Use arm64 runner for docker build in CI #15

	---
	name: Publish Docker Image

	on:
	push:
	branches: [ main ]
	workflow_dispatch:

	permissions:
	contents: read
	packages: write

	env:
	NIX_CONFIG: \|
	experimental-features = nix-command flakes

	jobs:
	build-and-push:
	runs-on: ubuntu-24.04-arm64
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Install Nix
	shell: bash
	run: \|
	set -euo pipefail
	curl -fsSL https://install.determinate.systems/nix \| sh -s -- install --no-confirm --nix-build-user-count 1
	. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh
	nix --version

	- name: Resolve upstream version
	id: version
	run: \|
	rev=$(grep -E 'rev\s=\s"' nix/sources/clawdbot-source.nix \| head -n 1 \| sed -E 's/."([^"]+)"./\1/')
	if [ -z "$rev" ]; then
	echo "rev not found in nix/sources/clawdbot-source.nix" >&2
	exit 1
	fi
	echo "rev=$rev" >> "$GITHUB_OUTPUT"

	- name: Build image (aarch64-linux)
	shell: bash
	run: \|
	set -euo pipefail
	. /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh
	nix build .#clawdbot-docker

	- name: Load image
	shell: bash
	run: \|
	set -euo pipefail
	docker load < result

	- name: Login to GHCR
	run: echo "${{ secrets.GITHUB_TOKEN }}" \| docker login ghcr.io -u "${{ github.actor }}" --password-stdin

	- name: Tag and push
	env:
	IMAGE: ghcr.io/clawdbot/clawdbot-gateway
	REV: ${{ steps.version.outputs.rev }}
	run: \|
	docker tag clawdbot:latest "$IMAGE:latest"
	docker tag clawdbot:latest "$IMAGE:$REV"
	docker push "$IMAGE:latest"
	docker push "$IMAGE:$REV"

Provide feedback