ci: add semantic-release and update docker tag scheme

- Add semantic-release for automated versioning based on commits
- Update docker tags: master-* -> latest-*, add develop-* tags
- Add workflow_dispatch for manual docker builds
- Update nightly builds to actually push images
- Update example docker-compose files with new tags

Author: Starosdev

.github/workflows/docker-build.yaml

@@ -1,9 +1,18 @@
 name: Docker
+
 on:
   push:
-    branches: [ master, beta ]
-    # Publish semver tags as releases.
-    tags: [ 'v*.*.*' ]
+    branches:
+      - master
+      - develop
+    tags:
+      - 'v*.*.*'
+  workflow_dispatch:
+    inputs:
+      tag_suffix:
+        description: 'Tag suffix (e.g., latest, develop, or version like 1.0.0)'
+        required: true
+        default: 'latest'
 
 env:
   REGISTRY: ghcr.io
@@ -18,52 +27,55 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
+
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
         with:
           platforms: 'arm64,arm'
+
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
+        uses: docker/setup-buildx-action@v3
+
       - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
+
       - name: Extract Docker metadata
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           flavor: |
             latest=false
           tags: |
-            type=ref,enable=true,event=branch,suffix=-collector
-            type=semver,pattern=v{{major}}.{{minor}}.{{patch}},suffix=-collector
-            type=semver,pattern=v{{major}}.{{minor}},suffix=-collector
-            type=semver,pattern=v{{major}},suffix=-collector
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+            # Manual trigger
+            type=raw,value=${{ inputs.tag_suffix }}-collector,enable=${{ github.event_name == 'workflow_dispatch' }}
+            # Branch builds
+            type=raw,value=latest-collector,enable=${{ github.ref == 'refs/heads/master' && github.event_name != 'workflow_dispatch' }}
+            type=raw,value=develop-collector,enable=${{ github.ref == 'refs/heads/develop' && github.event_name != 'workflow_dispatch' }}
+            # Version tags
+            type=semver,pattern={{version}}-collector
+            type=semver,pattern={{major}}.{{minor}}-collector
+            type=semver,pattern={{major}}-collector,enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
 
-      # Build and push Docker image with Buildx (don't push on PR)
-      # https://github.com/docker/build-push-action
       - name: Build and push Docker image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           platforms: linux/amd64,linux/arm64,linux/arm/v7
           context: .
           file: docker/Dockerfile.collector
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-#          cache-from: type=gha
-#          cache-to: type=gha,mode=max
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
 
