@@ -11,152 +11,115 @@ on:
1111 branches :
1212 - " main"
1313jobs :
14- build :
14+ build-base :
1515 strategy :
1616 fail-fast : false
1717 matrix :
1818 image :
1919 - name : ubuntu
2020 context : images/base
21- dockerfile : ubuntu.Dockerfile
21+ - name : minimal
22+ context : images/minimal
23+ platform :
24+ - runner : ubuntu-latest
25+ arch : amd64
26+ - runner : ubuntu-24.04-arm
27+ arch : arm64
28+ runs-on : ${{ matrix.platform.runner }}
29+ steps :
30+ - name : Checkout
31+ uses : actions/checkout@v4
32+ with :
33+ repository : coder/images
34+ submodules : recursive
35+ - name : Build and push with Kaniko
36+ uses : aevea/action-kaniko@master
37+ with :
38+ image : ${{ github.repository }}/code
39+ tags : latest-${{ matrix.platform.arch }},${{ github.sha }}-${{ matrix.platform.arch }}
40+ path : ${{ matrix.image.context }}
41+ build_file : ubuntu.Dockerfile
42+ registry : ghcr.io
43+ username : ${{ github.actor }}
44+ password : ${{ secrets.GITHUB_TOKEN }}
45+ cache : true
46+ cache_registry : ${{ matrix.image.name }}/cache
47+ extra_args : >-
48+ --snapshot-mode=redo --use-new-run --cache-run-layers --cache-copy-layers --cache-ttl=168h --compressed-caching=false --cleanup
49+ kaniko_image : martizih/kaniko:latest
50+ build-derived :
51+ needs : build-base
52+ strategy :
53+ fail-fast : false
54+ matrix :
55+ image :
2256 - name : desktop
2357 context : images/desktop
24- dockerfile : ubuntu.Dockerfile
2558 - name : golang
2659 context : images/golang
27- dockerfile : ubuntu.Dockerfile
2860 - name : java
2961 context : images/java
30- dockerfile : ubuntu.Dockerfile
31- - name : minimal
32- context : images/minimal
33- dockerfile : ubuntu.Dockerfile
3462 - name : node
3563 context : images/node
36- dockerfile : ubuntu.Dockerfile
3764 platform :
3865 - runner : ubuntu-latest
39- arch : linux/ amd64
66+ arch : amd64
4067 - runner : ubuntu-24.04-arm
41- arch : linux/ arm64
68+ arch : arm64
4269 runs-on : ${{ matrix.platform.runner }}
4370 steps :
44- - name : Set variables useful for later
45- id : useful_vars
46- run : |
47- echo "timestamp=$(date +%s)" >> $GITHUB_OUTPUT
48- echo "short_sha=${GITHUB_SHA::8}" >> $GITHUB_OUTPUT
4971 - name : Checkout
5072 uses : actions/checkout@v4
5173 with :
5274 repository : coder/images
5375 submodules : recursive
54- - name : Docker meta
55- id : docker_meta
56- uses : docker/metadata-action@v5
57- with :
58- images : ghcr.io/${{ github.repository }}/code/${{ matrix.image.name }}
59- tags : |
60- type=schedule
61- type=ref,event=branch
62- type=ref,event=pr
63- type=semver,pattern={{version}}
64- type=semver,pattern={{major}}.{{minor}}
65- type=semver,pattern={{major}}
66- type=sha,prefix=,format=long,event=tag
67- type=sha
68- type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
69- type=raw,value=${{ github.ref_name }}-${{ steps.useful_vars.outputs.short_sha }}-${{ steps.useful_vars.outputs.timestamp }},enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
70- flavor : |
71- suffix=-${{ matrix.platform.arch == 'linux/amd64' && 'amd64' || 'arm64' }}
72- name : Set up Docker Buildx
73- uses : docker/setup-buildx-action@v3
74- - name : Login to GHCR
75- if : github.event_name != 'pull_request'
76- uses : docker/login-action@v3
76+ - name : Replace base image references
77+ run : |
78+ DOCKERFILE="${{ matrix.image.context }}/ubuntu.Dockerfile"
79+ sed -i 's|codercom/enterprise-base:ubuntu|ghcr.io/${{ github.repository }}/ubuntu:latest|g' "$DOCKERFILE"
80+ sed -i 's|codercom/enterprise-minimal:latest|ghcr.io/${{ github.repository }}/minimal:latest|g' "$DOCKERFILE"
81+ name : Build and push with Kaniko
82+ uses : aevea/action-kaniko@master
7783 with :
84+ image : ${{ matrix.image.name }}
85+ path : ${{ matrix.image.context }}
86+ build_file : ubuntu.Dockerfile
7887 registry : ghcr.io
79- username : ${{ github.repository_owner }}
88+ username : ${{ github.actor }}
8089 password : ${{ secrets.GITHUB_TOKEN }}
81- - name : Cache Docker layers
