name: 'Build and Publish Docker Image' on: push: tags: - 'v*' workflow_dispatch: inputs: publish: description: 'Publish to GHCR (only works on main branch)' type: 'boolean' default: false env: REGISTRY: 'ghcr.io' IMAGE_NAME: '${{ github.repository }}' jobs: build-and-push-to-ghcr: runs-on: 'ubuntu-latest' permissions: contents: 'read' packages: 'write' steps: - name: 'Checkout repository' uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4 - name: 'Set up QEMU' uses: 'docker/setup-qemu-action@v3' - name: 'Set up Docker Buildx' uses: 'docker/setup-buildx-action@v3' - name: 'Extract metadata (tags, labels) for Docker' id: 'meta' uses: 'docker/metadata-action@v5' with: images: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}' tags: | type=ref,event=branch type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=sha,prefix=sha-,format=short - name: 'Log in to the Container registry' if: 'github.event_name != "pull_request" && (github.ref == "refs/heads/main" || startsWith(github.ref, "refs/tags/v"))' uses: 'docker/login-action@v3' with: registry: '${{ env.REGISTRY }}' username: '${{ github.actor }}' password: '${{ secrets.GITHUB_TOKEN }}' - name: 'Build and push Docker image' id: 'build-and-push' uses: 'docker/build-push-action@v6' with: context: '.' platforms: 'linux/amd64,linux/arm64' push: '${{ github.event_name != "pull_request" && (github.ref == "refs/heads/main" || startsWith(github.ref, "refs/tags/v") || github.event.inputs.publish == "true") }}' tags: '${{ steps.meta.outputs.tags }}' labels: '${{ steps.meta.outputs.labels }}' build-args: | CLI_VERSION_ARG=${{ github.sha }}