diff --git a/.dockerignore b/.dockerignore index 3884164..8a4c8c7 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,2 +1,3 @@ .env -Dockerfile \ No newline at end of file +Dockerfile +.github \ No newline at end of file diff --git a/.github/workflows/docker-build-and-push.yml b/.github/workflows/docker-build-and-push.yml index 34d4184..c35984b 100644 --- a/.github/workflows/docker-build-and-push.yml +++ b/.github/workflows/docker-build-and-push.yml @@ -58,32 +58,30 @@ jobs: build-amd64: runs-on: ubuntu-latest needs: test + outputs: + digest: ${{ steps.build_amd64.outputs.digest }} steps: - name: Checkout code uses: actions/checkout@v4 - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Log in to Docker Hub if: ${{ github.event_name != 'pull_request' }} uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Set Docker tags id: set_tags run: | - echo "TAGS=icereed/paperless-gpt:unreleased-amd64" >> $GITHUB_ENV - if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then - echo "TAGS=icereed/paperless-gpt:unreleased-amd64" >> $GITHUB_ENV - elif [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then + if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then VERSION=${GITHUB_REF#refs/tags/} echo "TAGS=icereed/paperless-gpt:${VERSION}-amd64" >> $GITHUB_ENV + else + echo "TAGS=icereed/paperless-gpt:unreleased-amd64" >> $GITHUB_ENV fi - - name: Build and push AMD64 image + id: build_amd64 uses: docker/build-push-action@v6 with: context: . @@ -96,36 +94,43 @@ jobs: VERSION=${{ github.ref_type == 'tag' && github.ref_name || github.sha }} COMMIT=${{ github.sha }} BUILD_DATE=${{ github.event.repository.pushed_at }} + - name: Export digest for amd64 + run: | + mkdir -p ${{ runner.temp }}/digests + echo "${{ steps.build_amd64.outputs.digest }}" | sed 's/^sha256://g' > ${{ runner.temp }}/digests/digest-amd64.txt + - name: Upload amd64 digest + uses: actions/upload-artifact@v4 + with: + name: digest-amd64 + path: ${{ runner.temp }}/digests/digest-amd64.txt build-arm64: runs-on: ubuntu-24.04-arm needs: test + outputs: + digest: ${{ steps.build_arm64.outputs.digest }} steps: - name: Checkout code uses: actions/checkout@v4 - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Log in to Docker Hub if: ${{ github.event_name != 'pull_request' }} uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - name: Set Docker tags id: set_tags run: | - echo "TAGS=icereed/paperless-gpt:unreleased-arm64" >> $GITHUB_ENV - if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then - echo "TAGS=icereed/paperless-gpt:unreleased-arm64" >> $GITHUB_ENV - elif [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then + if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then VERSION=${GITHUB_REF#refs/tags/} echo "TAGS=icereed/paperless-gpt:${VERSION}-arm64" >> $GITHUB_ENV + else + echo "TAGS=icereed/paperless-gpt:unreleased-arm64" >> $GITHUB_ENV fi - - name: Build and push ARM64 image + id: build_arm64 uses: docker/build-push-action@v6 with: context: . @@ -138,34 +143,63 @@ jobs: VERSION=${{ github.ref_type == 'tag' && github.ref_name || github.sha }} COMMIT=${{ github.sha }} BUILD_DATE=${{ github.event.repository.pushed_at }} + - name: Export digest for arm64 + run: | + mkdir -p ${{ runner.temp }}/digests + echo "${{ steps.build_arm64.outputs.digest }}" | sed 's/^sha256://g' > ${{ runner.temp }}/digests/digest-arm64.txt + - name: Upload arm64 digest + uses: actions/upload-artifact@v4 + with: + name: digest-arm64 + path: ${{ runner.temp }}/digests/digest-arm64.txt merge-manifests: needs: [build-amd64, build-arm64] runs-on: ubuntu-latest if: github.event_name != 'pull_request' + env: + DOCKERHUB_REPO: icereed/paperless-gpt steps: - - name: Log in to Docker Hub + - name: Download amd64 digest + uses: actions/download-artifact@v4 + with: + name: digest-amd64 + path: ${{ runner.temp }}/digests + - name: Download arm64 digest + uses: actions/download-artifact@v4 + with: + name: digest-arm64 + path: ${{ runner.temp }}/digests + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Create and push manifest + - name: Determine version/tag + id: get_version run: | if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then VERSION=${GITHUB_REF#refs/tags/} - docker manifest create icereed/paperless-gpt:${VERSION} --amend \ - icereed/paperless-gpt:${VERSION}-amd64 \ - icereed/paperless-gpt:${VERSION}-arm64 - docker manifest push --purge icereed/paperless-gpt:${VERSION} - - docker manifest create icereed/paperless-gpt:latest --amend \ - icereed/paperless-gpt:${VERSION}-amd64 \ - icereed/paperless-gpt:${VERSION}-arm64 - docker manifest push --purge icereed/paperless-gpt:latest + echo "VERSION=${VERSION}" >> $GITHUB_ENV else - docker manifest create icereed/paperless-gpt:unreleased --amend \ - icereed/paperless-gpt:unreleased-amd64 \ - icereed/paperless-gpt:unreleased-arm64 - docker manifest push --purge icereed/paperless-gpt:unreleased + echo "VERSION=unreleased" >> $GITHUB_ENV + - name: Create and push manifest list + run: | + AMD64_DIGEST=$(cat ${{ runner.temp }}/digests/digest-amd64.txt) + ARM64_DIGEST=$(cat ${{ runner.temp }}/digests/digest-arm64.txt) + # Create manifest with the single-arch image digests + docker buildx imagetools create -t ${DOCKERHUB_REPO}:${VERSION} \ + ${DOCKERHUB_REPO}@sha256:${AMD64_DIGEST} ${DOCKERHUB_REPO}@sha256:${ARM64_DIGEST} + # Also push "latest" tag when on a tag + if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then + docker buildx imagetools create -t ${DOCKERHUB_REPO}:latest \ + ${DOCKERHUB_REPO}@sha256:${AMD64_DIGEST} ${DOCKERHUB_REPO}@sha256:${ARM64_DIGEST} + fi + - name: Inspect manifest + run: | + docker buildx imagetools inspect ${DOCKERHUB_REPO}:${VERSION} + if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then + docker buildx imagetools inspect ${DOCKERHUB_REPO}:latest fi \ No newline at end of file