@@ -3,17 +3,124 @@ name: Release GHCR
33on :
44 release :
55 types : [published]
6- push :
7- branches :
8- - swanny-ghcr
96 workflow_dispatch :
107
11- # simplest example of using the rust-base action
8+ env :
9+ REGISTRY : ghcr.io
10+ IMAGE_NAME : ${{ github.repository }}
11+
1212jobs :
13- ghcr-release :
14- uses : init4tech/actions/.github/workflows/ghcr.yml@main
13+ build-and-push :
14+ runs-on :
15+ group : ${{ matrix.group }}
1516 permissions :
16- contents : read
17- packages : write
18- attestations : write
19- id-token : write
17+ contents : read
18+ packages : write
19+ attestations : write
20+ id-token : write
21+ strategy :
22+ matrix :
23+ include :
24+ - platform : linux/amd64
25+ group : amd64-large-runners
26+ - platform : linux/arm64
27+ group : arm64-large-runners
28+ steps :
29+ - name : Checkout repository
30+ uses : actions/checkout@v4
31+
32+ - name : Set up Docker Buildx
33+ uses : docker/setup-buildx-action@v3
34+
35+ - name : Log in to Container Registry
36+ uses : docker/login-action@v3
37+ with :
38+ registry : ${{ env.REGISTRY }}
39+ username : ${{ github.actor }}
40+ password : ${{ secrets.GITHUB_TOKEN }}
41+
42+ - name : Extract metadata (tags, labels) for Docker
43+ id : meta
44+ uses : docker/metadata-action@v5
45+ with :
46+ images : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
47+ tags : |
48+ type=ref,event=branch
49+ type=ref,event=pr
50+ type=semver,pattern={{version}}
51+ type=semver,pattern={{major}}.{{minor}}
52+ type=semver,pattern={{major}}
53+ type=sha
54+
55+ name : Build and push Docker image by digest
56+ id : build
57+ uses : docker/build-push-action@v6
58+ with :
59+ context : .
60+ platforms : ${{ matrix.platform }}
61+ labels : ${{ steps.meta.outputs.labels }}
62+ outputs : type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true
63+ cache-from : type=gha,scope=build-${{ matrix.platform }}
64+ cache-to : type=gha,mode=max,scope=build-${{ matrix.platform }}
65+ - name : Export digest
66+ run : |
67+ mkdir -p /tmp/digests
68+ digest="${{ steps.build.outputs.digest }}"
69+ touch "/tmp/digests/${digest#sha256:}"
70+
71+ name : Upload digest
72+ uses : actions/upload-artifact@v4
73+ with :
74+ name : digests-${{ strategy.job-index }}
75+ path : /tmp/digests/*
76+ if-no-files-found : error
77+ retention-days : 1
78+
79+ merge-and-push :
80+ runs-on : ubuntu-latest
81+ needs : build-and-push
82+ permissions :
83+ contents : read
84+ packages : write
85+ attestations : write
86+ id-token : write
87+ steps :
88+ - name : Download digests
89+ uses : actions/download-artifact@v4
90+ with :
91+ path : /tmp/digests
92+ pattern : digests-*
93+ merge-multiple : true
94+
95+ - name : Set up Docker Buildx
96+ uses : docker/setup-buildx-action@v3
97+
98+ - name : Log in to Container Registry
99+ uses : docker/login-action@v3
100+ with :
101+ registry : ${{ env.REGISTRY }}
102+ username : ${{ github.actor }}
103+ password : ${{ secrets.GITHUB_TOKEN }}
104+
105+ - name : Extract metadata (tags, labels) for Docker
106+ id : meta
107+ uses : docker/metadata-action@v5
108+ with :
109+ images : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
110+ tags : |
111+ type=ref,event=branch
112+ type=ref,event=pr
113+ type=semver,pattern={{version}}
114+ type=semver,pattern={{major}}.{{minor}}
115+ type=semver,pattern={{major}}
116+ type=sha
117+
118+ name : Create manifest list and push
119+ working-directory : /tmp/digests
120+ run : |
121+ docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
122+ $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
123+
124+ name : Inspect image
125+ run : |
126+ docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}
0 commit comments