@@ -20,136 +20,133 @@ env:
2020
2121jobs :
2222 test_docker :
23- name : Check Docker build
24- runs-on : ubuntu-latest
25- steps :
26- - name : Checkout the repository
27- uses : actions/checkout@v4
23+ name : Check Docker build
24+ runs-on : ubuntu-latest
25+ steps :
26+ - name : Checkout the repository
27+ uses : actions/checkout@v4
2828
29- - name : Set up Docker Buildx
30- uses : docker/setup-buildx-action@v3
29+ - name : Set up Docker Buildx
30+ uses : docker/setup-buildx-action@v3
3131
32- - name : Set up node & dependencies
33- uses : actions/setup-node@v4
34- with :
35- node-version : 20
36- cache : " npm"
37-
38- - run : npm ci
39-
40- - name : Run the TypeScript build
41- run : npx tsc
42-
43- - name : Create server-package.json
44- run : cat package.json | grep -v electron > server-package.json
32+ - name : Set up node & dependencies
33+ uses : actions/setup-node@v4
34+ with :
35+ node-version : 20
36+ cache : " npm"
37+
38+ - run : npm ci
39+
40+ - name : Run the TypeScript build
41+ run : npx tsc
42+
43+ - name : Create server-package.json
44+ run : cat package.json | grep -v electron > server-package.json
4545
46- - name : Build and export to Docker
47- uses : docker/build-push-action@v6
48- with :
49- context : .
50- load : true
51- tags : ${{ env.TEST_TAG }}
52- cache-from : type=gha
53- cache-to : type=gha,mode=max
46+ - name : Build and export to Docker
47+ uses : docker/build-push-action@v6
48+ with :
49+ context : .
50+ load : true
51+ tags : ${{ env.TEST_TAG }}
52+ cache-from : type=gha
53+ cache-to : type=gha,mode=max
5454
55- - name : Run the container in the background
56- run : docker run -d --rm --name trilium_local ${{ env.TEST_TAG }}
55+ - name : Run the container in the background
56+ run : docker run -d --rm --name trilium_local ${{ env.TEST_TAG }}
5757
58- - name : Wait for the healthchecks to pass
59- uses : stringbean/docker-healthcheck-action@v1
60- with :
61- container : trilium_local
62- wait-time : 50
63- require-status : running
64- require-healthy : true
58+ - name : Wait for the healthchecks to pass
59+ uses : stringbean/docker-healthcheck-action@v1
60+ with :
61+ container : trilium_local
62+ wait-time : 50
63+ require-status : running
64+ require-healthy : true
6565
6666 build_docker :
67- name : Build Docker images
68- runs-on : ubuntu-latest
69- needs :
70- - test_docker
71- permissions :
72- contents : read
73- packages : write
74- attestations : write
75- id-token : write
76- strategy :
77- matrix :
78- architecture : [linux/amd64, linux/arm64, linux/arm/v7, linux/arm64/v8]
79- steps :
80- - uses : actions/checkout@v4
81- - name : Extract metadata (tags, labels) for GHCR image
82- id : ghcr-meta
83- uses : docker/metadata-action@v4
84- with :
85- images : ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}
86- tags : |
87- type=ref,event=branch
88- type=ref,event=tag
89- type=sha
90- name : Extract metadata (tags, labels) for DockerHub image
91- id : dh-meta
92- uses : docker/metadata-action@v4
93- with :
94- images : ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}
95- tags : |
96- type=ref,event=branch
97- type=ref,event=tag
98- type=sha
99- name : Set up node & dependencies
100- uses : actions/setup-node@v4
101- with :
102- node-version : 20
103- cache : " npm"
104- - run : npm ci
105- - name : Run the TypeScript build
106- run : npx tsc
107- - name : Create server-package.json
108- run : cat package.json | grep -v electron > server-package.json
109- - name : Log in to the GHCR container registry
110- uses : docker/login-action@v2
111- with :
112- registry : ${{ env.GHCR_REGISTRY }}
113- username : ${{ github.actor }}
114- password : ${{ secrets.GITHUB_TOKEN }}
115- - uses : docker/setup-buildx-action@v3
116- - name : Build and push container image to GHCR
117- uses : docker/build-push-action@v6
118- id : ghcr-push
119- with :
120- context : .
