name: Make release & publish Docker image on: push: tags: - 'v*' env: REGISTRY_IMAGE: ghcr.io/museofficial/muse jobs: publish: strategy: matrix: runner-platform: - ubuntu-latest - namespace-profile-default-arm64 include: - runner-platform: ubuntu-latest build-arch: linux/amd64 tagged-platform: amd64 - runner-platform: namespace-profile-default-arm64 build-arch: linux/arm64 tagged-platform: arm64 runs-on: ${{ matrix.runner-platform }} permissions: contents: read packages: write attestations: write id-token: write steps: - name: Set up Buildx uses: docker/setup-buildx-action@v3 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Get current time uses: josStorer/get-current-time@v2 id: current-time - name: Build and push id: docker_build uses: docker/build-push-action@v6 with: push: true tags: | codetheweb/muse:${{ github.sha }}-${{ matrix.tagged-platform }} ${{ env.REGISTRY_IMAGE }}:${{ github.sha }}-${{ matrix.tagged-platform }} platforms: ${{ matrix.build-arch }} build-args: | COMMIT_HASH=${{ github.sha }} BUILD_DATE=${{ steps.current-time.outputs.time }} combine: name: Combine platform tags runs-on: ubuntu-latest needs: publish permissions: contents: read packages: write attestations: write id-token: write steps: - uses: actions/checkout@v1 - name: Set up Buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Get tags (Docker Hub) id: get-tags-dockerhub uses: Surgo/docker-smart-tag-action@v1 with: docker_image: codetheweb/muse - name: Get tags (ghcr.io) id: get-tags-ghcr uses: Surgo/docker-smart-tag-action@v1 with: docker_image: ${{ env.REGISTRY_IMAGE }} - name: Combine tags (Docker Hub) run: docker buildx imagetools create $(echo '${{ steps.get-tags-dockerhub.outputs.tag }}' | tr "," "\0" | xargs -0 printf -- '-t %s ') 'codetheweb/muse:${{ github.sha }}-arm64' 'codetheweb/muse:${{ github.sha }}-amd64' - name: Combine tags (GitHub Container Registry) run: docker buildx imagetools create $(echo '${{ steps.get-tags-ghcr.outputs.tag }}' | tr "," "\0" | xargs -0 printf -- '-t %s ') '${{ env.REGISTRY_IMAGE }}:${{ github.sha }}-arm64' '${{ env.REGISTRY_IMAGE }}:${{ github.sha }}-amd64' - name: Update Docker Hub description uses: peter-evans/dockerhub-description@v2.4.3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} repository: codetheweb/muse release: name: Create GitHub release runs-on: ubuntu-latest needs: combine steps: - uses: actions/checkout@v2 - name: Get version from tag id: tag_name run: | echo ::set-output name=current_version::${GITHUB_REF#refs/tags/v} shell: bash - name: Get Changelog Entry id: changelog_reader uses: mindsers/changelog-reader-action@v2 with: version: ${{ steps.tag_name.outputs.current_version }} path: ./CHANGELOG.md - name: Create/update release uses: ncipollo/release-action@v1 with: tag: v${{ steps.changelog_reader.outputs.version }} name: Release v${{ steps.changelog_reader.outputs.version }} body: ${{ steps.changelog_reader.outputs.changes }} prerelease: ${{ steps.changelog_reader.outputs.status == 'prereleased' }} draft: ${{ steps.changelog_reader.outputs.status == 'unreleased' }} allowUpdates: true token: ${{ secrets.GH_PAT }}