docker-mailserver/.github/workflows/generic_publish.yml

87 lines
2.5 KiB
YAML
Raw Normal View History

name: 'Publish the DMS Container Image'
on:
workflow_call:
inputs:
cache-key:
required: true
type: string
permissions:
contents: read
packages: write
jobs:
publish-images:
name: 'Publish'
runs-on: ubuntu-22.04
steps:
- name: 'Checkout'
uses: actions/checkout@v3
with:
submodules: recursive
- name: 'Prepare tags'
id: prep
uses: docker/metadata-action@v4.3.0
with:
images: |
${{ secrets.DOCKER_REPOSITORY }}
${{ secrets.GHCR_REPOSITORY }}
tags: |
type=edge,branch=master
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}.{{minor}}.{{patch}}
- name: 'Set up QEMU'
uses: docker/setup-qemu-action@v2.1.0
with:
platforms: arm64
- name: 'Set up Docker Buildx'
uses: docker/setup-buildx-action@v2.4.0
# Try get the cached build layers from a prior `generic_build.yml` job.
# NOTE: Until adopting `type=gha` scoped cache exporter (in `docker/build-push-action`),
# only AMD64 image is expected to be cached, ARM images will build from scratch.
- name: 'Retrieve image build from build cache'
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: cache-buildx-${{ inputs.cache-key }}
restore-keys: |
cache-buildx-
- name: 'Login to DockerHub'
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: 'Login to GitHub Container Registry'
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: 'Acquire the image version'
id: get-version
shell: bash
run: echo "version=$(<VERSION)" >>"${GITHUB_OUTPUT}"
- name: 'Build and publish images'
uses: docker/build-push-action@v4.0.0
with:
context: .
build-args: |
VCS_REVISION=${{ github.sha }}
VCS_VERSION=${{ steps.get-version.outputs.version }}
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.prep.outputs.tags }}
cache-from: type=local,src=/tmp/.buildx-cache
# Disable provenance attestation: https://docs.docker.com/build/attestations/slsa-provenance/
provenance: false