From 5ff08e7b3f63de6428f84e5ff1185d45eb0f7370 Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Thu, 29 May 2025 01:58:58 +0000 Subject: [PATCH 1/2] feat: Add GitHub Actions workflow for Docker image publishing Adds a GitHub Actions workflow to automatically build and publish Docker images for the backend and frontend services. The workflow (`.github/workflows/docker-publish.yml`) is triggered on pushes to the `main` branch. It includes two jobs: 1. `build_and_push_backend`: Builds the Docker image from `surfsense_backend/Dockerfile` and pushes it to `ghcr.io//surfsense_backend:`. 2. `build_and_push_frontend`: Builds the Docker image from `surfsense_web/Dockerfile` and pushes it to `ghcr.io//surfsense_web:`. Both jobs include steps for: - Checking out the repository. - Setting up QEMU and Docker Buildx. - Logging into the GitHub Container Registry (ghcr.io) using `secrets.GITHUB_TOKEN`. - Building and pushing the respective Docker images, tagged with the commit SHA. - Adding OCI labels for image source, creation date, and revision. This CI pipeline automates the process of creating and distributing Docker images for the application, ensuring that new versions are available in the GitHub Container Registry upon changes to the main branch. --- .github/workflows/docker-publish.yml | 74 ++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 .github/workflows/docker-publish.yml diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml new file mode 100644 index 000000000..b9a860522 --- /dev/null +++ b/.github/workflows/docker-publish.yml @@ -0,0 +1,74 @@ +name: Docker Publish + +on: + push: + branches: [ "main" ] + +jobs: + build_and_push_backend: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push backend image + uses: docker/build-push-action@v5 + with: + context: ./surfsense_backend + file: ./surfsense_backend/Dockerfile + push: true + tags: ghcr.io/${{ github.repository_owner }}/surfsense_backend:${{ github.sha }} + labels: | + org.opencontainers.image.source=${{ github.repositoryUrl }} + org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + org.opencontainers.image.revision=${{ github.sha }} + + build_and_push_frontend: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push frontend image + uses: docker/build-push-action@v5 + with: + context: ./surfsense_web + file: ./surfsense_web/Dockerfile + push: true + tags: ghcr.io/${{ github.repository_owner }}/surfsense_web:${{ github.sha }} + labels: | + org.opencontainers.image.source=${{ github.repositoryUrl }} + org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} + org.opencontainers.image.revision=${{ github.sha }} From 825dcad1128c571252c7e62c9cc45ca86763b1ce Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Thu, 29 May 2025 02:00:56 +0000 Subject: [PATCH 2/2] feat: Enable multi-architecture Docker image builds (amd64, arm64) Updates the GitHub Actions workflow (`.github/workflows/docker-publish.yml`) to build and push Docker images for both `linux/amd64` and `linux/arm64` architectures. The `platforms` attribute has been added to the `docker/build-push-action` step for both the backend and frontend jobs. This ensures that you on different CPU architectures can use the published images from ghcr.io. --- .github/workflows/docker-publish.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index b9a860522..9b7ecc6a0 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -34,6 +34,7 @@ jobs: file: ./surfsense_backend/Dockerfile push: true tags: ghcr.io/${{ github.repository_owner }}/surfsense_backend:${{ github.sha }} + platforms: linux/amd64,linux/arm64 labels: | org.opencontainers.image.source=${{ github.repositoryUrl }} org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} @@ -68,6 +69,7 @@ jobs: file: ./surfsense_web/Dockerfile push: true tags: ghcr.io/${{ github.repository_owner }}/surfsense_web:${{ github.sha }} + platforms: linux/amd64,linux/arm64 labels: | org.opencontainers.image.source=${{ github.repositoryUrl }} org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}