don't use a keyfile for ssl cert (#265) #136
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: docker | |
on: | |
push: | |
branches: | |
- unstable | |
- stable | |
tags: | |
- v* | |
env: | |
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/siren | |
jobs: | |
# Extract the VERSION which is either `latest` or `vX.Y.Z`, and the VERSION_SUFFIX | |
# which is either empty or `-unstable`. | |
# | |
# It would be nice if the arch didn't get spliced into the version between `latest` and | |
# `unstable`, but for now we keep the two parts of the version separate for backwards | |
# compatibility. | |
extract-version: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Extract version (if stable) | |
if: github.event.ref == 'refs/heads/stable' | |
run: | | |
echo "VERSION=latest" >> $GITHUB_ENV | |
echo "VERSION_SUFFIX=" >> $GITHUB_ENV | |
- name: Extract version (if unstable) | |
if: github.event.ref == 'refs/heads/unstable' | |
run: | | |
echo "VERSION=latest" >> $GITHUB_ENV | |
echo "VERSION_SUFFIX=-unstable" >> $GITHUB_ENV | |
- name: Extract version (if tagged release) | |
if: startsWith(github.event.ref, 'refs/tags') | |
run: | | |
echo "VERSION=$(echo ${GITHUB_REF#refs/tags/})" >> $GITHUB_ENV | |
echo "VERSION_SUFFIX=" >> $GITHUB_ENV | |
outputs: | |
VERSION: ${{ env.VERSION }} | |
VERSION_SUFFIX: ${{ env.VERSION_SUFFIX }} | |
build-docker-single-arch: | |
name: build-docker-${{ matrix.binary }} | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
binary: [aarch64, x86_64] | |
needs: [extract-version] | |
env: | |
# We need to enable experimental docker features in order to use `docker buildx` | |
DOCKER_CLI_EXPERIMENTAL: enabled | |
VERSION: ${{ needs.extract-version.outputs.VERSION }} | |
VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: docker/setup-qemu-action@v3 | |
- name: Dockerhub login | |
run: | | |
echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin | |
- name: Map aarch64 to arm64 short arch | |
if: startsWith(matrix.binary, 'aarch64') | |
run: echo "SHORT_ARCH=arm64" >> $GITHUB_ENV | |
- name: Map x86_64 to amd64 short arch | |
if: startsWith(matrix.binary, 'x86_64') | |
run: echo "SHORT_ARCH=amd64" >> $GITHUB_ENV; | |
- name: Build Dockerfile and push | |
run: | | |
docker buildx build \ | |
--platform=linux/${SHORT_ARCH} \ | |
--file ./Dockerfile . \ | |
--tag ${IMAGE_NAME}:${VERSION}-${SHORT_ARCH}${VERSION_SUFFIX} \ | |
--push | |
build-docker-multiarch: | |
name: build-docker-multiarch | |
runs-on: ubuntu-22.04 | |
needs: [build-docker-single-arch, extract-version] | |
env: | |
# We need to enable experimental docker features in order to use `docker manifest` | |
DOCKER_CLI_EXPERIMENTAL: enabled | |
VERSION: ${{ needs.extract-version.outputs.VERSION }} | |
VERSION_SUFFIX: ${{ needs.extract-version.outputs.VERSION_SUFFIX }} | |
steps: | |
- name: Dockerhub login | |
run: | | |
echo "${DOCKER_PASSWORD}" | docker login --username ${DOCKER_USERNAME} --password-stdin | |
- name: Create and push multiarch manifest | |
run: | | |
docker manifest create ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX} \ | |
--amend ${IMAGE_NAME}:${VERSION}-arm64${VERSION_SUFFIX} \ | |
--amend ${IMAGE_NAME}:${VERSION}-amd64${VERSION_SUFFIX}; | |
docker manifest push ${IMAGE_NAME}:${VERSION}${VERSION_SUFFIX} |