build-docker-images.yml•2.27 kB
name: Docker
on:
workflow_call:
concurrency:
group: docker-${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
docker:
runs-on: ubuntu-latest
environment: release
permissions:
contents: read
packages: write
security-events: write
strategy:
matrix:
target: [basic, extended]
include:
- target: basic
suffix: -lite
latest: lite
- target: extended
suffix: ''
latest: latest
steps:
- name: Checkout repository from main
uses: actions/checkout@v4
with:
ref: main
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata for Docker image
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
tags: |
type=raw,value=${{ matrix.latest }}
type=semver,pattern=v{{version}}${{ matrix.suffix }}
type=semver,pattern=v{{major}}.{{minor}}${{ matrix.suffix }}
type=semver,pattern=v{{major}}${{ matrix.suffix }}
- name: Read Node.js version
id: node-version
run: echo "version=$(cat .node-version)" >> $GITHUB_OUTPUT
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
push: true
target: ${{ matrix.target }}
build-args: |
NODE_VERSION=${{ steps.node-version.outputs.version }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
cache-from: |
type=gha,scope=${{ matrix.target }}
type=gha,scope=shared
cache-to: |
type=gha,mode=max,scope=${{ matrix.target }}
type=gha,mode=max,scope=shared
platforms: linux/amd64,linux/arm64
provenance: false
sbom: false