name: Build fullstack image
on:
push:
branches:
- "main"
tags:
- "v*"
env:
REGISTRY: ghcr.io
DOCKERFILE: ./docker/all/Dockerfile
IMAGE_NAME: southclaws/storyden
IMAGE_KIND: fullstack
permissions:
contents: read
packages: write
jobs:
build-arch:
name: Build ${{ matrix.arch }}
strategy:
fail-fast: false
matrix:
include:
- arch: amd64
runner: ubuntu-latest
platform: linux/amd64
- arch: arm64
runner: ubuntu-24.04-arm
platform: linux/arm64
runs-on: ${{ matrix.runner }}
steps:
- uses: actions/checkout@v5
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GHCR
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push (arch-specific temp tag)
uses: docker/build-push-action@v6
with:
context: .
platforms: ${{ matrix.platform }}
file: ${{ env.DOCKERFILE }}
push: true
tags: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:tmp-${{ env.IMAGE_KIND }}-${{ github.sha }}-${{ matrix.arch }}
cache-from: type=gha
cache-to: type=gha,mode=max
publish-manifest:
name: Publish multi-arch tags
needs: [build-arch]
runs-on: ubuntu-latest
steps:
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
tags: |
type=edge,branch=main
type=semver,pattern={{version}},branch=main,enable=${{ startsWith(github.ref, 'refs/tags/') }},suffix=-${{ env.IMAGE_KIND }}
type=semver,pattern={{version}},branch=main,enable=${{ startsWith(github.ref, 'refs/tags/') }}
type=raw,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/') }}
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Set up Docker Buildx (for imagetools)
uses: docker/setup-buildx-action@v3
- name: Login to GHCR
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Create and push multi-arch manifests
shell: bash
run: |
set -euo pipefail
AMD="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:tmp-${{ env.IMAGE_KIND }}-${{ github.sha }}-amd64"
ARM="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:tmp-${{ env.IMAGE_KIND }}-${{ github.sha }}-arm64"
echo "${{ steps.meta.outputs.tags }}" | while read -r TAG; do
[ -z "$TAG" ] && continue
echo "Publishing manifest: $TAG"
docker buildx imagetools create \
-t "$TAG" \
"$AMD" \
"$ARM"
done
