diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index c639d25..7aba346 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -20,30 +20,17 @@ env: FRONTEND_IMAGE: ghcr.io/${{ github.repository_owner }}/priceghost-frontend jobs: - # Detect which paths changed - changes: - runs-on: ubuntu-latest - outputs: - backend: ${{ steps.filter.outputs.backend }} - frontend: ${{ steps.filter.outputs.frontend }} - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Check for changes - uses: dorny/paths-filter@v3 - id: filter - with: - filters: | - backend: - - 'backend/**' - frontend: - - 'frontend/**' - + # Build each platform on its native runner to avoid QEMU emulation issues build-backend: - needs: changes - if: needs.changes.outputs.backend == 'true' || github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - platform: linux/amd64 + runner: ubuntu-latest + - platform: linux/arm64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} permissions: contents: read packages: write @@ -52,6 +39,9 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + - name: Prepare platform slug + run: echo "PLATFORM_PAIR=$(echo '${{ matrix.platform }}' | tr '/' '-')" >> $GITHUB_ENV + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -63,6 +53,65 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata for Backend + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.BACKEND_IMAGE }} + + - name: Build and push Backend image by digest + id: build + uses: docker/build-push-action@v6 + with: + context: ./backend + platforms: ${{ matrix.platform }} + labels: ${{ steps.meta.outputs.labels }} + outputs: ${{ github.event_name != 'pull_request' && format('type=image,name={0},push-by-digest=true,name-canonical=true,push=true', env.BACKEND_IMAGE) || 'type=cacheonly' }} + cache-from: type=gha,scope=${{ env.PLATFORM_PAIR }}-backend + cache-to: type=gha,mode=max,scope=${{ env.PLATFORM_PAIR }}-backend + + - name: Export digest + if: github.event_name != 'pull_request' + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + + - name: Upload digest + if: github.event_name != 'pull_request' + uses: actions/upload-artifact@v4 + with: + name: digests-backend-${{ env.PLATFORM_PAIR }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + merge-backend: + needs: build-backend + if: github.event_name != 'pull_request' + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-backend-* + merge-multiple: true + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata for Backend id: meta uses: docker/metadata-action@v5 @@ -73,20 +122,26 @@ jobs: type=sha,prefix= type=raw,value=latest,enable={{is_default_branch}} - - name: Build and push Backend image - uses: docker/build-push-action@v5 - with: - context: ./backend - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + - name: Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.BACKEND_IMAGE }}@sha256:%s ' *) + - name: Inspect image + run: docker buildx imagetools inspect ${{ env.BACKEND_IMAGE }}:${{ steps.meta.outputs.version }} + + # Build each platform on its native runner to avoid QEMU emulation issues build-frontend: - needs: changes - if: needs.changes.outputs.frontend == 'true' || github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - platform: linux/amd64 + runner: ubuntu-latest + - platform: linux/arm64 + runner: ubuntu-24.04-arm + runs-on: ${{ matrix.runner }} permissions: contents: read packages: write @@ -95,6 +150,9 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + - name: Prepare platform slug + run: echo "PLATFORM_PAIR=$(echo '${{ matrix.platform }}' | tr '/' '-')" >> $GITHUB_ENV + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -106,6 +164,65 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata for Frontend + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.FRONTEND_IMAGE }} + + - name: Build and push Frontend image by digest + id: build + uses: docker/build-push-action@v6 + with: + context: ./frontend + platforms: ${{ matrix.platform }} + labels: ${{ steps.meta.outputs.labels }} + outputs: ${{ github.event_name != 'pull_request' && format('type=image,name={0},push-by-digest=true,name-canonical=true,push=true', env.FRONTEND_IMAGE) || 'type=cacheonly' }} + cache-from: type=gha,scope=${{ env.PLATFORM_PAIR }}-frontend + cache-to: type=gha,mode=max,scope=${{ env.PLATFORM_PAIR }}-frontend + + - name: Export digest + if: github.event_name != 'pull_request' + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + + - name: Upload digest + if: github.event_name != 'pull_request' + uses: actions/upload-artifact@v4 + with: + name: digests-frontend-${{ env.PLATFORM_PAIR }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + merge-frontend: + needs: build-frontend + if: github.event_name != 'pull_request' + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-frontend-* + merge-multiple: true + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata for Frontend id: meta uses: docker/metadata-action@v5 @@ -116,12 +233,11 @@ jobs: type=sha,prefix= type=raw,value=latest,enable={{is_default_branch}} - - name: Build and push Frontend image - uses: docker/build-push-action@v5 - with: - context: ./frontend - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + - name: Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ + $(printf '${{ env.FRONTEND_IMAGE }}@sha256:%s ' *) + + - name: Inspect image + run: docker buildx imagetools inspect ${{ env.FRONTEND_IMAGE }}:${{ steps.meta.outputs.version }}