Skip to content

Commit

Permalink
fix: docker manifest using digests
Browse files Browse the repository at this point in the history
  • Loading branch information
@icereed
icereed committed Feb 2, 2025
1 parent 23ca254 commit 92a3919
Show file tree
Hide file tree
Showing 2 changed files with 68 additions and 33 deletions.
3 changes: 2 additions & 1 deletion .dockerignore
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
.env
Dockerfile
Dockerfile
.github
98 changes: 66 additions & 32 deletions .github/workflows/docker-build-and-push.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,32 +58,30 @@ jobs:
build-amd64:
runs-on: ubuntu-latest
needs: test
outputs:
digest: ${{ steps.build_amd64.outputs.digest }}
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Log in to Docker Hub
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Set Docker tags
id: set_tags
run: |
echo "TAGS=icereed/paperless-gpt:unreleased-amd64" >> $GITHUB_ENV
if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then
echo "TAGS=icereed/paperless-gpt:unreleased-amd64" >> $GITHUB_ENV
elif [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
VERSION=${GITHUB_REF#refs/tags/}
echo "TAGS=icereed/paperless-gpt:${VERSION}-amd64" >> $GITHUB_ENV
else
echo "TAGS=icereed/paperless-gpt:unreleased-amd64" >> $GITHUB_ENV
fi
- name: Build and push AMD64 image
id: build_amd64
uses: docker/build-push-action@v6
with:
context: .
Expand All @@ -96,36 +94,43 @@ jobs:
VERSION=${{ github.ref_type == 'tag' && github.ref_name || github.sha }}
COMMIT=${{ github.sha }}
BUILD_DATE=${{ github.event.repository.pushed_at }}
- name: Export digest for amd64
run: |
mkdir -p ${{ runner.temp }}/digests
echo "${{ steps.build_amd64.outputs.digest }}" | sed 's/^sha256://g' > ${{ runner.temp }}/digests/digest-amd64.txt
- name: Upload amd64 digest
uses: actions/upload-artifact@v4
with:
name: digest-amd64
path: ${{ runner.temp }}/digests/digest-amd64.txt

build-arm64:
runs-on: ubuntu-24.04-arm
needs: test
outputs:
digest: ${{ steps.build_arm64.outputs.digest }}
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Log in to Docker Hub
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Set Docker tags
id: set_tags
run: |
echo "TAGS=icereed/paperless-gpt:unreleased-arm64" >> $GITHUB_ENV
if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then
echo "TAGS=icereed/paperless-gpt:unreleased-arm64" >> $GITHUB_ENV
elif [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
VERSION=${GITHUB_REF#refs/tags/}
echo "TAGS=icereed/paperless-gpt:${VERSION}-arm64" >> $GITHUB_ENV
else
echo "TAGS=icereed/paperless-gpt:unreleased-arm64" >> $GITHUB_ENV
fi
- name: Build and push ARM64 image
id: build_arm64
uses: docker/build-push-action@v6
with:
context: .
Expand All @@ -138,34 +143,63 @@ jobs:
VERSION=${{ github.ref_type == 'tag' && github.ref_name || github.sha }}
COMMIT=${{ github.sha }}
BUILD_DATE=${{ github.event.repository.pushed_at }}
- name: Export digest for arm64
run: |
mkdir -p ${{ runner.temp }}/digests
echo "${{ steps.build_arm64.outputs.digest }}" | sed 's/^sha256://g' > ${{ runner.temp }}/digests/digest-arm64.txt
- name: Upload arm64 digest
uses: actions/upload-artifact@v4
with:
name: digest-arm64
path: ${{ runner.temp }}/digests/digest-arm64.txt

merge-manifests:
needs: [build-amd64, build-arm64]
runs-on: ubuntu-latest
if: github.event_name != 'pull_request'
env:
DOCKERHUB_REPO: icereed/paperless-gpt
steps:
- name: Log in to Docker Hub
- name: Download amd64 digest
uses: actions/download-artifact@v4
with:
name: digest-amd64
path: ${{ runner.temp }}/digests
- name: Download arm64 digest
uses: actions/download-artifact@v4
with:
name: digest-arm64
path: ${{ runner.temp }}/digests
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Create and push manifest
- name: Determine version/tag
id: get_version
run: |
if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
VERSION=${GITHUB_REF#refs/tags/}
docker manifest create icereed/paperless-gpt:${VERSION} --amend \
icereed/paperless-gpt:${VERSION}-amd64 \
icereed/paperless-gpt:${VERSION}-arm64
docker manifest push --purge icereed/paperless-gpt:${VERSION}
docker manifest create icereed/paperless-gpt:latest --amend \
icereed/paperless-gpt:${VERSION}-amd64 \
icereed/paperless-gpt:${VERSION}-arm64
docker manifest push --purge icereed/paperless-gpt:latest
echo "VERSION=${VERSION}" >> $GITHUB_ENV
else
docker manifest create icereed/paperless-gpt:unreleased --amend \
icereed/paperless-gpt:unreleased-amd64 \
icereed/paperless-gpt:unreleased-arm64
docker manifest push --purge icereed/paperless-gpt:unreleased
echo "VERSION=unreleased" >> $GITHUB_ENV
- name: Create and push manifest list
run: |
AMD64_DIGEST=$(cat ${{ runner.temp }}/digests/digest-amd64.txt)
ARM64_DIGEST=$(cat ${{ runner.temp }}/digests/digest-arm64.txt)
# Create manifest with the single-arch image digests
docker buildx imagetools create -t ${DOCKERHUB_REPO}:${VERSION} \
${DOCKERHUB_REPO}@sha256:${AMD64_DIGEST} ${DOCKERHUB_REPO}@sha256:${ARM64_DIGEST}
# Also push "latest" tag when on a tag
if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
docker buildx imagetools create -t ${DOCKERHUB_REPO}:latest \
${DOCKERHUB_REPO}@sha256:${AMD64_DIGEST} ${DOCKERHUB_REPO}@sha256:${ARM64_DIGEST}
fi
- name: Inspect manifest
run: |
docker buildx imagetools inspect ${DOCKERHUB_REPO}:${VERSION}
if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
docker buildx imagetools inspect ${DOCKERHUB_REPO}:latest
fi

0 comments on commit 92a3919

Please sign in to comment.