Merge pull request #25 from cloudstruct/ci/more-container-tags

wolf31o2 · web-flow · commit 4b9d4f2b7c0c · 2022-09-14T14:49:58.000-04:00
ci: update container tagging
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -3,16 +3,17 @@ name: publish
 on:
   push:
     branches: ['main']
+    tags: ['v*.*.*']
   release:
     types: ['published']
 
 concurrency: ${{ github.ref }}
 
 env:
-  REGISTRY: ghcr.io
   IMAGE_NAME: cloudstruct/cardano-node
 
 jobs:
+
   build-amd64:
     runs-on: ubuntu-latest
     permissions:
@@ -21,32 +22,56 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - uses: docker/setup-buildx-action@v1
-      - name: login
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: cloudstruct
+          password: ${{ secrets.DOCKER_PASSWORD }} # uses token
+      - name: Login to GHCR
         uses: docker/login-action@v1
         with:
-          registry: ${{ env.REGISTRY }}
+          registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - uses: actions/cache@v3
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-${{ runner.arch }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-${{ runner.arch }}-buildx-
       - id: meta
         uses: docker/metadata-action@v3
         with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          images: |
+            ${{ env.IMAGE_NAME }}
+            ghcr.io/${{ env.IMAGE_NAME }}
           flavor: |
             latest=false
+            suffix=-amd64
           tags: |
-            type=schedule,suffix=-amd64
-            type=ref,event=branch,suffix=-amd64
-            type=ref,event=tag,suffix=-amd64
-            type=ref,event=pr,suffix=-amd64
+            # full tag minus v
+            type=match,pattern=v(.*),group=1
+            # branch
+            type=ref,event=branch
+            # semver
+            type=semver,pattern={{version}}
       - name: push
         uses: docker/build-push-action@v2
         with:
           context: .
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+      # TEMP fix
+      # https://github.com/docker/build-push-action/issues/252
+      # https://github.com/moby/buildkit/issues/1896
+      - name: cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
   build-arm64:
     runs-on: self-hosted
     permissions:
@@ -55,32 +80,56 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - uses: docker/setup-buildx-action@v1
-      - name: login
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: cloudstruct
+          password: ${{ secrets.DOCKER_PASSWORD }} # uses token
+      - name: Login to GHCR
         uses: docker/login-action@v1
         with:
-          registry: ${{ env.REGISTRY }}
+          registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+      - uses: actions/cache@v3
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-${{ runner.arch }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-${{ runner.arch }}-buildx-
       - id: meta
         uses: docker/metadata-action@v3
         with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          images: |
+            ${{ env.IMAGE_NAME }}
+            ghcr.io/${{ env.IMAGE_NAME }}
           flavor: |
             latest=false
+            suffix=-arm64v8
           tags: |
-            type=schedule,suffix=-arm64v8
-            type=ref,event=branch,suffix=-arm64v8
-            type=ref,event=tag,suffix=-arm64v8
-            type=ref,event=pr,suffix=-arm64v8
+            # full tag minus v
+            type=match,pattern=v(.*),group=1
+            # branch
+            type=ref,event=branch
+            # semver
+            type=semver,pattern={{version}}
       - name: push
         uses: docker/build-push-action@v2
         with:
           context: .
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+      # TEMP fix
+      # https://github.com/docker/build-push-action/issues/252
+      # https://github.com/moby/buildkit/issues/1896
+      - name: cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
   multi-arch-manifest:
     runs-on: ubuntu-latest
     needs: [build-amd64, build-arm64]
@@ -90,22 +139,97 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - uses: docker/setup-buildx-action@v1
-      - name: login
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: cloudstruct
+          password: ${{ secrets.DOCKER_PASSWORD }} # uses token
+      - name: Login to GHCR
