chore(deps): update docker/build-push-action action to v7 #414

Workflow file for this run

	name: CI

	on:
	push:
	branches: ["main", "renovate/*"]
	pull_request:
	branches: ["main"]
	workflow_dispatch:

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	env:
	REGISTRY: ghcr.io

	jobs:
	detect-changes:
	runs-on: ubuntu-latest
	outputs:
	build_matrix: ${{ steps.build-matrix.outputs.build_matrix }}
	merge_matrix: ${{ steps.build-matrix.outputs.merge_matrix }}
	has_changes: ${{ steps.build-matrix.outputs.has_changes }}
	steps:
	- name: Checkout containers repository
	uses: actions/checkout@v6
	with:
	fetch-depth: 0

	- name: Detect changed matrix files
	uses: dorny/paths-filter@v3
	id: filter
	with:
	list-files: json
	filters: \|
	matrix:
	- 'matrix/*/config.yaml'
	- 'matrix/*/Dockerfile'

	- name: Build matrix from changed files
	id: build-matrix
	run: \|
	if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
	# On workflow_dispatch, build all projects
	PROJECTS=$(find matrix -mindepth 1 -maxdepth 1 -type d -exec basename {} \;)
	elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/main" && "${{ steps.filter.outputs.matrix }}" == "true" ]]; then
	# On main push, only changed projects
	CHANGED_FILES=$(echo '${{ steps.filter.outputs.matrix_files }}' \| jq -r '.[]')
	PROJECTS=$(echo "$CHANGED_FILES" \| cut -d'/' -f2 \| sort -u)
	elif [[ "${{ steps.filter.outputs.matrix }}" == "true" ]]; then
	# On PR/branch, only changed projects
	CHANGED_FILES=$(echo '${{ steps.filter.outputs.matrix_files }}' \| jq -r '.[]')
	PROJECTS=$(echo "$CHANGED_FILES" \| cut -d'/' -f2 \| sort -u)
	else
	# No changes
	echo "has_changes=false" >> $GITHUB_OUTPUT
	echo "build_matrix={\"include\":[]}" >> $GITHUB_OUTPUT
	echo "merge_matrix={\"include\":[]}" >> $GITHUB_OUTPUT
	exit 0
	fi

	# Convert YAML config files to JSON matrices
	BUILD_MATRIX_JSON='{"include":[]}'
	MERGE_MATRIX_JSON='{"include":[]}'
	for project in $PROJECTS; do
	config_file="matrix/$project/config.yaml"
	if [ -f "$config_file" ]; then
	# Convert YAML to JSON and add project name
	ENTRY=$(yq eval -o=json "$config_file" \| jq -c ". + {project: \"$project\"}")

	MERGE_MATRIX_JSON=$(echo "$MERGE_MATRIX_JSON" \| jq -c ".include += [$ENTRY]")

	while IFS= read -r platform; do
	case "$platform" in
	linux/arm64)
	runner="ubuntu-24.04-arm"
	;;
	*)
	runner="ubuntu-24.04"
	;;
	esac

	BUILD_ENTRY=$(echo "$ENTRY" \| jq -c --arg platform "$platform" --arg runner "$runner" '. + {platform: $platform, runner: $runner}')
	BUILD_MATRIX_JSON=$(echo "$BUILD_MATRIX_JSON" \| jq -c ".include += [$BUILD_ENTRY]")
	done < <(echo "$ENTRY" \| jq -r '.platforms \| split(",")[] \| gsub("\\s+"; "")')
	fi
	done

	if [ "$(echo "$BUILD_MATRIX_JSON" \| jq '.include \| length')" -eq 0 ]; then
	echo "has_changes=false" >> $GITHUB_OUTPUT
	echo "build_matrix={\"include\":[]}" >> $GITHUB_OUTPUT
	echo "merge_matrix={\"include\":[]}" >> $GITHUB_OUTPUT
	exit 0
	fi

	echo "has_changes=true" >> $GITHUB_OUTPUT
	echo "build_matrix=$BUILD_MATRIX_JSON" >> $GITHUB_OUTPUT
	echo "merge_matrix=$MERGE_MATRIX_JSON" >> $GITHUB_OUTPUT
	echo "Build matrix: $BUILD_MATRIX_JSON"
	echo "Merge matrix: $MERGE_MATRIX_JSON"