   web:
     runs-on: ubuntu-latest
@@ -73,51 +85,57 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
-      - name: "Populate frontend version information"
-        run: "cd webapp/frontend && ./git.version.sh"
+        uses: actions/checkout@v4
+
+      - name: Populate frontend version information
+        run: cd webapp/frontend && ./git.version.sh
+
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
         with:
           platforms: 'arm64,arm'
+
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
+        uses: docker/setup-buildx-action@v3
+
       - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
+
       - name: Extract Docker metadata
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           flavor: |
             latest=false
           tags: |
-            type=ref,enable=true,event=branch,suffix=-web
-            type=semver,pattern=v{{major}}.{{minor}}.{{patch}},suffix=-web
-            type=semver,pattern=v{{major}}.{{minor}},suffix=-web
-            type=semver,pattern=v{{major}},suffix=-web
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-      # Build and push Docker image with Buildx (don't push on PR)
-      # https://github.com/docker/build-push-action
+            # Manual trigger
+            type=raw,value=${{ inputs.tag_suffix }}-web,enable=${{ github.event_name == 'workflow_dispatch' }}
+            # Branch builds
+            type=raw,value=latest-web,enable=${{ github.ref == 'refs/heads/master' && github.event_name != 'workflow_dispatch' }}
+            type=raw,value=develop-web,enable=${{ github.ref == 'refs/heads/develop' && github.event_name != 'workflow_dispatch' }}
+            # Version tags
+            type=semver,pattern={{version}}-web
+            type=semver,pattern={{major}}.{{minor}}-web
+            type=semver,pattern={{major}}-web,enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
+
       - name: Build and push Docker image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           platforms: linux/amd64,linux/arm64,linux/arm/v7
           context: .
           file: docker/Dockerfile.web
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-#          cache-from: type=gha
-#          cache-to: type=gha,mode=max
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
   omnibus:
     runs-on: ubuntu-latest
     permissions:
@@ -126,46 +144,56 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
-      - name: "Populate frontend version information"
-        run: "cd webapp/frontend && ./git.version.sh"
+        uses: actions/checkout@v4
+
+      - name: Populate frontend version information
+        run: cd webapp/frontend && ./git.version.sh
+
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
         with:
           platforms: 'arm64,arm'
+
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
+        uses: docker/setup-buildx-action@v3
+
       - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
+
       - name: Extract Docker metadata
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
-          tags: |
-            type=ref,enable=true,event=branch,suffix=-omnibus
-            type=semver,pattern=v{{major}}.{{minor}}.{{patch}},suffix=-omnibus
-            type=semver,pattern=v{{major}}.{{minor}},suffix=-omnibus
-            type=semver,pattern=v{{major}},suffix=-omnibus
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-      # Build and push Docker image with Buildx (don't push on PR)
-      # https://github.com/docker/build-push-action
+          flavor: |
+            latest=false
+          tags: |
+            # Manual trigger
+            type=raw,value=${{ inputs.tag_suffix }}-omnibus,enable=${{ github.event_name == 'workflow_dispatch' }}
+            type=raw,value=${{ inputs.tag_suffix }},enable=${{ github.event_name == 'workflow_dispatch' && inputs.tag_suffix == 'latest' }}
+            # Branch builds
+            type=raw,value=latest-omnibus,enable=${{ github.ref == 'refs/heads/master' && github.event_name != 'workflow_dispatch' }}
+            type=raw,value=develop-omnibus,enable=${{ github.ref == 'refs/heads/develop' && github.event_name != 'workflow_dispatch' }}
+            # Version tags
+            type=semver,pattern={{version}}-omnibus
+            type=semver,pattern={{major}}.{{minor}}-omnibus
+            type=semver,pattern={{major}}-omnibus,enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
+            # Default latest tag (omnibus is the default)
+            type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' && github.event_name != 'workflow_dispatch' }}
+
       - name: Build and push Docker image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           platforms: linux/amd64,linux/arm64
           context: .
           file: docker/Dockerfile
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-#          cache-from: type=gha
-#          cache-to: type=gha,mode=max
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/docker-nightly.yaml

@@ -1,59 +1,82 @@
 name: Docker - Nightly
+
 on:
   schedule:
-    - cron: '36 12 * * *'
+    - cron: '0 4 * * *'
+  workflow_dispatch:
 
 env:
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository }}
 
 jobs:
-  omnibus:
+  nightly:
     runs-on: ubuntu-latest
     permissions:
       contents: read
       packages: write
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
-      - name: "Populate frontend version information"
-        run: "cd webapp/frontend && ./git.version.sh"
+        uses: actions/checkout@v4
+        with:
+          ref: develop
+
+      - name: Populate frontend version information
+        run: cd webapp/frontend && ./git.version.sh
+
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
         with:
           platforms: 'arm64,arm'
+
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      # Login against a Docker registry except on PR
-      # https://github.com/docker/login-action
+        uses: docker/setup-buildx-action@v3
+
       - name: Log into registry ${{ env.REGISTRY }}
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      # Extract metadata (tags, labels) for Docker
-      # https://github.com/docker/metadata-action
-      - name: Extract Docker metadata
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          tags: |
-            type=ref,enable=true,event=branch,suffix=-omnibus-nightly
-            type=ref,enable=true,event=tag,suffix=-omnibus-nightly
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
-      # Build and push Docker image with Buildx (don't push on PR)
-      # https://github.com/docker/build-push-action
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v3
+
+      - name: Get current date
+        id: date
+        run: echo "date=$(date +'%Y%m%d')" >> $GITHUB_OUTPUT
+
+      - name: Build and push nightly omnibus
+        uses: docker/build-push-action@v5
         with:
           platforms: linux/amd64,linux/arm64
           context: .
           file: docker/Dockerfile
-          push: false
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-#          cache-from: type=gha
-#          cache-to: type=gha,mode=max
+          push: true
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly-${{ steps.date.outputs.date }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Build and push nightly web
+        uses: docker/build-push-action@v5
+        with:
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          context: .
+          file: docker/Dockerfile.web
+          push: true
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly-web
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Build and push nightly collector
+        uses: docker/build-push-action@v5
+        with:
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          context: .
+          file: docker/Dockerfile.collector
+          push: true
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:nightly-collector
+          cache-from: type=gha
+          cache-to: type=gha,mode=max