name: Build & push Docker image on: workflow_dispatch: workflow_call: outputs: image: value: ${{ jobs.publish-manifest-list.outputs.image }} env: DOCKER_REGISTRY: ghcr.io jobs: build: name: Build Docker image runs-on: ubuntu-latest permissions: contents: read packages: write strategy: matrix: platform: - linux/amd64 - linux/arm64 steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up QEMU uses: docker/setup-qemu-action@v3 with: platforms: ${{ matrix.platform }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ${{ env.DOCKER_REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Prepare Docker image name id: docker-image-name env: REPOSITORY: ${{ github.repository }} run: echo "value=${DOCKER_REGISTRY}/${REPOSITORY,,}" >> $GITHUB_OUTPUT - name: Build and push Docker image uses: docker/build-push-action@v5 id: build-and-push-docker-image with: context: . platforms: ${{ matrix.platform }} outputs: type=registry,name=${{ steps.docker-image-name.outputs.value }},push-by-digest=true cache-from: type=gha,scope=buildkit-${{ matrix.platform }} cache-to: type=gha,mode=max,scope=buildkit-${{ matrix.platform }} - name: Export digest run: | mkdir -p /tmp/digests digest="${{ steps.build-and-push-docker-image.outputs.digest }}" touch "/tmp/digests/${digest#sha256:}" - name: Upload digest uses: actions/upload-artifact@v3 with: name: digests path: /tmp/digests/* if-no-files-found: error retention-days: 1 publish-manifest-list: name: Publish Docker manifest list runs-on: ubuntu-latest permissions: packages: write needs: - build outputs: image: ${{ steps.retrieve-image.outputs.value }} steps: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ${{ env.DOCKER_REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Prepare Docker metadata uses: docker/metadata-action@v5 id: docker-metadata with: images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }} tags: | type=ref,event=branch type=ref,event=pr type=sha flavor: | latest=true - name: Download digests uses: actions/download-artifact@v3 with: name: digests path: /tmp/digests - name: Prepare Docker image name id: docker-image-name env: REPOSITORY: ${{ github.repository }} run: echo "value=${DOCKER_REGISTRY}/${REPOSITORY,,}" >> $GITHUB_OUTPUT - name: Create and push manifest list run: | docker buildx imagetools create \ $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ $(printf '${{ steps.docker-image-name.outputs.value }}@sha256:%s ' $(ls /tmp/digests)) \ - name: Retrieve image id: retrieve-image run: echo "value=$(echo "$DOCKER_METADATA_OUTPUT_JSON" | jq -r '.tags[1]')" >> $GITHUB_OUTPUT - name: Inspect image run: | docker buildx imagetools inspect ${{ steps.retrieve-image.outputs.value }}