centreon · Tpo76 · Apr 6, 2026 · Apr 14, 2026 · Apr 14, 2026 · Apr 27, 2026
@@ -0,0 +1,166 @@
+name: Centreon - Publish Docker Images to Harbor
+
+# This workflow is Centreon-specific and separate from the upstream publish_docker_images.yml.
+# It publishes multi-arch images (amd64 + arm64) to Centreon's internal Harbor registry.
+# Triggered manually with a specific upstream git ref and custom image tags.
+
+on:
+  workflow_dispatch:
+    inputs:
+      upstream_ref:
+        description: 'Git ref to build (branch, tag, or commit SHA)'
+        required: true
+        default: 'main'
+        type: string
+      image_tags:
+        description: 'Docker image tags (comma-separated, e.g.: qual,1.2.3,latest)'
+        required: true
+        type: string
+
+permissions:
+  contents: read
+
+env:
+  REGISTRY_IMAGE: ${{ vars.DOCKER_HARBOR_HOST }}/pulse/quickwit
+
+jobs:
+  docker:
+    strategy:
+      matrix:
+        include:
+          - os: ubuntu-latest
+            platform: linux/amd64
+            platform_suffix: amd64
+          - os: centreon-ubuntu-24.04-arm
+            platform: linux/arm64
+            platform_suffix: arm64
+    runs-on: ${{ matrix.os }}
+    permissions:
+      contents: read
+      actions: write
+    steps:
+      - name: Cleanup Disk Space
+        run: |
+          df -h
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          sudo rm -rf /usr/local/.ghcup
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /usr/share/swift
+          df -h
+
+      - name: Checkout
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        with:
+          ref: ${{ inputs.upstream_ref }}
+          fetch-depth: 0
+
+      - name: Login to Harbor
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          registry: ${{ vars.DOCKER_HARBOR_HOST }}
+          username: ${{ secrets.HARBOR_CENTREON_PUSH_USERNAME }}
+          password: ${{ secrets.HARBOR_CENTREON_PUSH_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
+
+      - name: Retrieve commit metadata
+        run: |
+          echo "QW_COMMIT_DATE=$(TZ=UTC0 git log -1 --format=%cd --date=format-local:%Y-%m-%dT%H:%M:%SZ)" >> $GITHUB_ENV
+          echo "QW_COMMIT_HASH=$(git rev-parse HEAD)" >> $GITHUB_ENV
+          echo "QW_COMMIT_TAGS=$(git tag --points-at HEAD | tr '\n' ',')" >> $GITHUB_ENV
+          echo "CARGO_FEATURES=release-feature-set" >> $GITHUB_ENV
+
+      - name: Build and push image
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        id: build
+        with:
+          context: .
+          platforms: ${{ matrix.platform }}
+          build-args: |
+            QW_COMMIT_DATE=${{ env.QW_COMMIT_DATE }}
+            QW_COMMIT_HASH=${{ env.QW_COMMIT_HASH }}
+            QW_COMMIT_TAGS=${{ env.QW_COMMIT_TAGS }}
+            CARGO_FEATURES=${{ env.CARGO_FEATURES }}
+          outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
+
+      - name: Export digest
+        run: |
+          mkdir -p /tmp/digests
+          digest="$DIGEST"
+          touch "/tmp/digests/${digest#sha256:}"
+        env:
+          DIGEST: ${{ steps.build.outputs.digest }}
+
+      - name: Upload digest
+        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        with:
+          name: digest-${{ matrix.platform_suffix }}
+          path: /tmp/digests/*
+          if-no-files-found: error
+          retention-days: 1
+
+  merge:
+    runs-on: ubuntu-latest
+    needs: [docker]
+    permissions:
+      contents: read
+      actions: read
+    steps:
