name: Publish docker image (release) env: DOCKER_IMAGE: katanemo/plano GHCR_IMAGE: ghcr.io/${{ github.repository_owner }}/plano DOCR_IMAGE: registry.digitalocean.com/genai-prod/plano DOCR_PREVIEW_IMAGE: registry.digitalocean.com/genai-preview/plano on: release: types: [published] permissions: contents: read packages: write jobs: # Build ARM64 image on native ARM64 runner — push to both registries build-arm64: runs-on: [linux-arm64] steps: - name: Checkout Repository uses: actions/checkout@v6 - name: Log in to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Log in to GHCR uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Install doctl uses: digitalocean/action-doctl@v2 with: token: ${{ secrets.PLATFORM_DIGITALOCEAN_TOKEN }} - name: Log in to DOCR (prod) run: doctl registry login - name: Extract metadata for Docker id: meta uses: docker/metadata-action@v5 with: images: ${{ env.DOCKER_IMAGE }} tags: | type=raw,value={{tag}} - name: Build and Push ARM64 Image uses: docker/build-push-action@v6 with: context: . file: ./Dockerfile platforms: linux/arm64 push: true tags: | ${{ steps.meta.outputs.tags }}-arm64 ${{ env.GHCR_IMAGE }}:${{ github.event.release.tag_name }}-arm64 ${{ env.DOCR_IMAGE }}:${{ github.event.release.tag_name }}-arm64 - name: Switch to DOCR preview uses: digitalocean/action-doctl@v2 with: token: ${{ secrets.PLATFORM_DIGITALOCEAN_TOKEN_PREVIEW }} - name: Log in to DOCR (preview) run: doctl registry login - name: Push to DOCR Preview run: | docker buildx imagetools create \ -t ${{ env.DOCR_PREVIEW_IMAGE }}:${{ github.event.release.tag_name }}-arm64 \ ${{ steps.meta.outputs.tags }}-arm64 # Build AMD64 image on GitHub's AMD64 runner — push to both registries build-amd64: runs-on: ubuntu-latest steps: - name: Checkout Repository uses: actions/checkout@v6 - name: Log in to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Log in to GHCR uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Install doctl uses: digitalocean/action-doctl@v2 with: token: ${{ secrets.PLATFORM_DIGITALOCEAN_TOKEN }} - name: Log in to DOCR (prod) run: doctl registry login - name: Extract metadata for Docker id: meta uses: docker/metadata-action@v5 with: images: ${{ env.DOCKER_IMAGE }} tags: | type=raw,value={{tag}} - name: Build and Push AMD64 Image uses: docker/build-push-action@v6 with: context: . file: ./Dockerfile platforms: linux/amd64 push: true tags: | ${{ steps.meta.outputs.tags }}-amd64 ${{ env.GHCR_IMAGE }}:${{ github.event.release.tag_name }}-amd64 ${{ env.DOCR_IMAGE }}:${{ github.event.release.tag_name }}-amd64 - name: Switch to DOCR preview uses: digitalocean/action-doctl@v2 with: token: ${{ secrets.PLATFORM_DIGITALOCEAN_TOKEN_PREVIEW }} - name: Log in to DOCR (preview) run: doctl registry login - name: Push to DOCR Preview run: | docker buildx imagetools create \ -t ${{ env.DOCR_PREVIEW_IMAGE }}:${{ github.event.release.tag_name }}-amd64 \ ${{ steps.meta.outputs.tags }}-amd64 # Combine ARM64 and AMD64 images into multi-arch manifests for both registries create-manifest: runs-on: ubuntu-latest needs: [build-arm64, build-amd64] steps: - name: Log in to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Log in to GHCR uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Install doctl uses: digitalocean/action-doctl@v2 with: token: ${{ secrets.PLATFORM_DIGITALOCEAN_TOKEN }} - name: Log in to DOCR (prod) run: doctl registry login - name: Extract metadata for Docker id: meta uses: docker/metadata-action@v5 with: images: ${{ env.DOCKER_IMAGE }} tags: | type=raw,value={{tag}} - name: Create Docker Hub Multi-Arch Manifest run: | docker buildx imagetools create \ -t ${{ steps.meta.outputs.tags }} \ ${{ steps.meta.outputs.tags }}-arm64 \ ${{ steps.meta.outputs.tags }}-amd64 - name: Create GHCR Multi-Arch Manifest run: | TAG=${{ github.event.release.tag_name }} docker buildx imagetools create \ -t ${{ env.GHCR_IMAGE }}:${TAG} \ ${{ env.GHCR_IMAGE }}:${TAG}-arm64 \ ${{ env.GHCR_IMAGE }}:${TAG}-amd64 - name: Create DOCR Prod Multi-Arch Manifest run: | TAG=${{ github.event.release.tag_name }} docker buildx imagetools create \ -t ${{ env.DOCR_IMAGE }}:${TAG} \ ${{ env.DOCR_IMAGE }}:${TAG}-arm64 \ ${{ env.DOCR_IMAGE }}:${TAG}-amd64 - name: Switch to DOCR preview uses: digitalocean/action-doctl@v2 with: token: ${{ secrets.PLATFORM_DIGITALOCEAN_TOKEN_PREVIEW }} - name: Log in to DOCR (preview) run: doctl registry login - name: Create DOCR Preview Multi-Arch Manifest run: | TAG=${{ github.event.release.tag_name }} docker buildx imagetools create \ -t ${{ env.DOCR_PREVIEW_IMAGE }}:${TAG} \ ${{ steps.meta.outputs.tags }}-arm64 \ ${{ steps.meta.outputs.tags }}-amd64