Optimize actions build of containers#1284
Conversation
There was a problem hiding this comment.
Pull request overview
This PR restructures the container build/publish GitHub Actions workflows to build per-architecture images separately (amd64 + arm64), reuse a shared BuildKit cache, scan each arch image with Trivy, and then publish a multi-arch manifest with tags.
Changes:
- Split multi-arch builds into dedicated
build_amd64andbuild_arm64jobs (using native arm runners instead of QEMU). - Push per-arch images by digest and publish multi-arch manifests/tags in a follow-up job (including Cosign signing).
- Standardize workflow configuration via top-level
env(registry/image/dockerfile/cache scope, tag rules) and update artifact handling.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| .github/workflows/test_docker_image.yaml | Split PR image build + Trivy scan into separate amd64/arm64 jobs with shared GHA cache and per-arch reports. |
| .github/workflows/publish_harbor_3key.yaml | Build/push per-arch digests to Harbor, scan remotely per arch, then publish/sign multi-arch manifests and update registry README. |
| .github/workflows/publish_docker_czertainly.yaml | Build/push per-arch digests to Docker Hub, scan remotely per arch, then publish/sign multi-arch manifests and update Docker Hub README. |
| .github/workflows/publish_docker_3key.yaml | Same as above, for the 3Key Docker Hub repository. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated 9 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…LY/CZERTAINLY-Core into optimize-docker-actions
|
1 participant
No description provided.