82- uses : actions/cache@v4
83- with :
84- path : /tmp/.buildx-cache
85- key : ${{ runner.os }}-${{ matrix.image.name }}-${{ matrix.platform.arch }}-buildx-${{ github.sha }}
86- restore-keys : |
87- ${{ runner.os }}-${{ matrix.image.name }}-${{ matrix.platform.arch }}-buildx-
88- name : Build and push
89- uses : docker/build-push-action@v6
90- with :
91- context : ${{ matrix.image.context }}
92- file : ${{ matrix.image.context }}/${{ matrix.image.dockerfile }}
93- push : ${{ github.event_name != 'pull_request' }}
94- tags : ${{ steps.docker_meta.outputs.tags }}
95- labels : ${{ steps.docker_meta.outputs.labels }}
96- platforms : ${{ matrix.platform.arch }}
97- cache-from : type=local,src=/tmp/.buildx-cache
98- cache-to : type=local,dest=/tmp/.buildx-cache,mode=max
99- # Create multi-arch manifests after all platform builds complete
90+ cache : true
91+ cache_registry : ${{ matrix.image.name }}/cache
92+ extra_args : >-
93+ --snapshot-mode=redo --use-new-run --cache-run-layers --cache-copy-layers --cache-ttl=168h --compressed-caching=false --cleanup
94+ kaniko_image : martizih/kaniko:latest
10095 manifest :
101- needs : build
96+ needs : [ build-base, build-derived]
10297 if : github.event_name != 'pull_request'
10398 runs-on : ubuntu-latest
10499 strategy :
105100 fail-fast : false
106101 matrix :
107- image :
108- - ubuntu
109- - desktop
110- - golang
111- - java
112- - minimal
113- - node
102+ image : [ubuntu, minimal, desktop, golang, java, node]
114103 steps :
115- - name : Set variables useful for later
116- id : useful_vars
117- run : |
118- echo "timestamp=$(date +%s)" >> $GITHUB_OUTPUT
119- echo "short_sha=${GITHUB_SHA::8}" >> $GITHUB_OUTPUT
104+ - name : Setup crane
105+ uses : imjasonh/setup-crane@v0.4
120106 - name : Login to GHCR
121- uses : docker/login-action@v3
122- with :
123- registry : ghcr.io
124- username : ${{ github.repository_owner }}
125- password : ${{ secrets.GITHUB_TOKEN }}
126- - name : Docker meta
127- id : docker_meta
128- uses : docker/metadata-action@v5
129- with :
130- images : ghcr.io/${{ github.repository }}/code/${{ matrix.image }}
131- tags : |
132- type=schedule
133- type=ref,event=branch
134- type=ref,event=pr
135- type=semver,pattern={{version}}
136- type=semver,pattern={{major}}.{{minor}}
137- type=semver,pattern={{major}}
138- type=sha,prefix=,format=long,event=tag
139- type=sha
140- type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
141- type=raw,value=${{ github.ref_name }}-${{ steps.useful_vars.outputs.short_sha }}-${{ steps.useful_vars.outputs.timestamp }},enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
107+ run : crane auth login ghcr.io -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }}
142108 - name : Create and push manifest
143109 run : |-
144- TAGS="${{ steps.docker_meta.outputs.tags }}"
145- IMAGE_BASE="ghcr.io/${{ github.repository }}/code/${{ matrix.image }}"
146-
147- for TAG in $TAGS; do
148- # Extract just the tag portion after the colon
149- TAG_NAME="${TAG##*:}"
110+ IMAGE="ghcr.io/${{ github.repository }}/${{ matrix.image }}"
150111
151- docker manifest create "${IMAGE_BASE}:${TAG_NAME}" \
152- "${IMAGE_BASE}:${TAG_NAME}-amd64" \
153- "${IMAGE_BASE}:${TAG_NAME}-arm64"
154-
155- docker manifest annotate "${IMAGE_BASE}:${TAG_NAME}" \
156- "${IMAGE_BASE}:${TAG_NAME}-amd64" --arch amd64
157-
158- docker manifest annotate "${IMAGE_BASE}:${TAG_NAME}" \
159- "${IMAGE_BASE}:${TAG_NAME}-arm64" --arch arm64
160-
161- docker manifest push "${IMAGE_BASE}:${TAG_NAME}"
112+ for TAG in latest ${{ github.sha }}; do
113+ crane index append \
114+ --tag "${IMAGE}:${TAG}" \
115+ --manifest "${IMAGE}:${TAG}-amd64" \
116+ --manifest "${IMAGE}:${TAG}-arm64"
162117 done
118+
119+ if [[ "${{ github.ref }}" == refs/tags/v* ]]; then
120+ VERSION="${{ github.ref_name }}"
121+ crane index append \
122+ --tag "${IMAGE}:${VERSION}" \
123+ --manifest "${IMAGE}:${VERSION}-amd64" \
124+ --manifest "${IMAGE}:${VERSION}-arm64"
125+ fi
0 commit comments