Skip to content

Commit b5df7f3

Browse files
shekohexshekohex
authored
feat: add GitHub Actions workflow for auto-publishing Docker images to ghcr.io (#6)
Implement automated Docker image build and publish pipeline triggered on: - Push to main branch (when Dockerfile or workflow changes) - Manual workflow dispatch with layer/image selection Features: - Multi-layer build with dependencies (base -> intermediate -> infra) - Parallel matrix builds for efficiency - GitHub Actions cache support for faster builds - Image tagging with latest and commit SHA - Auto-push to ghcr.io registry Resolves #5
1 parent f919122 commit b5df7f3

File tree

1 file changed

+251
-0
lines changed

1 file changed

+251
-0
lines changed

.github/workflows/docker-publish.yml

Lines changed: 251 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,251 @@
1+
name: Build and Publish Docker Images
2+
3+
on:
4+
push:
5+
branches: [main]
6+
paths:
7+
- 'base/**'
8+
- 'intermediate/**'
9+
- 'infra/**'
10+
- '.github/workflows/docker-publish.yml'
11+
workflow_dispatch:
12+
inputs:
13+
layer:
14+
description: 'Layer to build (all builds everything)'
15+
default: 'all'
16+
type: choice
17+
options:
18+
- all
19+
- base
20+
- intermediate
21+
- infra
22+
image:
23+
description: 'Specific image name (optional, leave empty for all in layer)'
24+
required: false
25+
type: string
26+
27+
env:
28+
REGISTRY: ghcr.io
29+
IMAGE_PREFIX: ghcr.io/${{ github.repository_owner }}/devcontainers
30+
31+
jobs:
32+
build-base:
33+
if: github.event_name == 'push' || inputs.layer == 'all' || inputs.layer == 'base'
34+
runs-on: ubuntu-latest
35+
permissions:
36+
contents: read
37+
packages: write
38+
outputs:
39+
digest: ${{ steps.build.outputs.digest }}
40+
steps:
41+
- name: Checkout
42+
uses: actions/checkout@v4
43+
44+
- name: Set up Docker Buildx
45+
uses: docker/setup-buildx-action@v3
46+
47+
- name: Login to GitHub Container Registry
48+
uses: docker/login-action@v3
49+
with:
50+
registry: ${{ env.REGISTRY }}
51+
username: ${{ github.actor }}
52+
password: ${{ secrets.GITHUB_TOKEN }}
53+
54+
- name: Build and push base-system
55+
id: build
56+
uses: docker/build-push-action@v6
57+
with:
58+
context: .
59+
file: base/base-system.Dockerfile
60+
platforms: linux/amd64
61+
push: true
62+
tags: |
63+
${{ env.IMAGE_PREFIX }}/base-system:latest
64+
${{ env.IMAGE_PREFIX }}/base-system:${{ github.sha }}
65+
cache-from: type=gha,scope=base-system
66+
cache-to: type=gha,mode=max,scope=base-system
67+
68+
build-intermediate:
69+
if: github.event_name == 'push' || inputs.layer == 'all' || inputs.layer == 'intermediate'
70+
needs: build-base
71+
runs-on: ubuntu-latest
72+
permissions:
73+
contents: read
74+
packages: write
75+
strategy:
76+
fail-fast: false
77+
matrix:
78+
image: [rust, go]
79+
steps:
80+
- name: Checkout
81+
uses: actions/checkout@v4
82+
83+
- name: Set up Docker Buildx
84+
uses: docker/setup-buildx-action@v3
85+
86+
- name: Login to GitHub Container Registry
87+
uses: docker/login-action@v3
88+
with:
89+
registry: ${{ env.REGISTRY }}
90+
username: ${{ github.actor }}
91+
password: ${{ secrets.GITHUB_TOKEN }}
92+
93+
- name: Build and push ${{ matrix.image }}
94+
uses: docker/build-push-action@v6
95+
with:
96+
context: .
97+
file: intermediate/${{ matrix.image }}.Dockerfile
98+
platforms: linux/amd64
99+
push: true
100+
tags: |
101+
${{ env.IMAGE_PREFIX }}/${{ matrix.image }}:latest
102+
${{ env.IMAGE_PREFIX }}/${{ matrix.image }}:${{ github.sha }}
103+
cache-from: type=gha,scope=${{ matrix.image }}
104+
cache-to: type=gha,mode=max,scope=${{ matrix.image }}
105+
build-contexts: |
106+
base-system:latest=docker-image://${{ env.IMAGE_PREFIX }}/base-system:latest
107+
108+
build-infra-base:
109+
if: github.event_name == 'push' || inputs.layer == 'all' || inputs.layer == 'infra'
110+
needs: build-base
111+
runs-on: ubuntu-latest
112+
permissions:
