librislog/.github/workflows/docker.yml at main · codebude/librislog · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
name: Docker Build & Publish

on:
  push:
    branches: [develop]
  release:
    types: [published]
  workflow_dispatch:
    inputs:
      branch:
        description: "Branch to build from"
        required: false
        default: develop

env:
  REGISTRY: ghcr.io

jobs:
  build-and-push:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        service:
          - name: frontend
            image: librislog
            dockerfile: ./frontend/Dockerfile
            context: ./frontend
          - name: backend
            image: librislog-api
            dockerfile: ./backend/Dockerfile
            context: ./backend
    permissions:
      contents: read
      packages: write

    steps:
      - name: Checkout repository
        uses: actions/checkout@v6
        with:
          fetch-depth: 0
          ref: ${{ github.event.inputs.branch || github.ref }}

      - name: Derive version
        id: version
        run: |
          if [ "${{ github.event_name }}" = "release" ]; then
            VERSION="${{ github.event.release.tag_name }}"
          else
            VERSION="$(git describe --tags --always 2>/dev/null || echo 'v0.0.0-dev')"
          fi
          echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
          echo "sha_short=$(echo '${{ github.sha }}' | cut -c1-7)" >> "$GITHUB_OUTPUT"

      - name: Sanitize version for Docker tag
        id: sanitize
        run: |
          VERSION="${{ steps.version.outputs.version }}"
          SANITIZED="$(echo "$VERSION" | sed 's/[^a-zA-Z0-9_.-]/-/g')"
          SANITIZED="$(echo "$SANITIZED" | sed 's/^[^a-zA-Z0-9_]\+//')"
          echo "sanitized_tag=${SANITIZED:0:128}" >> "$GITHUB_OUTPUT"

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v4

      - name: Log in to GitHub Container Registry
        uses: docker/login-action@v4
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Generate image tags
        id: tags
        run: |
          IMAGE="${{ env.REGISTRY }}/${{ github.repository }}/${{ matrix.service.image }}"
          SHA_SHORT="${{ steps.version.outputs.sha_short }}"

          if [ "${{ github.event_name }}" = "release" ]; then
            SANITIZED="${{ steps.sanitize.outputs.sanitized_tag }}"
            TAGS="${IMAGE}:${SANITIZED},${IMAGE}:latest"
          else
            TAGS="${IMAGE}:develop,${IMAGE}:${SHA_SHORT}"
          fi

          echo "tags=${TAGS}" >> "$GITHUB_OUTPUT"

      - name: Build and push
        uses: docker/build-push-action@v7
        with:
          context: ${{ matrix.service.context }}
          file: ${{ matrix.service.dockerfile }}
          push: true
          platforms: linux/amd64
          tags: ${{ steps.tags.outputs.tags }}
          build-args: |
            APP_VERSION=${{ steps.version.outputs.version }}
            GIT_SHA=${{ github.sha }}
            ${{ matrix.service.name == 'frontend' && 'PUBLIC_DEFAULT_LOCALE=en' || '' }}
          cache-from: type=gha
          cache-to: type=gha,mode=max