	# https://docs.docker.com/build/ci/github-actions/multi-platform/#distribute-build-across-multiple-runners
	build:
	needs: detect-changes
	if: needs.detect-changes.outputs.has_changes == 'true'
	strategy:
	fail-fast: false
	matrix: ${{ fromJSON(needs.detect-changes.outputs.build_matrix) }}
	runs-on: ${{ matrix.runner }}
	env:
	REPOSITORY: ${{ matrix.owner && format('{0}/{1}', matrix.owner, matrix.repo) \|\| '' }}
	IMAGE_NAME: japan7/${{ matrix.repo \|\| matrix.name }}
	steps:
	- name: Checkout project repository
	if: matrix.owner
	uses: actions/checkout@v6
	with:
	repository: ${{ env.REPOSITORY }}
	ref: ${{ matrix.ref \|\| matrix.tag }}

	- name: Checkout containers repository
	uses: actions/checkout@v6
	with:
	path: ${{ matrix.owner && 'containers' \|\| '.' }}

	- name: Apply .diff and set Dockerfile
	id: prepare
	run: \|
	platform=${{ matrix.platform }}
	echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV

	if [ -n "${{ matrix.owner }}" ]; then
	# Clone mode: check for diff and use matrix Dockerfile
	DIFF="containers/matrix/${{ matrix.project }}/patch.diff"
	if [ -f "$DIFF" ]; then
	echo "Applying $DIFF"
	git apply "$DIFF"
	fi
	CUSTOM_DOCKERFILE="containers/matrix/${{ matrix.project }}/Dockerfile"
	if [ -f "$CUSTOM_DOCKERFILE" ]; then
	DOCKERFILE="$CUSTOM_DOCKERFILE"
	else
	DOCKERFILE="Dockerfile"
	fi
	else
	# No-clone mode: use matrix Dockerfile
	DOCKERFILE="matrix/${{ matrix.project }}/Dockerfile"
	fi
	echo "Will use $DOCKERFILE"
	echo "DOCKERFILE=$DOCKERFILE" >> $GITHUB_OUTPUT

	- name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

	- name: Login to ${{ env.REGISTRY }}
	if: github.ref == 'refs/heads/main'
	uses: docker/login-action@v4
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v4

	- name: Build and push by digest
	id: build
	uses: docker/build-push-action@v7
	with:
	context: .
	file: ${{ steps.prepare.outputs.DOCKERFILE }}
	platforms: ${{ matrix.platform }}
	labels: ${{ steps.meta.outputs.labels }}
	tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
	outputs: type=image,push-by-digest=true,name-canonical=true,push=${{ github.ref == 'refs/heads/main' }}
	cache-from: type=gha,scope=buildkit-${{ env.IMAGE_NAME }}-${{ env.PLATFORM_PAIR }}
	cache-to: type=gha,mode=max,scope=buildkit-${{ env.IMAGE_NAME }}-${{ env.PLATFORM_PAIR }}

	- name: Export digest
	run: \|
	mkdir -p ${{ runner.temp }}/digests
	digest="${{ steps.build.outputs.digest }}"
	touch "${{ runner.temp }}/digests/${digest#sha256:}"

	- name: Upload digest
	uses: actions/upload-artifact@v7
	with:
	name: digests-${{ matrix.project }}-${{ env.PLATFORM_PAIR }}
	path: ${{ runner.temp }}/digests/*
	if-no-files-found: error
	retention-days: 1

	merge:
	if: github.ref == 'refs/heads/main'
	needs: [detect-changes, build]
	strategy:
	fail-fast: false
	matrix: ${{ fromJSON(needs.detect-changes.outputs.merge_matrix) }}
	runs-on: ubuntu-latest
	env:
	IMAGE_NAME: japan7/${{ matrix.repo \|\| matrix.name }}
	TAG: ${{ matrix.branch \|\| matrix.tag }}
	steps:
	- name: Download digests
	uses: actions/download-artifact@v8
	with:
	path: ${{ runner.temp }}/digests
	pattern: digests-${{ matrix.project }}-*
	merge-multiple: true

	- name: Login to ${{ env.REGISTRY }}
	uses: docker/login-action@v4
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v4

	- name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
	tags: \|
	type=raw,value=${{ env.TAG }}

	- name: Create manifest list and push
	working-directory: ${{ runner.temp }}/digests
	run: \|
	docker buildx imagetools create $(jq -cr '.tags \| map("-t " + .) \| join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
	$(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)

	- name: Inspect image
	run: \|
	docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update docker/build-push-action action to v7 #414

Workflow file

chore(deps): update docker/build-push-action action to v7 #414

Uh oh!

Workflow file for this run