         uses: docker/login-action@v1
         with:
-          registry: ${{ env.REGISTRY }}
+          registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - id: meta
+      - id: meta-dockerhub
         uses: docker/metadata-action@v3
         with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          images: ${{ env.IMAGE_NAME }}
           flavor: |
             latest=false
           tags: |
+            # branch
             type=ref,event=branch
-            type=ref,event=tag
-      - name: manifest
-        run: docker manifest create ${{ steps.meta.outputs.tags }} --amend ${{ steps.meta.outputs.tags }}-amd64 --amend ${{ steps.meta.outputs.tags }}-arm64v8
-      - name: push
-        run: docker manifest push ${{ steps.meta.outputs.tags }}
+            # semver
+            type=semver,pattern={{version}}
+      - id: meta-dockerhub-tag
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            ${{ env.IMAGE_NAME }}
+          flavor: |
+            latest=false
+          tags: |
+            # full tag minus v
+            type=match,pattern=v(.*),group=1
+      - id: meta-ghcr
+        uses: docker/metadata-action@v3
+        with:
+          images: ghcr.io/${{ env.IMAGE_NAME }}
+          flavor: |
+            latest=false
+          tags: |
+            # branch
+            type=ref,event=branch
+            # semver
+            type=semver,pattern={{version}}
+      - id: meta-ghcr-tag
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            ${{ env.IMAGE_NAME }}
+          flavor: |
+            latest=false
+          tags: |
+            # full tag minus v
+            type=match,pattern=v(.*),group=1
+      # Manifest for either branch or semver
+      - name: manifest-dockerhub
+        run: docker manifest create ${{ steps.meta-dockerhub.outputs.tags }} --amend ${{ steps.meta-dockerhub.outputs.tags }}-amd64 --amend ${{ steps.meta-dockerhub.outputs.tags }}-arm64v8
+      - name: manifest-ghcr
+        run: docker manifest create ${{ steps.meta-ghcr.outputs.tags }} --amend ${{ steps.meta-ghcr.outputs.tags }}-amd64 --amend ${{ steps.meta-ghcr.outputs.tags }}-arm64v8
+      # Manifest for latest
+      - name: manifest-dockerhub-latest
+        run: docker manifest create ${{ env.IMAGE_NAME }}:latest --amend ${{ steps.meta-dockerhub.outputs.tags }}-amd64 --amend ${{ steps.meta-dockerhub.outputs.tags }}-arm64v8
+      - name: manifest-ghcr-latest
+        run: docker manifest create ghcr.io/${{ env.IMAGE_NAME }}:latest --amend ${{ steps.meta-ghcr.outputs.tags }}-amd64 --amend ${{ steps.meta-ghcr.outputs.tags }}-arm64v8
+      # Optional manifest for tag versions (includes revisions)
+      - name: manifest-dockerhub-tags
+        run: docker manifest create ${{ steps.meta-dockerhub-tags.outputs.tags }} --amend ${{ steps.meta-dockerhub-tags.outputs.tags }}-amd64 --amend ${{ steps.meta-dockerhub-tags.outputs.tags }}-arm64v8
+        if: startsWith(github.ref, 'refs/tags/')
+      - name: manifest-ghcr-tags
+        run: docker manifest create ${{ steps.meta-ghcr-tags.outputs.tags }} --amend ${{ steps.meta-ghcr-tags.outputs.tags }}-amd64 --amend ${{ steps.meta-ghcr-tags.outputs.tags }}-arm64v8
+        if: startsWith(github.ref, 'refs/tags/')
+      # Push various manifests
+      - name: push-dockerhub
+        run: docker manifest push ${{ steps.meta-dockerhub.outputs.tags }}
+      - name: push-ghcr
+        run: docker manifest push ${{ steps.meta-ghcr.outputs.tags }}
+      - name: push-dockerhub-latest
+        run: docker manifest push ${{ env.IMAGE_NAME }}:latest
+      - name: push-ghcr-latest
+        run: docker manifest push ghcr.io/${{ env.IMAGE_NAME }}:latest
+      - name: push-dockerhub-tags
+        run: docker manifest push ${{ steps.meta-dockerhub-tags.outputs.tags }}
+        if: startsWith(github.ref, 'refs/tags/')
+      - name: push-ghcr-tags
+        run: docker manifest push ${{ steps.meta-ghcr-tags.outputs.tags }}
+        if: startsWith(github.ref, 'refs/tags/')
+      # Update Docker Hub from README
+      - name: Docker Hub Description
+        uses: peter-evans/dockerhub-description@v3
+        with:
+          username: cloudstruct
+          password: ${{ secrets.DOCKER_PASSWORD }}
+          repository: ${{ env.IMAGE_NAME }}
+          readme-filepath: ./README.md
+          short-description: "Cardano Node built from source on Debian"
