Merge pull request #176 from ashleycaselli/master #34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Create and publish SHACL API Docker image | |
on: | |
release: | |
type: [published] | |
push: | |
branches: [master] | |
env: | |
REGISTRY: ghcr.io | |
jobs: | |
build-and-push-image: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
strategy: | |
matrix: | |
package: | |
[ | |
"x86_64", | |
"arm64" | |
] | |
include: | |
- package: "x86_64" | |
platform: linux/amd64 | |
base: eclipse-temurin:11-alpine | |
- package: "arm64" | |
platform: linux/arm64 | |
base: amazoncorretto:11-alpine3.18-jdk | |
steps: | |
- name: lowercase image name | |
run: | | |
echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >> ${GITHUB_ENV} | |
- name: Checkout repository | |
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 | |
# inspired by https://github.com/reloc8/action-latest-release-version | |
- name: Get release version | |
id: get_version | |
run: | | |
git fetch --tags -f | |
git fetch --prune --unshallow || true | |
LATEST_RELEASE=$(git describe --abbrev=0 --tags | sed 's/^v//') | |
echo "latest-release=${LATEST_RELEASE}" >> $GITHUB_OUTPUT | |
echo "version_build=${LATEST_RELEASE}_"$(git rev-parse --short "$GITHUB_SHA") >> $GITHUB_OUTPUT | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
tags: | | |
type=raw,value=latest,enable=${{ github.event_name == 'push' }} | |
type=raw,value=${{ steps.get_version.outputs.version_build}},enable=${{ github.event_name == 'push' }} | |
type=raw,value=${{ steps.get_version.outputs.latest-release}},enable=${{ github.event_name == 'release' }} | |
- name: Log in to the Container registry | |
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push Docker image for x86 and arm64 | |
id: build | |
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 | |
with: | |
file: .docker/Dockerfile | |
push: true | |
platforms: ${{ matrix.platform }} | |
labels: ${{ steps.meta.outputs.labels }} | |
build-args: | | |
VERSION=${{ steps.get_version.outputs.version_build }} | |
ARCH_BASE=${{ matrix.base }} | |
outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true | |
- name: Export digest | |
run: | | |
mkdir -p /tmp/digests | |
digest="${{ steps.build.outputs.digest }}" | |
touch "/tmp/digests/${digest#sha256:}" | |
- name: Upload digest | |
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
with: | |
name: digests-${{ matrix.package }} | |
path: /tmp/digests/* | |
if-no-files-found: error | |
retention-days: 1 | |
merge: | |
runs-on: ubuntu-latest | |
needs: | |
- build-and-push-image | |
steps: | |
- name: lowercase image name | |
run: | | |
echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >> ${GITHUB_ENV} | |
- name: Checkout repository | |
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
# inspired by https://github.com/reloc8/action-latest-release-version | |
- name: Get release version | |
id: get_version | |
run: | | |
git fetch --tags | |
git fetch --prune --unshallow || true | |
LATEST_RELEASE=$(git describe --abbrev=0 --tags | sed 's/^v//') | |
echo "latest-release=${LATEST_RELEASE}" >> $GITHUB_OUTPUT | |
echo "version_build=${LATEST_RELEASE}_"$(git rev-parse --short "$GITHUB_SHA") >> $GITHUB_OUTPUT | |
- name: Download digests | |
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
with: | |
path: /tmp/digests | |
pattern: digests-* | |
merge-multiple: true | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 | |
with: | |
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
tags: | | |
type=raw,value=latest,enable=${{ github.event_name == 'push' }} | |
type=raw,value=${{ steps.get_version.outputs.version_build}},enable=${{ github.event_name == 'push' }} | |
type=raw,value=${{ steps.get_version.outputs.latest-release}},enable=${{ github.event_name == 'release' }} | |
- name: Log in to the Container registry | |
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Create manifest list and push | |
working-directory: /tmp/digests | |
run: | | |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
$(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *) | |
- name: Inspect image | |
run: | | |
docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} |