- -t calciumion/new-api:${TAG} \
- calciumion/new-api:${TAG}-amd64 \
- calciumion/new-api:${TAG}-arm64
- - name: Create & push manifest (latest)
- run: |
- docker buildx imagetools create \
- -t calciumion/new-api:latest \
- calciumion/new-api:latest-amd64 \
- calciumion/new-api:latest-arm64
- - name: Manifest summary
- run: |
- echo "### Multi-arch Manifest" >> $GITHUB_STEP_SUMMARY
- echo '```' >> $GITHUB_STEP_SUMMARY
- docker buildx imagetools inspect calciumion/new-api:${TAG} >> $GITHUB_STEP_SUMMARY
- echo '```' >> $GITHUB_STEP_SUMMARY
|
