Hiroshi SHIBATA 2025-06-11 18:05:03 +0900 (Wed, 11 Jun 2025)
Revision: 2daf331d82c042012d17a0438ad5d453e57d1547
https://github.com/tdiary/tdiary-core/commit/2daf331d82c042012d17a0438ad5d453e57d1547
Message:
Added docker build action
Added files:
.github/workflows/build-image.yml
Added: .github/workflows/build-image.yml (+144 -0) 100644
===================================================================
--- /dev/null
+++ .github/workflows/build-image.yml 2025-06-11 18:05:03 +0900 (f16f5b67)
@@ -0,0 +1,144 @@
+name: Build Docker Image
+
+on:
+ push:
+ tags: [ 'v*' ]
+ workflow_dispatch:
+
+env:
+ REGISTRY: docker.io
+ IMAGE_NAME: tdiary/tdiary
+
+jobs:
+ build:
+ strategy:
+ matrix:
+ include:
+ - runner: ubuntu-latest
+ platform: linux/amd64
+ arch: amd64
+ - runner: ubuntu-24.04-arm64
+ platform: linux/arm64
+ arch: arm64
+ runs-on: ${{ matrix.runner }}
+ permissions:
+ contents: read
+ packages: write
+
+ outputs:
+ image-digest-amd64: ${{ steps.build-amd64.outputs.digest }}
+ image-digest-arm64: ${{ steps.build-arm64.outputs.digest }}
+ metadata: ${{ steps.meta.outputs.json }}
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v4
+
+ - name: Log in to Docker Hub
+ uses: docker/login-action@v3
+ with:
+ registry: ${{ env.REGISTRY }}
+ username: ${{ secrets.DOCKER_USERNAME }}
+ password: ${{ secrets.DOCKER_PASSWORD }}
+
+ - name: Extract metadata
+ id: meta
+ uses: docker/metadata-action@v5
+ with:
+ images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+ tags: |
+ type=ref,event=branch
+ type=semver,pattern={{version}}
+ type=semver,pattern={{major}}.{{minor}}
+ type=semver,pattern={{major}}
+ type=raw,value=latest,enable={{is_default_branch}}
+ flavor: |
+ latest=false
+
+ - name: Build and push Docker image (AMD64)
+ id: build-amd64
+ if: matrix.arch == 'amd64'
+ uses: docker/build-push-action@v5
+ with:
+ context: .
+ file: ./Dockerfile
+ push: true
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+ platforms: ${{ matrix.platform }}
+ provenance: false
+ outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true
+
+ - name: Build and push Docker image (ARM64)
+ id: build-arm64
+ if: matrix.arch == 'arm64'
+ uses: docker/build-push-action@v5
+ with:
+ context: .
+ file: ./Dockerfile
+ push: true
+ tags: ${{ steps.meta.outputs.tags }}
+ labels: ${{ steps.meta.outputs.labels }}
+ platforms: ${{ matrix.platform }}
+ provenance: false
+ outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true
+
+ merge:
+ runs-on: ubuntu-latest
+ needs: build
+ permissions:
+ contents: read
+ packages: write
+
+ steps:
+ - name: Log in to Docker Hub
+ uses: docker/login-action@v3
+ with:
+ registry: ${{ env.REGISTRY }}
+ username: ${{ secrets.DOCKER_USERNAME }}
+ password: ${{ secrets.DOCKER_PASSWORD }}
+
+ - name: Create and push manifest
+ run: |
+ # Extract metadata from build job
+ METADATA='${{ needs.build.outputs.metadata }}'
+ TAGS=$(echo "$METADATA" | jq -r '.tags[]')
+
+ # Get digests from build outputs
+ AMD64_DIGEST="${{ needs.build.outputs.image-digest-amd64 }}"
+ ARM64_DIGEST="${{ needs.build.outputs.image-digest-arm64 }}"
+
+ # Create and push manifest for each tag
+ for tag in $TAGS; do
+ echo "Creating manifest for $tag"
+ docker manifest create $tag \
+ ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@$AMD64_DIGEST \
+ ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@$ARM64_DIGEST
+
+ docker manifest annotate $tag \
+ ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@$AMD64_DIGEST \
+ --os linux --arch amd64
+
+ docker manifest annotate $tag \
+ ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@$ARM64_DIGEST \
+ --os linux --arch arm64
+
+ docker manifest push $tag
+ done
+
+ - name: Test Docker image
+ run: |
+ # Extract metadata from build job
+ METADATA='${{ needs.build.outputs.metadata }}'
+ TAGS=$(echo "$METADATA" | jq -r '.tags[]')
+
+ echo "Created tags:"
+ for tag in $TAGS; do
+ echo " - $tag"
+ if docker manifest inspect $tag >/dev/null 2>&1; then
+ echo " ✓ Multi-arch manifest verified"
+ docker manifest inspect $tag | jq -r '.manifests[].platform | "\(.architecture)/\(.os)"' | sed 's/^/ /'
+ else
+ echo " ✗ Manifest verification failed"
+ fi
+ done
|
