Skip to content

INFRA-785 - switch publish-containers.yml to shared workflow #6281

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
stmpn merged 3 commits into from
Jan 29, 2026
Merged

INFRA-785 - switch publish-containers.yml to shared workflow #6281

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0e0583c
INFRA-785 - switch publish-containers.yml to shared workflow
stmpn Jan 27, 2026
2b778d5
Merge branch 'main' into INFRA-785
stmpn Jan 29, 2026
31b3721
Merge branch 'main' into INFRA-785
stmpn Jan 29, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
102 changes: 55 additions & 47 deletions .github/workflows/publish-containers.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,69 +5,77 @@ on:
types: [published]

jobs:
docker:
prepare-variables:
name: Prepare variables
runs-on: ubuntu-22.04

permissions:
contents: read
packages: write

outputs:
image_name: ${{ steps.get-image-name.outputs.image_name }}
labels: ${{ steps.metadata.outputs.labels }}
tags: ${{ steps.metadata.outputs.tags }}
version: ${{ steps.metadata.outputs.version }}
steps:
- name: Checkout
uses: actions/checkout@v4

# Outputs the name of the repository (owner/repo)
- name: Build Image Name
id: image
- name: Get GHCR image name (owner/repo)
id: get-image-name
env:
GH_REPO: ${{ github.repository }}
run: |
IMAGE_NAME=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')
echo "image_name=$IMAGE_NAME" >> $GITHUB_OUTPUT
# github.repository is already in owner/repo format required
# by GHCR; normalize it to lowercase.
GHCR_IMAGE_NAME="${GH_REPO,,}"
echo "image_name=$GHCR_IMAGE_NAME" >> $GITHUB_OUTPUT

- name: Docker meta
id: meta
# Required by docker/metadata-action
- name: Checkout
uses: actions/checkout@v6
Copy link

Copilot AI Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The action version actions/checkout@v6 is inconsistent with the rest of the codebase, which consistently uses actions/checkout@v4. Since my knowledge cutoff is January 2025 and it's currently January 29, 2026, I cannot verify if v6 exists. However, to maintain consistency with the existing codebase, consider using actions/checkout@v4 instead, unless there's a specific requirement for v6.

Copilot uses AI. Check for mistakes.

- name: Docker metadata
id: metadata
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/${{ steps.image.outputs.image_name }}
ghcr.io/${{ steps.get-image-name.outputs.image_name }}
tags: |
type=ref,event=branch
type=pep440,pattern={{version}}
type=pep440,pattern={{major}}.{{minor}}
context: git

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: arm64

- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
build-push:
needs: prepare-variables
uses: saleor/saleor-internal-actions/.github/workflows/build-push-image-multi-platform.yaml@92c29aa0e4545de579b892b2ef9f2d6366c29c11 # v1.5.2
permissions:
contents: read
id-token: write # needed for AWS/ECR login (not used, but required permission)
packages: write # needed for GHCR
with:
checkout-ref: ${{ github.ref }}

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
enable-ghcr: true
oci-full-repository: ghcr.io/${{ needs.prepare-variables.outputs.image_name }}
tags: ${{ needs.prepare-variables.outputs.tags }}
labels: ${{ needs.prepare-variables.outputs.labels }}

amd64-runner-image: ubuntu-24.04
arm64-runner-image: ubuntu-24.04-arm

build-args: |
COMMIT_ID=${{ github.sha }}
PROJECT_VERSION=${{ needs.prepare-variables.outputs.version }}

- name: Build and Push
id: docker_build
uses: docker/build-push-action@v5
with:
builder: ${{ steps.buildx.outputs.name }}
cache-from: type=gha
cache-to: type=gha,mode=max
context: .
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
build-args: |
COMMIT_ID=${{ github.sha }}
PROJECT_VERSION=${{ steps.meta.outputs.version }}

- name: Image digest
summary:
needs: [prepare-variables, build-push]
runs-on: ubuntu-22.04
permissions:
contents: read
steps:
- name: Display image digest and pushed tags
env:
tags: ${{ needs.prepare-variables.outputs.tags }}
digest: ${{ needs.build-push.outputs.digest }}
run: |
echo $"\
Digest: ${{ steps.docker_build.outputs.digest }}
Tags: ${{ steps.meta.outputs.tags }}"
echo "Tags: $tags"
echo "Digest: $digest"
Loading