From dec732391c405be52cabc910d857d692b167ac6f Mon Sep 17 00:00:00 2001
From: Morre <morre@mor.re>
Date: Fri, 7 Jun 2024 13:31:35 +0200
Subject: [PATCH] ci: add image build

---
 .github/workflows/image.yml | 63 +++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 .github/workflows/image.yml

diff --git a/.github/workflows/image.yml b/.github/workflows/image.yml
new file mode 100644
index 00000000000..33db5a134ca
--- /dev/null
+++ b/.github/workflows/image.yml
@@ -0,0 +1,63 @@
+name: Build Docker image
+
+on:
+  push:
+    tags:
+      - "v*"
+
+  # Run on pull requests to verify that the image still builds correctly
+  # The image is not pushed on pull requests
+  pull_request:
+
+permissions:
+  packages: write
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
+
+      - name: Login to GHCR
+        # Login is only needed when the image is pushed
+        if: ${{ startsWith(github.ref, 'refs/tags') }}
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
+        with:
+          flavor: |
+            latest=false
+
+          # This pushes to the GitHub registry only
+          # It can be extended to https://hub.docker.com/r/gohugoio/hugo once a maintainer
+          # adds a Dockerhub token with push access to the GitHub action secrets. Then add
+          # "gohugoio/hugo" here
+          images: |
+            ghcr.io/gohugoio/hugo
+
+          # Tag the image with the v-prefixed semver version on tags, tag with the ref on PRs
+          tags: |
+            type=semver,pattern={{raw}}
+            type=ref,event=pr
+
+      - name: Build and push
+        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
+        with:
+          platforms: linux/amd64,linux/arm64
+          # Push for git tags only
+          push: ${{ startsWith(github.ref, 'refs/tags') }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}