remove ispro #2571
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Publish | |
| on: | |
| push: | |
| branches: | |
| - master | |
| tags: | |
| - "v*" | |
| pull_request: | |
| branches: | |
| - master | |
| jobs: | |
| build-client: | |
| name: Build Client Images | |
| permissions: | |
| contents: read | |
| packages: write | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-latest | |
| platform: linux/amd64 | |
| - os: ubuntu-24.04-arm | |
| platform: linux/arm64 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set env vars | |
| run: | | |
| # Define platform pair (e.g., linux-amd64) and save to environment variables | |
| platform=${{ matrix.platform }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| # Define repository owner in lowercase for GHCR and save to env | |
| echo "REPO_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV | |
| # Set short git commit SHA then save to env | |
| calculatedSha=$(git rev-parse --short HEAD) | |
| echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ env.REPO_OWNER }}/rybbit-client | |
| - name: Build (no push on purpose) | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ./client/Dockerfile | |
| platforms: ${{ matrix.platform }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| outputs: type=image,"name=ghcr.io/${{ env.REPO_OWNER }}/rybbit-client",push-by-digest=true,name-canonical=true | |
| push: "${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository }}" | |
| - name: Export digests | |
| run: | | |
| # Create a temporary directory to store digests | |
| mkdir -p /tmp/digests | |
| # Save the digests of client images | |
| echo "${{ steps.build.outputs.digest }}" > /tmp/digests/client-${{ env.PLATFORM_PAIR }} | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: digests-client-${{ env.PLATFORM_PAIR }} | |
| path: "/tmp/digests/*" | |
| retention-days: 1 | |
| build-backend: | |
| name: Build Backend Images | |
| permissions: | |
| contents: read | |
| packages: write | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-latest | |
| platform: linux/amd64 | |
| - os: ubuntu-24.04-arm | |
| platform: linux/arm64 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set env vars | |
| run: | | |
| # Define platform pair (e.g., linux-amd64) and save to environment variables | |
| platform=${{ matrix.platform }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| # Define repository owner in lowercase for GHCR and save to env | |
| echo "REPO_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV | |
| # Set short git commit SHA then save to env | |
| calculatedSha=$(git rev-parse --short HEAD) | |
| echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ env.REPO_OWNER }}/rybbit-backend | |
| - name: Build (no push on purpose) | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: ./server/Dockerfile | |
| platforms: ${{ matrix.platform }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| outputs: type=image,"name=ghcr.io/${{ env.REPO_OWNER }}/rybbit-backend",push-by-digest=true,name-canonical=true | |
| push: "${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository }}" | |
| - name: Export digests | |
| run: | | |
| # Create a temporary directory to store digests | |
| mkdir -p /tmp/digests | |
| # Save the digests of backend images | |
| echo "${{ steps.build.outputs.digest }}" > /tmp/digests/backend-${{ env.PLATFORM_PAIR }} | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: digests-backend-${{ env.PLATFORM_PAIR }} | |
| path: "/tmp/digests/*" | |
| retention-days: 1 | |
| publish-images: | |
| name: Merge & Push Multi-arch Manifests | |
| permissions: | |
| contents: read | |
| packages: write | |
| needs: | |
| - build-client | |
| - build-backend | |
| if: "${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository }}" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: /tmp/digests | |
| pattern: "digests-*" | |
| merge-multiple: true | |
| - name: Set env vars | |
| run: | | |
| # Define repository owner in lowercase for GHCR and save to env | |
| echo "REPO_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: docker/setup-buildx-action@v3 | |
| - name: Metadata client | |
| id: meta-client | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ env.REPO_OWNER }}/rybbit-client | |
| tags: | | |
| # Add 'latest' tag only if this is a version tag (e.g., v1.2.3) | |
| ${{ startsWith(github.ref, 'refs/tags/v') && 'type=raw,value=latest,priority=901' || '' }} | |
| # Add the version tag itself (e.g., v1.2.3) | |
| ${{ startsWith(github.ref, 'refs/tags/v') && format('type=raw,value={0},priority=900', github.ref_name) || '' }} | |
| # For pull requests, add PR number tag | |
| ${{ github.event_name == 'pull_request' && format('type=raw,value=pr-{0},priority=850', github.event.number) || '' }} | |
| # Always add 'edge' tag for build on latest commit indicator | |
| type=edge,priority=800 | |
| # Always add short SHA tag for traceability | |
| type=sha,priority=700 | |
| - name: Push manifest client | |
| working-directory: /tmp/digests | |
| env: | |
| TAGS_JSON: ${{ steps.meta-client.outputs.json }} | |
| run: | | |
| digests="" | |
| # Collect all the digests for the client component | |
| for file in client-*; do | |
| digest=$(cat "$file") | |
| digests+="ghcr.io/${{ env.REPO_OWNER }}/rybbit-client@${digest} " | |
| done | |
| # Create a manifest list and push to GHCR | |
| docker buildx imagetools create \ | |
| $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$TAGS_JSON") \ | |
| $digests | |
| - name: Metadata backend | |
| id: meta-backend | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ env.REPO_OWNER }}/rybbit-backend | |
| tags: | | |
| # Add 'latest' tag only if this is a version tag (e.g., v1.2.3) | |
| ${{ startsWith(github.ref, 'refs/tags/v') && 'type=raw,value=latest,priority=901' || '' }} | |
| # Add the version tag itself (e.g., v1.2.3) | |
| ${{ startsWith(github.ref, 'refs/tags/v') && format('type=raw,value={0},priority=900', github.ref_name) || '' }} | |
| # For pull requests, add PR number tag | |
| ${{ github.event_name == 'pull_request' && format('type=raw,value=pr-{0},priority=850', github.event.number) || '' }} | |
| # Always add 'edge' tag for build on latest commit indicator | |
| type=edge,priority=800 | |
| # Always add short SHA tag for traceability | |
| type=sha,priority=700 | |
| - name: Push manifest backend | |
| working-directory: /tmp/digests | |
| env: | |
| TAGS_JSON: ${{ steps.meta-backend.outputs.json }} | |
| run: | | |
| digests="" | |
| # Collect all the digests for the backend component | |
| for file in backend-*; do | |
| digest=$(cat "$file") | |
| digests+="ghcr.io/${{ env.REPO_OWNER }}/rybbit-backend@${digest} " | |
| done | |
| # Create a manifest list and push to GHCR | |
| docker buildx imagetools create \ | |
| $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$TAGS_JSON") \ | |
| $digests | |
| - name: Inspect client images | |
| run: | | |
| # Inspect the client image to verify the push | |
| echo "Inspecting client..." | |
| docker buildx imagetools inspect ghcr.io/${{ env.REPO_OWNER }}/rybbit-client:${{ steps.meta-client.outputs.version }} | |
| - name: Inspect backend images | |
| run: |- | |
| # Inspect the backend image to verify the push | |
| echo "Inspecting backend..." | |
| docker buildx imagetools inspect ghcr.io/${{ env.REPO_OWNER }}/rybbit-backend:${{ steps.meta-backend.outputs.version }} |