Docker Build #30
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Build | |
| on: | |
| push: | |
| branches: [main] | |
| tags: ["v*"] | |
| workflow_dispatch: | |
| inputs: | |
| force_build: | |
| description: "Force build all images" | |
| required: false | |
| default: "false" | |
| type: boolean | |
| concurrency: | |
| group: docker-build-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_PREFIX: allsource | |
| jobs: | |
| changes: | |
| name: Detect Changes | |
| runs-on: ubuntu-latest | |
| outputs: | |
| core: ${{ steps.filter.outputs.core }} | |
| control-plane: ${{ steps.filter.outputs.control-plane }} | |
| query-service: ${{ steps.filter.outputs.query-service }} | |
| mcp-server: ${{ steps.filter.outputs.mcp-server }} | |
| matrix: ${{ steps.matrix.outputs.matrix }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dorny/paths-filter@v3 | |
| id: filter | |
| with: | |
| filters: | | |
| core: | |
| - 'apps/core/**' | |
| control-plane: | |
| - 'apps/control-plane/**' | |
| query-service: | |
| - 'apps/query-service/**' | |
| mcp-server: | |
| - 'apps/mcp-server-elixir/**' | |
| - name: Build matrix | |
| id: matrix | |
| run: | | |
| MATRIX='{"include":[' | |
| FIRST=true | |
| add_service() { | |
| local name=$1 | |
| local context=$2 | |
| local changed=$3 | |
| if [ "$changed" == "true" ] || [ "${{ startsWith(github.ref, 'refs/tags/v') }}" == "true" ] || [ "${{ github.event.inputs.force_build }}" == "true" ]; then | |
| if [ "$FIRST" != "true" ]; then | |
| MATRIX="$MATRIX," | |
| fi | |
| MATRIX="$MATRIX{\"name\":\"$name\",\"context\":\"$context\"}" | |
| FIRST=false | |
| fi | |
| } | |
| add_service "core" "apps/core" "${{ steps.filter.outputs.core }}" | |
| add_service "control-plane" "apps/control-plane" "${{ steps.filter.outputs.control-plane }}" | |
| add_service "query-service" "apps/query-service" "${{ steps.filter.outputs.query-service }}" | |
| add_service "mcp-server" "apps/mcp-server-elixir" "${{ steps.filter.outputs.mcp-server }}" | |
| MATRIX="$MATRIX]}" | |
| echo "matrix=$MATRIX" >> $GITHUB_OUTPUT | |
| echo "Build Matrix: $MATRIX" | |
| build: | |
| name: Build ${{ matrix.name }} | |
| needs: changes | |
| if: needs.changes.outputs.matrix != '{"include":[]}' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| attestations: write | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJson(needs.changes.outputs.matrix) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_PREFIX }}-${{ matrix.name }} | |
| tags: | | |
| type=ref,event=branch | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=semver,pattern={{major}} | |
| type=sha,prefix=sha- | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| - name: Build and push | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ${{ matrix.context }} | |
| platforms: linux/amd64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_PREFIX }}-${{ matrix.name }}:buildcache | |
| cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_PREFIX }}-${{ matrix.name }}:buildcache,mode=max | |
| provenance: true | |
| sbom: true | |
| build-args: | | |
| BUILDTIME=${{ github.event.repository.updated_at }} | |
| VERSION=${{ github.ref_name }} | |
| REVISION=${{ github.sha }} | |
| - name: Generate attestation | |
| uses: actions/attest-build-provenance@v2 | |
| with: | |
| subject-name: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_PREFIX }}-${{ matrix.name }} | |
| subject-digest: ${{ steps.build.outputs.digest }} | |
| push-to-registry: true | |
| summary: | |
| name: Summary | |
| runs-on: ubuntu-latest | |
| needs: [changes, build] | |
| if: always() | |
| steps: | |
| - name: Generate summary | |
| run: | | |
| echo "## Docker Build Summary" >> "$GITHUB_STEP_SUMMARY" | |
| echo "" >> "$GITHUB_STEP_SUMMARY" | |
| echo "| Service | Status |" >> "$GITHUB_STEP_SUMMARY" | |
| echo "|---------|--------|" >> "$GITHUB_STEP_SUMMARY" | |
| if [ "${{ needs.build.result }}" == "success" ]; then | |
| echo "| Build | ✅ Published |" >> "$GITHUB_STEP_SUMMARY" | |
| elif [ "${{ needs.build.result }}" == "skipped" ]; then | |
| echo "| Build | ⏭️ Skipped (no changes) |" >> "$GITHUB_STEP_SUMMARY" | |
| else | |
| echo "| Build | ❌ Failed |" >> "$GITHUB_STEP_SUMMARY" | |
| fi | |
| echo "" >> "$GITHUB_STEP_SUMMARY" | |
| echo "**Platform:** linux/amd64" >> "$GITHUB_STEP_SUMMARY" | |
| echo "" >> "$GITHUB_STEP_SUMMARY" | |
| echo "**Images:**" >> "$GITHUB_STEP_SUMMARY" | |
| echo '```' >> "$GITHUB_STEP_SUMMARY" | |
| echo "ghcr.io/${{ github.repository_owner }}/allsource-core" >> "$GITHUB_STEP_SUMMARY" | |
| echo "ghcr.io/${{ github.repository_owner }}/allsource-control-plane" >> "$GITHUB_STEP_SUMMARY" | |
| echo "ghcr.io/${{ github.repository_owner }}/allsource-query-service" >> "$GITHUB_STEP_SUMMARY" | |
| echo "ghcr.io/${{ github.repository_owner }}/allsource-mcp-server" >> "$GITHUB_STEP_SUMMARY" | |
| echo '```' >> "$GITHUB_STEP_SUMMARY" |