Merge pull request #16 from Fortiphyd/relative-path #10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Push Multi-Arch Docker Images | |
| on: | |
| push: | |
| branches: [ main ] | |
| paths-ignore: | |
| - '**.md' | |
| - 'docs/**' | |
| release: | |
| types: [ published ] | |
| env: | |
| DOCKER_TAG: ${{ github.ref_type == 'tag' && github.ref_name || 'latest' }} | |
| SERVICES: plc router workstation simulation scadalts attacker caldera | |
| jobs: | |
| # ================================================================ | |
| # Build AMD64 images | |
| # ================================================================ | |
| build-amd64: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push amd64 images | |
| run: | | |
| set -euo pipefail | |
| for SERVICE in $SERVICES; do | |
| IMAGE="${{ secrets.DOCKERHUB_USERNAME }}/grfics-${SERVICE}" | |
| echo "🚀 Building ${IMAGE}:${DOCKER_TAG} (amd64)" | |
| docker buildx build \ | |
| --platform linux/amd64 \ | |
| --tag "${IMAGE}:amd64" \ | |
| --push \ | |
| --cache-from type=gha \ | |
| --cache-to type=gha,mode=max \ | |
| "./${SERVICE}" | |
| echo "🧹 Cleaning local build cache to free space..." | |
| docker builder prune -af || true | |
| docker system prune -af || true | |
| done | |
| # ================================================================ | |
| # Build ARM64 images | |
| # ================================================================ | |
| build-arm64: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| - uses: docker/setup-qemu-action@v3 # enables ARM emulation | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push arm64 images | |
| run: | | |
| set -euo pipefail | |
| for SERVICE in $SERVICES; do | |
| IMAGE="${{ secrets.DOCKERHUB_USERNAME }}/grfics-${SERVICE}" | |
| echo "🚀 Building ${IMAGE}:${DOCKER_TAG} (arm64)" | |
| docker buildx build \ | |
| --platform linux/arm64 \ | |
| --tag "${IMAGE}:arm64" \ | |
| --push \ | |
| --cache-from type=gha \ | |
| --cache-to type=gha,mode=max \ | |
| "./${SERVICE}" | |
| echo "🧹 Cleaning local build cache to free space..." | |
| docker builder prune -af || true | |
| docker system prune -af || true | |
| done | |
| # ================================================================ | |
| # Combine manifests once both architectures exist | |
| # ================================================================ | |
| create-manifests: | |
| runs-on: ubuntu-latest | |
| needs: [ build-amd64, build-arm64 ] | |
| steps: | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Create and push multi-arch manifests | |
| run: | | |
| set -euo pipefail | |
| for SERVICE in $SERVICES; do | |
| IMAGE="${{ secrets.DOCKERHUB_USERNAME }}/grfics-${SERVICE}:${DOCKER_TAG}" | |
| echo "🔗 Creating multi-arch manifest for ${IMAGE}" | |
| docker buildx imagetools create \ | |
| -t "${IMAGE}" \ | |
| "${IMAGE%:*}:amd64" \ | |
| "${IMAGE%:*}:arm64" | |
| echo "✅ Multi-arch manifest published for ${IMAGE}" | |
| done |