screeps-server/.github/workflows/deploy-image.yml at main · Jomik/screeps-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: Deploy Images to GHCR

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

on:
  push:
    branches:
      - main
    tags:
      - "v*"
  release:
    types:
      - published

  workflow_dispatch:

jobs:
  build:
    runs-on: ${{ matrix.platform.runner }}
    strategy:
      fail-fast: false
      matrix:
        node: [22, 24]
        platform:
          - pair: linux/amd64
            runner: ubuntu-latest
            slug: linux-amd64
          - pair: linux/arm64
            runner: ubuntu-24.04-arm
            slug: linux-arm64
    permissions:
      contents: read
      packages: write
    steps:
      - name: Lowercase image name
        run: echo "IMAGE_NAME=${IMAGE_NAME@L}" >> "$GITHUB_ENV"
      - name: Checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - name: Log in to the Container registry
        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4
      - name: Extract metadata (labels) for Docker
        id: meta
        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
          github-token: ${{ github.token }}
      - name: Build and push by digest
        id: build
        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7
        with:
          context: server
          build-args: |
            NODE_VERSION=${{ matrix.node }}
          labels: ${{ steps.meta.outputs.labels }}
          platforms: ${{ matrix.platform.pair }}
          outputs: type=image,"name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}",push-by-digest=true,name-canonical=true,push=true
          cache-from: type=gha,scope=build-node${{ matrix.node }}-${{ matrix.platform.slug }}
          cache-to: type=gha,scope=build-node${{ matrix.node }}-${{ matrix.platform.slug }},mode=max
      - name: Export digest
        run: |
          set -euo pipefail
          mkdir -p "$RUNNER_TEMP/digests"
          digest="${{ steps.build.outputs.digest }}"
          touch "$RUNNER_TEMP/digests/${digest#sha256:}"
      - name: Upload digest
        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
        with:
          name: digests-node${{ matrix.node }}-${{ matrix.platform.slug }}
          path: ${{ runner.temp }}/digests/*
          if-no-files-found: error
          retention-days: 1

  merge:
    needs: build
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node: [22, 24]
    permissions:
      contents: read
      packages: write
    steps:
      - name: Lowercase image name
        run: echo "IMAGE_NAME=${IMAGE_NAME@L}" >> "$GITHUB_ENV"
      - name: Download digests
        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
        with:
          path: ${{ runner.temp }}/digests
          pattern: digests-node${{ matrix.node }}-*
          merge-multiple: true
      - name: Log in to the Container registry
        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4
      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
          github-token: ${{ github.token }}
          flavor: |
            latest=auto
            suffix=${{ matrix.node != 24 && format('-node{0}', matrix.node) || '' }},onlatest=true
          tags: |
            type=edge,branch=main
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
            type=sha
      - name: Create multi-arch manifest
        working-directory: ${{ runner.temp }}/digests
        run: |
          set -euo pipefail
          docker buildx imagetools create \
            $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
            $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)
      - name: Inspect image
        run: |
          set -euo pipefail
          docker buildx imagetools inspect \
            $(jq -cr '.tags[0]' <<< "$DOCKER_METADATA_OUTPUT_JSON")