c8d0b2df14
* Enabled multiarch build with buildx, qemu and also enabled ghcr, improved tagging - Enabled multiarch build with buildx, qemu and also enabled ghcr - Improved image tagging - Getting rid unknown/unknonw architecture in ghcr - https://github.com/docker/build-push-action - https://docs.docker.com/build/attestations/slsa-provenance/ - https://github.com/docker/build-push-action/issues/820 * Switched to lukechannings/deno docke rimage as proposed in #136 - silverbulletmd/silverbullet/issues/136 (cherry picked from commit 176b70f5481dbbef9744818662f47617903de209) * Added tini, condensed Dockerfile Run to one step, cleaning up image - tini is missing in new base image, so I added it manually, as documented in https://github.com/krallin/tini (cherry picked from commit 4d549b8f5b45bcc9ea04a0e7a4fdc3c82cdd7f5c) * Using TARGETARCH for downloading tini (cherry picked from commit 23a6019da00115b34c3bd09eb0c733172edcebbc)
89 lines
2.8 KiB
YAML
89 lines
2.8 KiB
YAML
name: Docker
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- "main"
|
|
tags:
|
|
- "**"
|
|
env:
|
|
DENO_VERSION: v1.32.5
|
|
# Docker & Registries
|
|
ARCHITECTURES: linux/amd64,linux/arm64
|
|
IMAGE_NAME: silverbullet
|
|
NAMESPACE_GITHUB: silverbulletmd
|
|
NAMESPACE_DOCKER: zefhemel
|
|
jobs:
|
|
docker-build-push:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Setup repo
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Set up QEMU for multi-arch builds with buildx
|
|
uses: docker/setup-qemu-action@v2
|
|
with:
|
|
platforms: ${{ env.ARCHITECTURES }}
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
with:
|
|
platforms: ${{ env.ARCHITECTURES }}
|
|
|
|
- name: Setup Deno
|
|
uses: denoland/setup-deno@d4873ceeec10de6275fecd1f94b6985369d40231
|
|
with:
|
|
deno-version: ${{ env.DENO_VERSION }}
|
|
|
|
- name: Run bundle build
|
|
run: |
|
|
deno task build
|
|
deno task bundle
|
|
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v2
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
- name: Log in to the ghcr Container registry
|
|
uses: docker/login-action@v2
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
#
|
|
# MetaData Extract Docu: <https://github.com/docker/metadata-action>
|
|
#
|
|
- name: Extract metadata (tags, labels) for Docker
|
|
id: meta
|
|
uses: docker/metadata-action@v4.4.0
|
|
with:
|
|
images: |
|
|
# Set the different image names(paces) for docker-hub & ghcr
|
|
${{ env.NAMESPACE_DOCKER }}/${{ env.IMAGE_NAME }}
|
|
ghcr.io/${{ env.NAMESPACE_GITHUB }}/${{ env.IMAGE_NAME }}
|
|
tags: |
|
|
# <https://github.com/docker/metadata-action#typeref>
|
|
# minimal (short sha), enable f desired
|
|
# type=sha,enable=true,priority=100,prefix=commit-,suffix=,format=short
|
|
# set latest tag for default branch
|
|
type=raw,value=latest,enable={{is_default_branch}}
|
|
#
|
|
# tag w/ full tag part of git tag: <https://github.com/docker/metadata-action#typesemver>
|
|
# only present for `on.push.tags` !
|
|
type=semver,pattern={{raw}},enable=true
|
|
# type=edge,branch=develop # usually this would be the develop branch
|
|
|
|
- name: Build and push Docker images
|
|
uses: docker/build-push-action@v4.0.0
|
|
with:
|
|
context: .
|
|
platforms: ${{ env.ARCHITECTURES }}
|
|
push: true
|
|
# Disable to get rid of unknown architecture in ghcr
|
|
provenance: false
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
labels: ${{ steps.meta.outputs.labels }}
|