Publish Docker Image #23
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Docker Image | |
| on: | |
| workflow_run: | |
| workflows: ["CI"] | |
| types: | |
| - completed | |
| branches: | |
| - main | |
| push: | |
| tags: | |
| - "v*.*.*" | |
| - "v*.*.*-*" # For pre-releases like v1.2.3-beta | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| packages: write | |
| jobs: | |
| docker: | |
| runs-on: ubuntu-latest | |
| # Only run if CI passed (when triggered by workflow_run) or on tag push or manual dispatch | |
| if: | | |
| github.event_name == 'workflow_dispatch' || | |
| github.event_name == 'push' || | |
| (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success') | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # pin@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # pin@v3.11.1 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # pin@v3.5.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Log in to Docker Hub | |
| env: | |
| DOCKER_HUB_PUSH_TOKEN: ${{ secrets.DOCKER_HUB_PUSH_TOKEN }} | |
| run: | | |
| echo "${DOCKER_HUB_PUSH_TOKEN}" | docker login --username "squareup" --password-stdin | |
| - name: Extract version metadata | |
| id: meta | |
| run: | | |
| VERSION="${GITHUB_REF#refs/tags/}" | |
| if [[ "$VERSION" == refs/heads/* ]]; then | |
| VERSION="${VERSION#refs/heads/}" | |
| fi | |
| if [[ "$VERSION" == "main" ]]; then | |
| VERSION="$(git describe --tags --always --dirty 2>/dev/null || echo dev)" | |
| fi | |
| echo "version=${VERSION}" >> "${GITHUB_OUTPUT}" | |
| GIT_COMMIT="$(git rev-parse HEAD)" | |
| echo "git_commit=${GIT_COMMIT}" >> "${GITHUB_OUTPUT}" | |
| - name: Extract Docker metadata | |
| id: docker_meta | |
| uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # pin@v5.8.0 | |
| with: | |
| images: | | |
| ghcr.io/${{ github.repository_owner }}/cachew | |
| squareup/cachew | |
| tags: | | |
| # For main branch: latest, main, and sha | |
| type=ref,event=branch | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| type=sha,prefix=sha- | |
| # For tags: v1.2.3 -> 1.2.3, 1.2, 1 | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| # For pre-release tags: keep the full version | |
| type=raw,value={{tag}},enable=${{ startsWith(github.ref, 'refs/tags/v') }} | |
| - uses: cashapp/activate-hermit@e49f5cb4dd64ff0b0b659d1d8df499595451155a # v1 | |
| - run: | | |
| just build linux arm64 | |
| just build linux amd64 | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # pin@v6.18.0 | |
| with: | |
| context: . | |
| file: ./docker/Dockerfile | |
| push: true | |
| tags: ${{ steps.docker_meta.outputs.tags }} | |
| labels: ${{ steps.docker_meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| platforms: linux/amd64,linux/arm64 | |
| build-args: | | |
| VERSION=${{ steps.meta.outputs.version }} | |
| GIT_COMMIT=${{ steps.meta.outputs.git_commit }} |