113+
contents: read
114+
packages: write
115+
strategy:
116+
fail-fast: false
117+
matrix:
118+
image:
119+
- coinbase
120+
- coinbase_ethereum
121+
- coinbase_ethereum_solana
122+
- coinbase_polygon
123+
- convex
124+
- ethereum
125+
- hardhat
126+
- injective
127+
- mongodb
128+
- polygon
129+
- postgresql
130+
- universal
131+
- zksync
132+
steps:
133+
- name: Checkout
134+
uses: actions/checkout@v4
135+
136+
- name: Set up Docker Buildx
137+
uses: docker/setup-buildx-action@v3
138+
139+
- name: Login to GitHub Container Registry
140+
uses: docker/login-action@v3
141+
with:
142+
registry: ${{ env.REGISTRY }}
143+
username: ${{ github.actor }}
144+
password: ${{ secrets.GITHUB_TOKEN }}
145+
146+
- name: Build and push ${{ matrix.image }}
147+
uses: docker/build-push-action@v6
148+
with:
149+
context: .
150+
file: infra/${{ matrix.image }}.Dockerfile
151+
platforms: linux/amd64
152+
push: true
153+
tags: |
154+
${{ env.IMAGE_PREFIX }}/${{ matrix.image }}:latest
155+
${{ env.IMAGE_PREFIX }}/${{ matrix.image }}:${{ github.sha }}
156+
cache-from: type=gha,scope=${{ matrix.image }}
157+
cache-to: type=gha,mode=max,scope=${{ matrix.image }}
158+
build-contexts: |
159+
base-system:latest=docker-image://${{ env.IMAGE_PREFIX }}/base-system:latest
160+
161+
build-infra-rust:
162+
if: github.event_name == 'push' || inputs.layer == 'all' || inputs.layer == 'infra'
163+
needs: build-intermediate
164+
runs-on: ubuntu-latest
165+
permissions:
166+
contents: read
167+
packages: write
168+
strategy:
169+
fail-fast: false
170+
matrix:
171+
image:
172+
- aptos
173+
- brevis
174+
- foundry
175+
- reth
176+
- rindexer
177+
- risc0
178+
- solana
179+
- stylus
180+
- succinct
181+
- sui
182+
- tangle
183+
steps:
184+
- name: Checkout
185+
uses: actions/checkout@v4
186+
187+
- name: Set up Docker Buildx
188+
uses: docker/setup-buildx-action@v3
189+
190+
- name: Login to GitHub Container Registry
191+
uses: docker/login-action@v3
192+
with:
193+
registry: ${{ env.REGISTRY }}
194+
username: ${{ github.actor }}
195+
password: ${{ secrets.GITHUB_TOKEN }}
196+
197+
- name: Build and push ${{ matrix.image }}
198+
uses: docker/build-push-action@v6
199+
with:
200+
context: .
201+
file: infra/${{ matrix.image }}.Dockerfile
202+
platforms: linux/amd64
203+
push: true
204+
tags: |
205+
${{ env.IMAGE_PREFIX }}/${{ matrix.image }}:latest
206+
${{ env.IMAGE_PREFIX }}/${{ matrix.image }}:${{ github.sha }}
207+
cache-from: type=gha,scope=${{ matrix.image }}
208+
cache-to: type=gha,mode=max,scope=${{ matrix.image }}
209+
build-contexts: |
210+
rust:latest=docker-image://${{ env.IMAGE_PREFIX }}/rust:latest
211+
212+
build-infra-go:
213+
if: github.event_name == 'push' || inputs.layer == 'all' || inputs.layer == 'infra'
214+
needs: build-intermediate
215+
runs-on: ubuntu-latest
216+
permissions:
217+
contents: read
218+
packages: write
219+
strategy:
220+
fail-fast: false
221+
matrix:
222+
image:
223+
- cosmos
224+
steps:
225+
- name: Checkout
226+
uses: actions/checkout@v4
227+
228+
- name: Set up Docker Buildx
229+
uses: docker/setup-buildx-action@v3
230+
231+
- name: Login to GitHub Container Registry
232+
uses: docker/login-action@v3
233+
with:
234+
registry: ${{ env.REGISTRY }}
235+
username: ${{ github.actor }}
236+
password: ${{ secrets.GITHUB_TOKEN }}
237+
238+
- name: Build and push ${{ matrix.image }}
239+
uses: docker/build-push-action@v6
240+
with:
241+
context: .
242+
file: infra/${{ matrix.image }}.Dockerfile
243+
platforms: linux/amd64
244+
push: true
245+
tags: |
246+
${{ env.IMAGE_PREFIX }}/${{ matrix.image }}:latest
247+
${{ env.IMAGE_PREFIX }}/${{ matrix.image }}:${{ github.sha }}
248+
cache-from: type=gha,scope=${{ matrix.image }}
249+
cache-to: type=gha,mode=max,scope=${{ matrix.image }}
250+
build-contexts: |
251+
go:latest=docker-image://${{ env.IMAGE_PREFIX }}/go:latest

0 commit comments

Comments
 (0)