Skip to content
Create and publish a Docker image

pin neon repository release tag #41

Sign in to view logs

pin neon repository release tag

pin neon repository release tag #41

Workflow file for this run

.github/workflows/publish.yml at f414d87
name: Create and publish a Docker image
on:
workflow_dispatch:
push:
branches: ['main']
env:
REGISTRY: ghcr.io
# https://docs.docker.com/build/ci/github-actions/multi-platform/#distribute-build-across-multiple-runners
jobs:
prepare:
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
REGISTRY_IMAGE: ${{ steps.registry.outputs.REGISTRY_IMAGE }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Lint Dockerfile
uses: hadolint/hadolint-action@master
with:
dockerfile: './docker/neon-proxy/Dockerfile'
- name: Registry image name
env:
REGISTRY: ${{ env.REGISTRY }}
GITHUB_REPOSITORY: ${{ github.repository }}
id: registry
run: |
echo "REGISTRY_IMAGE=${REGISTRY@L}/${GITHUB_REPOSITORY@L}" >> $GITHUB_OUTPUT
build:
needs:
- prepare
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
platform:
- linux/amd64
- linux/arm64
steps:
- name: Sanitize platform
id: sanitize
run: |
platform=${{ matrix.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> "$GITHUB_OUTPUT"
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: latest
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker Meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ needs.prepare.outputs.REGISTRY_IMAGE }}
env:
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,manifest-descriptor # used by GitHub packages for digest annotation
- name: Build by digest
id: build-image
uses: docker/build-push-action@v5
with:
context: ./docker/neon-proxy/
platforms: ${{ matrix.platform }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
outputs: |
type=image,name=${{ needs.prepare.outputs.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
cache-from: type=gha,scope=buildkit-${{ steps.sanitize.outputs.PLATFORM_PAIR }}
cache-to: type=gha,mode=max,scope=buildkit-${{ steps.sanitize.outputs.PLATFORM_PAIR }}
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build-image.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ steps.sanitize.outputs.PLATFORM_PAIR }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
merge:
runs-on: ubuntu-latest
needs:
- prepare
- build
permissions:
contents: read
packages: write
steps:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: latest
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ needs.prepare.outputs.REGISTRY_IMAGE }}
env:
DOCKER_METADATA_ANNOTATIONS_LEVELS: index # used by GitHub packages for manifest annotation
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
TAGS=$(jq -cr '.tags | map("--tag " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON")
ANNOTATIONS=$(jq -cr '.annotations | map("--annotation \"" + . + "\"") | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON")
SOURCE=$(printf '${{ needs.prepare.outputs.REGISTRY_IMAGE }}@sha256:%s ' *)
eval "docker buildx imagetools create $TAGS $ANNOTATIONS $SOURCE"
- name: Inspect image
run: |
docker buildx imagetools inspect ${{ needs.prepare.outputs.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}