121- platforms : ${{ matrix.architecture }}
122- push : true
123- tags : ${{ steps.ghcr-meta.outputs.tags }}
124- labels : ${{ steps.ghcr-meta.outputs.labels }}
125- cache-from : type=gha
126- cache-to : type=gha,mode=max
127- - name : Generate and push artifact attestation to GHCR
128- uses : actions/attest-build-provenance@v1
129- with :
130- subject-name : ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME}}
131- subject-digest : ${{ steps.ghcr-push.outputs.digest }}
132- push-to-registry : true
133- - name : Log in to the DockerHub container registry
134- uses : docker/login-action@v2
135- with :
136- registry : ${{ env.DOCKERHUB_REGISTRY }}
137- username : ${{ secrets.DOCKERHUB_USERNAME }}
138- password : ${{ secrets.DOCKERHUB_TOKEN }}
139- - name : Build and push image to DockerHub
140- uses : docker/build-push-action@v6
141- id : dh-push
142- with :
143- context : .
144- platforms : ${{ matrix.architecture }}
145- push : true
146- tags : ${{ steps.dh-meta.outputs.tags }}
147- labels : ${{ steps.dh-meta.outputs.labels }}
148- cache-from : type=gha
149- cache-to : type=gha,mode=max
150- - name : Generate and push artifact attestation to DockerHub
151- uses : actions/attest-build-provenance@v1
152- with :
153- subject-name : ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME}}
154- subject-digest : ${{ steps.dh-push.outputs.digest }}
155- push-to-registry : true
67+ name : Build Docker images
68+ runs-on : ubuntu-latest
69+ needs :
70+ - test_docker
71+ permissions :
72+ contents : read
73+ packages : write
74+ attestations : write
75+ id-token : write
76+ steps :
77+ - uses : actions/checkout@v4
78+ - name : Extract metadata (tags, labels) for GHCR image
79+ id : ghcr-meta
80+ uses : docker/metadata-action@v4
81+ with :
82+ images : ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}
83+ tags : |
84+ type=ref,event=branch
85+ type=ref,event=tag
86+ type=sha
87+ name : Extract metadata (tags, labels) for DockerHub image
88+ id : dh-meta
89+ uses : docker/metadata-action@v4
90+ with :
91+ images : ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME }}
92+ tags : |
93+ type=ref,event=branch
94+ type=ref,event=tag
95+ type=sha
96+ name : Set up node & dependencies
97+ uses : actions/setup-node@v4
98+ with :
99+ node-version : 20
100+ cache : " npm"
101+ - run : npm ci
102+ - name : Run the TypeScript build
103+ run : npx tsc
104+ - name : Create server-package.json
105+ run : cat package.json | grep -v electron > server-package.json
106+ - name : Log in to the GHCR container registry
107+ uses : docker/login-action@v2
108+ with :
109+ registry : ${{ env.GHCR_REGISTRY }}
110+ username : ${{ github.actor }}
111+ password : ${{ secrets.GITHUB_TOKEN }}
112+ - uses : docker/setup-buildx-action@v3
113+ - name : Build and push container image to GHCR
114+ uses : docker/build-push-action@v6
115+ id : ghcr-push
116+ with :
117+ context : .
118+ platforms : ${{ env.PLATFORMS }}
119+ push : true
120+ tags : ${{ steps.ghcr-meta.outputs.tags }}
121+ labels : ${{ steps.ghcr-meta.outputs.labels }}
122+ cache-from : type=gha
123+ cache-to : type=gha,mode=max
124+ - name : Generate and push artifact attestation to GHCR
125+ uses : actions/attest-build-provenance@v1
126+ with :
127+ subject-name : ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME}}
128+ subject-digest : ${{ steps.ghcr-push.outputs.digest }}
129+ push-to-registry : true
130+ - name : Log in to the DockerHub container registry
131+ uses : docker/login-action@v2
132+ with :
133+ registry : ${{ env.DOCKERHUB_REGISTRY }}
134+ username : ${{ secrets.DOCKERHUB_USERNAME }}
135+ password : ${{ secrets.DOCKERHUB_TOKEN }}
136+ - name : Build and push image to DockerHub
137+ uses : docker/build-push-action@v6
138+ id : dh-push
139+ with :
140+ context : .
141+ platforms : ${{ env.PLATFORMS }}
142+ push : true
143+ tags : ${{ steps.dh-meta.outputs.tags }}
144+ labels : ${{ steps.dh-meta.outputs.labels }}
145+ cache-from : type=gha
146+ cache-to : type=gha,mode=max
147+ - name : Generate and push artifact attestation to DockerHub
148+ uses : actions/attest-build-provenance@v1
149+ with :
150+ subject-name : ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME}}
151+ subject-digest : ${{ steps.dh-push.outputs.digest }}
152+ push-to-registry : true
0 commit comments