diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 773a82a846..19e9c975cf 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -4,10 +4,15 @@ on: push: branches: - main + workflow_dispatch: jobs: build: runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arch: [amd64,arm64] steps: - name: Check out code uses: actions/checkout@v4 @@ -39,7 +44,14 @@ jobs: with: driver-opts: 'image=moby/buildkit:v0.11.6' - - name: Login + - name: Login Public + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Login Private uses: docker/login-action@v3 with: registry: ${{ secrets.DOCKER_REGISTRY }} @@ -50,9 +62,13 @@ jobs: id: meta uses: docker/metadata-action@v5 with: - images: ${{ secrets.DOCKER_IMAGE }} - # generate Docker tags based on the following events/attributes - tags: type=sha + images: | + ghcr.io/zitadel/login + ${{ secrets.DOCKER_IMAGE }} + tags: | + type=edge + type=ref + type=sha - name: Install dependencies run: pnpm install @@ -69,8 +85,24 @@ jobs: timeout-minutes: 10 with: context: . + push: true cache-from: type=gha cache-to: type=gha,mode=max + platforms: linux/${{ matrix.arch }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - push: true + outputs: type=image,name=${{ inputs.build_image_name }},push-by-digest=true,name-canonical=true,push=true + + - name: Export digest + run: | + mkdir -p /tmp/digests/app + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/app/${digest#sha256:}" + + - name: Upload digest + uses: actions/upload-artifact@v4 + with: + name: digests-${{ matrix.arch }} + path: /tmp/digests + if-no-files-found: error + retention-days: 1