Publish images to Ghcr #61
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish images to Ghcr | |
| on: | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: nilchaind | |
| permissions: | |
| contents: read | |
| packages: write # Required to push to GHCR | |
| jobs: | |
| # Job 1: Build architecture-specific images in parallel | |
| build-and-push-arch: | |
| runs-on: ${{ matrix.runner }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - arch: amd64 | |
| platform: linux/amd64 | |
| runner: ubuntu-latest | |
| - arch: arm64 | |
| platform: linux/arm64 | |
| runner: ubuntu-24.04-arm | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Extract base tag for Docker | |
| id: meta_tag | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/NillionNetwork/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| flavor: | | |
| latest=false | |
| - name: Build and push arch-specific image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| platforms: ${{ matrix.platform }} | |
| push: true | |
| # Create a temporary, arch-specific tag (e.g., ghcr.io/.../nilchaind:main-amd64) | |
| tags: ${{ env.IMAGE_PATH }}:${{ github.sha }}-${{ matrix.arch }} | |
| build-args: | | |
| VERSION=${{ steps.meta_tag.outputs.version }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| # Job 2: Create and push the final multi-arch manifest | |
| create-and-push-manifest: | |
| runs-on: ubuntu-latest | |
| needs: build-and-push-arch | |
| steps: | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract final tags for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/NillionNetwork/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| flavor: | | |
| latest=false | |
| - name: Create and push multi-arch manifest | |
| run: | | |
| for tag in ${{ steps.meta.outputs.tags }}; do | |
| echo "Creating manifest for user-facing tag: $tag" | |
| docker manifest create "$tag" \ | |
| "${{ env.IMAGE_PATH }}:${{ github.sha }}-amd64" \ | |
| "${{ env.IMAGE_PATH }}:${{ github.sha }}-arm64" | |
| docker manifest push "$tag" | |
| done |