be8a20786f
Publishes container images to both registries:
- GHCR: ghcr.io/host-uk/core-images:{image} (org access)
- Docker Hub: lthn/{image}:{version} (public distribution)
Changes:
- Add Docker Hub login step (requires DOCKERHUB_USERNAME, DOCKERHUB_TOKEN secrets)
- Update metadata to generate tags for both registries
- Enable dev branch builds
- Fix LinuxKit build to use linuxkit directly (not core CLI)
- Use correct double-dash flags for linuxkit
Naming:
- developer -> ghcr.io/host-uk/core-images:developer + lthn/core-dev:latest
- server-php -> ghcr.io/host-uk/core-images:server-php + lthn/server-php:latest
Closes #1
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
186 lines
5.5 KiB
YAML
186 lines
5.5 KiB
YAML
# Host UK Container Images
|
|
# Publishes to both GHCR (org access) and Docker Hub (public)
|
|
#
|
|
# GHCR: ghcr.io/host-uk/core-images:{image}
|
|
# Docker Hub: lthn/{image}:{version}
|
|
|
|
name: Build Images
|
|
|
|
on:
|
|
push:
|
|
branches: [main, dev]
|
|
tags: ['v*']
|
|
pull_request:
|
|
branches: [main, dev]
|
|
workflow_dispatch:
|
|
|
|
env:
|
|
GHCR_REGISTRY: ghcr.io
|
|
DOCKERHUB_ORG: lthn
|
|
|
|
jobs:
|
|
# ============================================================
|
|
# Build Docker Images
|
|
# ============================================================
|
|
docker:
|
|
name: Docker (${{ matrix.image }})
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
packages: write
|
|
|
|
strategy:
|
|
matrix:
|
|
image:
|
|
- developer
|
|
- server-php
|
|
include:
|
|
- image: developer
|
|
dockerhub_name: core-dev
|
|
- image: server-php
|
|
dockerhub_name: server-php
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Login to GHCR
|
|
if: github.event_name != 'pull_request'
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ${{ env.GHCR_REGISTRY }}
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Login to Docker Hub
|
|
if: github.event_name != 'pull_request'
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
- name: Extract metadata
|
|
id: meta
|
|
uses: docker/metadata-action@v5
|
|
with:
|
|
images: |
|
|
${{ env.GHCR_REGISTRY }}/host-uk/core-images
|
|
${{ env.DOCKERHUB_ORG }}/${{ matrix.dockerhub_name }}
|
|
tags: |
|
|
# Tag image variant for GHCR (core-images:developer)
|
|
type=raw,value=${{ matrix.image }},enable=${{ github.ref == 'refs/heads/main' }}
|
|
# Branch name (core-images:dev, lthn/core-dev:dev)
|
|
type=ref,event=branch,suffix=-${{ matrix.image }},enable=${{ github.ref != 'refs/heads/main' }}
|
|
type=ref,event=branch,enable=${{ github.ref != 'refs/heads/main' }}
|
|
# PR number
|
|
type=ref,event=pr
|
|
# Semver tags (v1.0.0 -> 1.0.0, 1.0, 1)
|
|
type=semver,pattern={{version}}
|
|
type=semver,pattern={{major}}.{{minor}}
|
|
type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
|
|
# Latest on main
|
|
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
|
|
flavor: |
|
|
latest=false
|
|
|
|
- name: Build and push
|
|
uses: docker/build-push-action@v5
|
|
with:
|
|
context: ./${{ matrix.image }}
|
|
platforms: linux/amd64,linux/arm64
|
|
push: ${{ github.event_name != 'pull_request' }}
|
|
tags: ${{ steps.meta.outputs.tags }}
|
|
labels: ${{ steps.meta.outputs.labels }}
|
|
cache-from: type=gha
|
|
cache-to: type=gha,mode=max
|
|
|
|
# ============================================================
|
|
# Build LinuxKit Images
|
|
# ============================================================
|
|
linuxkit:
|
|
name: LinuxKit (${{ matrix.image }}-${{ matrix.arch }})
|
|
runs-on: ubuntu-latest
|
|
needs: docker
|
|
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')
|
|
|
|
strategy:
|
|
matrix:
|
|
image: [developer, server-php]
|
|
arch: [amd64, arm64]
|
|
format: [qcow2-bios, iso-bios]
|
|
include:
|
|
- image: developer
|
|
output_name: core-dev
|
|
- image: server-php
|
|
output_name: server-php
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install LinuxKit
|
|
run: |
|
|
curl -fsSL "https://github.com/linuxkit/linuxkit/releases/download/v1.5.3/linuxkit-linux-amd64" -o linuxkit
|
|
chmod +x linuxkit
|
|
sudo mv linuxkit /usr/local/bin/
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ${{ env.GHCR_REGISTRY }}
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Build LinuxKit Image
|
|
run: |
|
|
mkdir -p dist
|
|
linuxkit build \
|
|
--format ${{ matrix.format }} \
|
|
--name ./dist/${{ matrix.output_name }}-${{ matrix.arch }} \
|
|
./${{ matrix.image }}/linuxkit.yml
|
|
|
|
- name: Upload Artifact
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: ${{ matrix.output_name }}-${{ matrix.arch }}-${{ matrix.format }}
|
|
path: ./dist/*
|
|
|
|
# ============================================================
|
|
# Release LinuxKit Images
|
|
# ============================================================
|
|
release-linuxkit:
|
|
name: Release LinuxKit Images
|
|
runs-on: ubuntu-latest
|
|
needs: linuxkit
|
|
if: startsWith(github.ref, 'refs/tags/v')
|
|
permissions:
|
|
contents: write
|
|
|
|
steps:
|
|
- name: Download all artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
path: ./dist
|
|
merge-multiple: true
|
|
|
|
- name: Generate checksums
|
|
run: |
|
|
cd dist
|
|
sha256sum * > checksums.txt
|
|
|
|
- name: Upload to Release
|
|
uses: softprops/action-gh-release@v1
|
|
with:
|
|
files: |
|
|
dist/*
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|