open-terminal/.github/workflows/docker.yml at f74428ffb8e302d786c11f9ecb5fd2a616b89467 · open-webui/open-terminal · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
name: Build Docker Image

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

env:
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        platform:
          - linux/amd64
          - linux/arm64
        variant:
          - name: default
            file: Dockerfile
            suffix: ""
            short_tag: "latest"
          - name: slim
            file: Dockerfile.slim
            suffix: "-slim"
            short_tag: "slim"
          - name: alpine
            file: Dockerfile.alpine
            suffix: "-alpine"
            short_tag: "alpine"
    permissions:
      contents: read
      packages: write

    steps:
      - uses: actions/checkout@v4

      - uses: docker/setup-qemu-action@v3

      - uses: docker/setup-buildx-action@v3

      - uses: docker/login-action@v3
        if: github.event_name != 'pull_request'
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - uses: docker/metadata-action@v5
        id: meta
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

      - uses: docker/build-push-action@v5
        id: build
        with:
          context: .
          file: ${{ matrix.variant.file }}
          platforms: ${{ matrix.platform }}
          labels: ${{ steps.meta.outputs.labels }}
          outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' }}
          cache-from: type=gha,scope=${{ matrix.variant.name }}-${{ matrix.platform }}
          cache-to: type=gha,scope=${{ matrix.variant.name }}-${{ matrix.platform }},mode=max

      - name: Export digest
        if: github.event_name != 'pull_request'
        run: |
          mkdir -p /tmp/digests
          digest="${{ steps.build.outputs.digest }}"
          touch "/tmp/digests/${digest#sha256:}"

      - uses: actions/upload-artifact@v4
        if: github.event_name != 'pull_request'
        with:
          name: digests-${{ matrix.variant.name }}-${{ matrix.platform == 'linux/amd64' && 'amd64' || 'arm64' }}
          path: /tmp/digests/*
          if-no-files-found: error
          retention-days: 1

  merge:
    runs-on: ubuntu-latest
    if: github.event_name != 'pull_request'
    needs: build
    strategy:
      matrix:
        variant:
          - name: default
            suffix: ""
            short_tag: "latest"
          - name: slim
            suffix: "-slim"
            short_tag: "slim"
          - name: alpine
            suffix: "-alpine"
            short_tag: "alpine"
    permissions:
      contents: read
      packages: write

    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Get version from pyproject.toml
        id: version
        run: |
          VERSION=$(python3 -c "import tomllib; print(tomllib.load(open('pyproject.toml','rb'))['project']['version'])")
          echo "version=$VERSION" >> "$GITHUB_OUTPUT"
          MAJOR_MINOR=$(echo "$VERSION" | cut -d. -f1,2)
          echo "major_minor=$MAJOR_MINOR" >> "$GITHUB_OUTPUT"
          if git rev-parse "refs/tags/v$VERSION" >/dev/null 2>&1; then
            TAG_SHA=$(git rev-list -n 1 "v$VERSION")
            if [ "$TAG_SHA" = "${{ github.sha }}" ]; then
              echo "is_new_version=true" >> "$GITHUB_OUTPUT"
            else
              echo "is_new_version=false" >> "$GITHUB_OUTPUT"
            fi
          else
            echo "is_new_version=true" >> "$GITHUB_OUTPUT"
          fi

      - uses: actions/download-artifact@v4
        with:
          path: /tmp/digests
          pattern: digests-${{ matrix.variant.name }}-*
          merge-multiple: true

      - uses: docker/setup-buildx-action@v3

      - uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - uses: docker/metadata-action@v5
        id: meta
        with:
          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
          tags: |
            type=raw,value=latest${{ matrix.variant.suffix }},enable={{is_default_branch}}
            type=raw,value=${{ matrix.variant.short_tag }},enable={{is_default_branch}}
            type=raw,value=${{ steps.version.outputs.version }}${{ matrix.variant.suffix }},enable=${{ steps.version.outputs.is_new_version }}
            type=raw,value=${{ steps.version.outputs.major_minor }}${{ matrix.variant.suffix }},enable=${{ steps.version.outputs.is_new_version }}
            type=sha,suffix=${{ matrix.variant.suffix }}

      - name: Create manifest list and push
        working-directory: /tmp/digests
        run: |
          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
            $(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)

      - name: Inspect image
        run: |
          docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}