diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index e8689e1..c7158a2 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -63,21 +63,77 @@ jobs: token: ${{ secrets.CODECOV_TOKEN }} build: name: Build and push image - runs-on: ${{ matrix.runner }} + runs-on: ${{ matrix.arch.runner }} strategy: matrix: - runner: [ubuntu-latest, ubuntu-arm-latest] + arch: + - runner: ubuntu-latest + platform: linux/amd64 + - runner: ubuntu-arm-latest + platform: linux/arm64 permissions: packages: write needs: tests steps: - uses: actions/checkout@v4 - - name: Login to the Container Registry + - name: Prepare + run: | + platform=${{ matrix.arch.platform }} + echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV + - name: Generate metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Login to the container registry uses: docker/login-action@v3 with: registry: brosner.dev username: brosner password: ${{ secrets.CI_TOKEN }} + - name: Setup docker buildx + uses: docker/setup-buildx-action@v3 + - name: Build image + id: build + uses: docker/build-push-action@v6 + with: + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + labels: ${{ steps.meta.outputs.labels }} + annotations: ${{ steps.meta.outputs.annotations }} + target: prod + platforms: ${{ matrix.arch.platform }} + outputs: type=image,push-by-digest=true,name-canonical=true,push=true + - name: Export digest + run: | + mkdir -p ${{ runner.temp }}/digests + digest="${{ steps.build.outputs.digest }}" + touch "${{ runner.temp }}/digests/${digest#sha256:}" + - name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_PAIR }} + path: ${{ runner.temp }}/digests/* + if-no-files-found: error + retention-days: 1 + merge: + runs-on: ubuntu-latest + needs: + - build + steps: + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: ${{ runner.temp }}/digests + pattern: digests-* + merge-multiple: true + - name: Login to the container registry + uses: docker/login-action@v3 + with: + registry: brosner.dev + username: brosner + password: ${{ secrets.CI_TOKEN }} + - name: Setup docker buildx + uses: docker/setup-buildx-action@v3 - name: Generate metadata id: meta uses: docker/metadata-action@v5 @@ -87,22 +143,11 @@ jobs: type=ref,event=branch type=ref,event=pr type=sha - labels: | - org.opencontainers.image.title=teufa - org.opencontainers.image.description=teufa container image - org.opencontainers.image.source=https://brosner.dev/brosner/teufa - org.opencontainers.image.licenses=MIT - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Setup docker buildx - uses: docker/setup-buildx-action@v3 - - name: Build image - uses: docker/build-push-action@v6 - if: gitea.ref == 'refs/heads/main' - with: - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - annotations: ${{ steps.meta.outputs.annotations }} - target: prod - platforms: ${{ matrix.runner == 'ubuntu-latest' && 'linux/amd64' || 'linux/arm64' }} - push: true + - name: Create manifest list and push + working-directory: ${{ runner.temp }}/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) + - name: Inspect image + run: | + docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}