1
0
silverbullet/.github/workflows/docker.yml
me|kor c8d0b2df14
Feature: Docker multiarch image (amd64 & arm64) dynamic tags and ghcr repositoy (#400)
* Enabled multiarch build with buildx, qemu and also enabled ghcr, improved tagging

- Enabled multiarch build with buildx, qemu and also enabled ghcr
- Improved image tagging
- Getting rid unknown/unknonw architecture in ghcr
    - https://github.com/docker/build-push-action
    - https://docs.docker.com/build/attestations/slsa-provenance/
    - https://github.com/docker/build-push-action/issues/820

* Switched to lukechannings/deno docke rimage as proposed in #136

- silverbulletmd/silverbullet/issues/136

(cherry picked from commit 176b70f5481dbbef9744818662f47617903de209)

* Added tini, condensed Dockerfile Run to one step, cleaning up image

- tini is missing in new base image, so I added it manually, as
  documented in https://github.com/krallin/tini

(cherry picked from commit 4d549b8f5b45bcc9ea04a0e7a4fdc3c82cdd7f5c)

* Using TARGETARCH for downloading tini

(cherry picked from commit 23a6019da00115b34c3bd09eb0c733172edcebbc)
2023-05-09 15:31:40 +02:00

89 lines
2.8 KiB
YAML

name: Docker
on:
push:
branches:
- "main"
tags:
- "**"
env:
DENO_VERSION: v1.32.5
# Docker & Registries
ARCHITECTURES: linux/amd64,linux/arm64
IMAGE_NAME: silverbullet
NAMESPACE_GITHUB: silverbulletmd
NAMESPACE_DOCKER: zefhemel
jobs:
docker-build-push:
runs-on: ubuntu-latest
steps:
- name: Setup repo
uses: actions/checkout@v3
- name: Set up QEMU for multi-arch builds with buildx
uses: docker/setup-qemu-action@v2
with:
platforms: ${{ env.ARCHITECTURES }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
platforms: ${{ env.ARCHITECTURES }}
- name: Setup Deno
uses: denoland/setup-deno@d4873ceeec10de6275fecd1f94b6985369d40231
with:
deno-version: ${{ env.DENO_VERSION }}
- name: Run bundle build
run: |
deno task build
deno task bundle
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log in to the ghcr Container registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
#
# MetaData Extract Docu: <https://github.com/docker/metadata-action>
#
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v4.4.0
with:
images: |
# Set the different image names(paces) for docker-hub & ghcr
${{ env.NAMESPACE_DOCKER }}/${{ env.IMAGE_NAME }}
ghcr.io/${{ env.NAMESPACE_GITHUB }}/${{ env.IMAGE_NAME }}
tags: |
# <https://github.com/docker/metadata-action#typeref>
# minimal (short sha), enable f desired
# type=sha,enable=true,priority=100,prefix=commit-,suffix=,format=short
# set latest tag for default branch
type=raw,value=latest,enable={{is_default_branch}}
#
# tag w/ full tag part of git tag: <https://github.com/docker/metadata-action#typesemver>
# only present for `on.push.tags` !
type=semver,pattern={{raw}},enable=true
# type=edge,branch=develop # usually this would be the develop branch
- name: Build and push Docker images
uses: docker/build-push-action@v4.0.0
with:
context: .
platforms: ${{ env.ARCHITECTURES }}
push: true
# Disable to get rid of unknown architecture in ghcr
provenance: false
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}