+      - name: Download digests
+        uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
+        with:
+          pattern: digest-*
+          path: /tmp/digests
+          merge-multiple: true
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
+
+      - name: Build tags for Docker meta
+        id: build_tags
+        run: |
+          TAGS=""
+          IFS=',' read -ra TAG_LIST <<< "${{ inputs.image_tags }}"
+          for tag in "${TAG_LIST[@]}"; do
+            tag=$(echo "$tag" | xargs)
+            TAGS+="type=raw,value=${tag}"$'\n'
-        run: |
-          TAGS=""
-          IFS=',' read -ra TAG_LIST <<< "${{ inputs.image_tags }}"
-          for tag in "${TAG_LIST[@]}"; do
-            tag=$(echo "$tag" | xargs)
-            TAGS+="type=raw,value=${tag}"$'\n'
+        env:
+          IMAGE_TAGS: ${{ inputs.image_tags }}
+        run: |
+          TAGS=""
+          IFS=',' read -ra TAG_LIST <<< "$IMAGE_TAGS"
+          for tag in "${TAG_LIST[@]}"; do
+            tag=$(echo "$tag" | xargs)
+            TAGS+="type=raw,value=${tag}"$'\n'
-        run: |
-          TAGS=""
-          IFS=',' read -ra TAG_LIST <<< "${{ inputs.image_tags }}"
-          for tag in "${TAG_LIST[@]}"; do
-            tag=$(echo "$tag" | xargs)
-            TAGS+="type=raw,value=${tag}"$'\n'
+        env:
+          IMAGE_TAGS: ${{ inputs.image_tags }}
+        run: |
+          TAGS=""
+          IFS=',' read -ra TAG_LIST <<< "$IMAGE_TAGS"
+          for tag in "${TAG_LIST[@]}"; do
+            tag=$(echo "$tag" | xargs)
+            TAGS+="type=raw,value=${tag}"$'\n'
+          done
+          {
+            echo 'tags<<EOF'
+            printf '%s' "$TAGS"
+            echo 'EOF'
+          } >> "$GITHUB_OUTPUT"
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
+        with:
+          images: ${{ env.REGISTRY_IMAGE }}
+          flavor: |
+            latest=false
+          tags: ${{ steps.build_tags.outputs.tags }}
+          labels: |
+            org.opencontainers.image.title=Quickwit
+            org.opencontainers.image.vendor=Centreon
+            maintainer=Centreon <dev@centreon.com>
+
+      - name: Login to Harbor
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          registry: ${{ vars.DOCKER_HARBOR_HOST }}
+          username: ${{ secrets.HARBOR_CENTREON_PUSH_USERNAME }}
+          password: ${{ secrets.HARBOR_CENTREON_PUSH_TOKEN }}
+
+      - name: Create manifest list and push tags
+        working-directory: /tmp/digests
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf "$REGISTRY_IMAGE@sha256:%s " *)
+
+      - name: Inspect image
+        run: |
+          docker buildx imagetools inspect "$REGISTRY_IMAGE:$META_VERSION"
+        env:
+          META_VERSION: ${{ steps.meta.outputs.version }}
@@ -13,6 +13,8 @@ permissions:
 
 jobs:
   build-cross-images:
+    # Centreon: skip if DOCKERHUB_USERNAME is not configured in this fork
+    if: ${{ secrets.DOCKERHUB_USERNAME != '' }}
     name: Publish cross images
     runs-on: ubuntu-latest
     environment:

@@ -22,6 +22,8 @@ env:
 
 jobs:
   docker:
+    # Centreon: skip if DOCKERHUB_USERNAME is not configured in this fork
+    if: ${{ secrets.DOCKERHUB_USERNAME != '' }}
     strategy:
       matrix:
         include:
@@ -115,6 +117,8 @@ jobs:
           retention-days: 1
 
   merge:
+    # Centreon: skip if DOCKERHUB_USERNAME is not configured in this fork
+    if: ${{ secrets.DOCKERHUB_USERNAME != '' }}
     runs-on: ubuntu-latest
     needs: [docker]
     permissions: