diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c31173e..ba4ca70 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,25 +1,34 @@ -name: Multi-Arch Docker Build & Push (debuggable) +name: Multi-Arch Docker Build & Push on: workflow_dispatch: inputs: - image_name: - description: "Base image name (e.g. myuser/myimage or repo/image)" - required: true tags: - description: "Image tags (comma or space separated). Example: v1.01 latest beta" + description: "Comma-separated list of tags (e.g. v1.0.1,latest,dev,beta)" required: true - dockerhub_user: - description: "Docker Hub username (if pushing there)" - required: false - registries_to_push: - description: "Registries to push to (comma or space separated: dockerhub, ghcr, quay)" + type: string + push_dockerhub: + description: "Push to Docker Hub" required: true - default: "dockerhub, ghcr" + type: boolean + default: false + push_ghcr: + description: "Push to GitHub Container Registry" + required: true + type: boolean + default: false + push_quay: + description: "Push to Quay.io" + required: true + type: boolean + default: false jobs: build-and-push: runs-on: ubuntu-latest + permissions: + contents: read + packages: write steps: - name: Checkout repository uses: actions/checkout@v4 @@ -30,98 +39,79 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Parse tags and compute full image names - id: tagger - env: - TAGS_INPUT: ${{ github.event.inputs.tags }} - IMAGE_NAME: ${{ github.event.inputs.image_name }} - DOCKERHUB_USER: ${{ github.event.inputs.dockerhub_user }} - REGISTRIES_INPUT: ${{ github.event.inputs.registries_to_push }} - GITHUB_REPOSITORY_OWNER: ${{ github.repository_owner }} + - name: Parse tags + id: tags run: | - set -eu - TAGS_INPUT=$(echo "${TAGS_INPUT:-}" | tr ',' ' ') - REGISTRIES=$(echo "${REGISTRIES_INPUT:-}" | tr ',' ' ') - - TAG_ARGS="" - PRINT_LIST="" - - for TAG in $TAGS_INPUT; do - for REG in $REGISTRIES; do - case "$REG" in - dockerhub) - if [ -n "${DOCKERHUB_USER}" ]; then - FULL_TAG="docker.io/${DOCKERHUB_USER}/${IMAGE_NAME}:$TAG" - else - FULL_TAG="docker.io/${IMAGE_NAME}:$TAG" - fi - ;; - ghcr) - FULL_TAG="ghcr.io/${GITHUB_REPOSITORY_OWNER}/${IMAGE_NAME}:$TAG" - ;; - quay) - FULL_TAG="quay.io/${IMAGE_NAME}:$TAG" - ;; - *) - echo "Unknown registry: $REG" - exit 1 - ;; - esac - TAG_ARGS="${TAG_ARGS} --tag ${FULL_TAG}" - PRINT_LIST="${PRINT_LIST}${FULL_TAG} " - done + TAGS_INPUT="${{ github.event.inputs.tags }}" + IFS=',' read -ra TAGS_ARRAY <<< "$TAGS_INPUT" + for i in "${TAGS_ARRAY[@]}"; do + CLEAN_TAG="$(echo "$i" | xargs)" # trim spaces + echo "tag=$CLEAN_TAG" >> "$GITHUB_OUTPUT" + echo "tags_list=${tags_list} $CLEAN_TAG" >> "$GITHUB_OUTPUT" done - echo "tags=${TAG_ARGS}" >> "$GITHUB_OUTPUT" - echo "computed_tags=${PRINT_LIST}" >> "$GITHUB_OUTPUT" - - - name: Show computed tags (action logs) - run: | - echo "----- Computed tag args (passed to docker buildx) -----" - echo "${{ steps.tagger.outputs.tags }}" - echo - echo "----- Computed full image names (human-readable) -----" - echo "${{ steps.tagger.outputs.computed_tags }}" - echo - echo "----- Full docker buildx command that will be executed -----" - echo docker buildx build --platform linux/amd64,linux/arm64 ${{ steps.tagger.outputs.tags }} --push -f Dockerfile . - shell: bash - - - name: Fail early if no tags computed - if: ${{ steps.tagger.outputs.computed_tags == '' }} - run: | - echo "ERROR: No tags were computed for any registry. Check inputs." >&2 - exit 1 - - - name: Log in to Docker Hub - if: contains(github.event.inputs.registries_to_push, 'dockerhub') + # Docker Hub login (optional) + - name: Login to Docker Hub + if: ${{ github.event.inputs.push_dockerhub == 'true' }} uses: docker/login-action@v3 with: - username: ${{ github.event.inputs.dockerhub_user }} + username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Log in to GHCR - if: contains(github.event.inputs.registries_to_push, 'ghcr') + # GHCR login (optional) + - name: Login to GHCR + if: ${{ github.event.inputs.push_ghcr == 'true' }} uses: docker/login-action@v3 with: registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GHCR_TOKEN }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - - name: Log in to Quay.io - if: contains(github.event.inputs.registries_to_push, 'quay') + # Quay.io login (optional) + - name: Login to Quay.io + if: ${{ github.event.inputs.push_quay == 'true' }} uses: docker/login-action@v3 with: registry: quay.io username: ${{ secrets.QUAY_USERNAME }} - password: ${{ secrets.QUAY_PASSWORD }} + password: ${{ secrets.QUAY_TOKEN }} - - name: Build and Push Multi-Arch Image + # Push to Docker Hub + - name: Build & Push to Docker Hub + if: ${{ github.event.inputs.push_dockerhub == 'true' }} run: | - set -x - docker buildx build \ - --platform linux/amd64,linux/arm64 \ - ${{ steps.tagger.outputs.tags }} \ - --push \ - -f Dockerfile \ - . + set -e + for tag in $(echo "${{ github.event.inputs.tags }}" | tr ',' ' '); do + docker buildx build \ + --platform linux/amd64,linux/arm64 \ + --push \ + -t docker.io/${{ secrets.DOCKERHUB_USERNAME }}/$(basename $GITHUB_REPOSITORY):$(echo "$tag" | xargs) . + done + continue-on-error: true + + # Push to GHCR + - name: Build & Push to GHCR + if: ${{ github.event.inputs.push_ghcr == 'true' }} + run: | + set -e + REPO_NAME=$(echo "${GITHUB_REPOSITORY}" | tr '[:upper:]' '[:lower:]') + for tag in $(echo "${{ github.event.inputs.tags }}" | tr ',' ' '); do + docker buildx build \ + --platform linux/amd64,linux/arm64 \ + --push \ + -t ghcr.io/${REPO_NAME}:$(echo "$tag" | xargs) . + done + continue-on-error: true + + # Push to Quay.io + - name: Build & Push to Quay.io + if: ${{ github.event.inputs.push_quay == 'true' }} + run: | + set -e + for tag in $(echo "${{ github.event.inputs.tags }}" | tr ',' ' '); do + docker buildx build \ + --platform linux/amd64,linux/arm64 \ + --push \ + -t quay.io/${{ secrets.QUAY_USERNAME }}/$(basename $GITHUB_REPOSITORY):$(echo "$tag" | xargs) . + done + continue-on-error: true