name: Docker on: push: branches: - main workflow_dispatch: permissions: packages: write jobs: build: runs-on: ubuntu-latest steps: - name: Check out code uses: actions/checkout@v4 with: fetch-depth: 2 - name: Install pnpm uses: pnpm/action-setup@v4 - name: Cache turbo build setup uses: actions/cache@v4 with: path: .turbo key: ${{ runner.os }}-turbo-${{ github.sha }} restore-keys: | ${{ runner.os }}-turbo- - name: Setup Node.js environment uses: actions/setup-node@v4 with: node-version: 20 cache: 'pnpm' - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: driver-opts: 'image=moby/buildkit:v0.11.6' - name: Login Public uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login Private uses: docker/login-action@v3 with: registry: ${{ secrets.DOCKER_REGISTRY }} username: ${{ secrets.DOCKER_REGISTRY_USERNAME }} password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }} - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: | ghcr.io/zitadel/login ${{ secrets.DOCKER_IMAGE }} tags: | type=edge type=ref,event=branch type=ref,event=tag type=ref,event=pr type=sha - name: Install dependencies run: pnpm install - name: Generate stubs run: pnpm generate - name: Build for Docker run: NEXT_PUBLIC_BASE_PATH=/ui/v2/login pnpm build:docker - name: Build and Push Image id: build uses: docker/build-push-action@v5 timeout-minutes: 10 with: context: . push: true cache-from: type=gha cache-to: type=gha,mode=max tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - name: Export digest run: | mkdir -p /tmp/digests/app digest="${{ steps.build.outputs.digest }}" touch "/tmp/digests/app/${digest#sha256:}" - name: Upload digest uses: actions/upload-artifact@v4 with: name: digests path: /tmp/digests if-no-files-found: error retention-days: 1