|
4 | 4 | branches: |
5 | 5 | - main |
6 | 6 | tags: ["*"] |
| 7 | + |
| 8 | +permissions: |
| 9 | + contents: read |
| 10 | + packages: write |
| 11 | + |
7 | 12 | jobs: |
8 | 13 | publish: |
9 | | - runs-on: ubuntu-latest |
| 14 | + strategy: |
| 15 | + matrix: |
| 16 | + include: |
| 17 | + - runner: ubuntu-latest |
| 18 | + arch: amd64 |
| 19 | + - runner: ubuntu-24.04-arm |
| 20 | + arch: arm64 |
| 21 | + runs-on: ${{ matrix.runner }} |
10 | 22 | steps: |
11 | 23 | - uses: actions/checkout@v4 |
12 | 24 | with: |
13 | 25 | fetch-depth: 0 |
| 26 | + |
14 | 27 | - uses: docker/setup-buildx-action@v3 |
15 | | - - name: Login to DockerHub |
| 28 | + |
| 29 | + - name: Login to GitHub Container Registry |
16 | 30 | uses: docker/login-action@v4 |
17 | 31 | with: |
18 | | - username: ${{ secrets.DOCKER_USERNAME }} |
19 | | - password: ${{ secrets.DOCKER_PASSWORD }} |
20 | | - - name: Build and push Docker image |
| 32 | + registry: ghcr.io |
| 33 | + username: ${{ github.actor }} |
| 34 | + password: ${{ secrets.GITHUB_TOKEN }} |
| 35 | + |
| 36 | + - name: Resolve Docker tag |
| 37 | + id: tag |
21 | 38 | shell: bash |
22 | 39 | run: | |
23 | 40 | set -euo pipefail |
24 | 41 |
|
25 | | - tags=(--tag sourcegraph/scip-java:latest-snapshot) |
26 | | -
|
| 42 | + image="ghcr.io/scip-code/scip-java" |
27 | 43 | if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then |
28 | 44 | version="${GITHUB_REF_NAME#v}" |
29 | | - tags=( |
30 | | - --tag sourcegraph/scip-java:latest |
31 | | - --tag "sourcegraph/scip-java:${version}" |
32 | | - ) |
| 45 | + tag="${image}:${version}-${{ matrix.arch }}" |
| 46 | + else |
| 47 | + tag="${image}:latest-snapshot-${{ matrix.arch }}" |
33 | 48 | fi |
34 | 49 |
|
35 | | - docker buildx build --push "${tags[@]}" . |
| 50 | + echo "tag=${tag}" >> "$GITHUB_OUTPUT" |
| 51 | +
|
| 52 | + - name: Build and push Docker image |
| 53 | + uses: docker/build-push-action@v6 |
| 54 | + with: |
| 55 | + context: . |
| 56 | + push: true |
| 57 | + platforms: linux/${{ matrix.arch }} |
| 58 | + tags: ${{ steps.tag.outputs.tag }} |
| 59 | + labels: | |
| 60 | + org.opencontainers.image.source=https://github.com/scip-code/scip-java |
| 61 | + org.opencontainers.image.revision=${{ github.sha }} |
| 62 | +
|
| 63 | + publish-manifest: |
| 64 | + needs: publish |
| 65 | + runs-on: ubuntu-latest |
| 66 | + steps: |
| 67 | + - uses: docker/setup-buildx-action@v3 |
| 68 | + |
| 69 | + - name: Login to GitHub Container Registry |
| 70 | + uses: docker/login-action@v3 |
| 71 | + with: |
| 72 | + registry: ghcr.io |
| 73 | + username: ${{ github.actor }} |
| 74 | + password: ${{ secrets.GITHUB_TOKEN }} |
| 75 | + |
| 76 | + - name: Create and push multi-arch manifest |
| 77 | + shell: bash |
| 78 | + run: | |
| 79 | + set -euo pipefail |
| 80 | +
|
| 81 | + image="ghcr.io/scip-code/scip-java" |
| 82 | + if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then |
| 83 | + version="${GITHUB_REF_NAME#v}" |
| 84 | + docker buildx imagetools create \ |
| 85 | + --tag "${image}:latest" \ |
| 86 | + --tag "${image}:${version}" \ |
| 87 | + "${image}:${version}-amd64" \ |
| 88 | + "${image}:${version}-arm64" |
| 89 | + else |
| 90 | + docker buildx imagetools create \ |
| 91 | + --tag "${image}:latest-snapshot" \ |
| 92 | + "${image}:latest-snapshot-amd64" \ |
| 93 | + "${image}:latest-snapshot-arm64" |
| 94 | + fi |
0 commit comments