name: Docker Publish
on:
workflow_call:
inputs:
versionTag:
required: false
type: string
pull_request:
branches:
- master
- main
jobs:
build-and-push:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Check if PR is from fork
id: check-fork
run: |
if [ "${{ github.event_name }}" = "pull_request" ]; then
if [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then
echo "is_fork=true" >> $GITHUB_OUTPUT
else
echo "is_fork=false" >> $GITHUB_OUTPUT
fi
else
echo "is_fork=false" >> $GITHUB_OUTPUT
fi
- name: Log in to GitHub Container Registry
if: steps.check-fork.outputs.is_fork == 'false'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set semver and latest tags if release
id: tagmeta
run: |
if [ "${{ github.event_name }}" = "workflow_call" ] || [ "${{ github.ref }}" = "refs/heads/main" ]; then
echo "LATEST=type=raw,value=latest" >> $GITHUB_OUTPUT
else
echo "LATEST=" >> $GITHUB_OUTPUT
fi
if [ "${{ github.event_name }}" = "workflow_call" ]; then
echo "SEMVER=type=semver,pattern=${{ inputs.versionTag }}" >> $GITHUB_OUTPUT
else
echo "SEMVER=" >> $GITHUB_OUTPUT
fi
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}
tags: |
type=ref,event=pr
type=sha
${{ steps.tagmeta.outputs.SEMVER }}
${{ steps.tagmeta.outputs.LATEST }}
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ steps.check-fork.outputs.is_fork == 'false' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
