name: Build container on: push: branches: - master pull_request: # Allow for manually running workflow_dispatch: inputs: container_tag: description: Tag for container default: "latest" required: true permissions: packages: write jobs: container: runs-on: ubuntu-20.04 env: CONTAINER_NAME: docker.io/${{ secrets.DOCKER_HUB_USERNAME }}/wireproxy BUILD_PLATFORMS: linux/amd64,linux/arm,linux/arm64,linux/ppc64le,linux/s390x RAW_CONTAINER_TAG: ${{ github.event.inputs.container_tag || github.event.pull_request.head.ref || 'latest' }} RAW_REF_NAME: ${{ github.event.pull_request.head.ref || github.ref }} steps: - name: Set up QEMU uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@v2.0.0 - name: Login to Docker Hub uses: docker/login-action@v2 with: registry: docker.io username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - uses: actions/checkout@v3 with: submodules: recursive # Needed for buildx gha cache to work - name: Expose GitHub Runtime uses: crazy-max/ghaction-github-runtime@v2 - name: Build container env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | CONTAINER_TAG=$(echo "$RAW_CONTAINER_TAG" | sed 's/[^a-zA-Z0-9]\+/-/') REF_NAME=$(echo "$RAW_REF_NAME" | sed -r 's#^refs/(heads|tags)/##') docker buildx build \ --platform "$BUILD_PLATFORMS" \ --tag "$CONTAINER_NAME:$CONTAINER_TAG" \ --label "org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}" \ --label "org.opencontainers.image.documentation=${{ github.server_url }}/${{ github.repository }}" \ --label "org.opencontainers.image.url=${{ github.server_url }}/${{ github.repository }}/packages" \ --label "org.opencontainers.image.ref.name=$REF_NAME" \ --label "org.opencontainers.image.revision=${{ github.sha }}" \ --label "org.opencontainers.image.vendor=${{ github.repository_owner }}" \ --label "org.opencontainers.image.created=$(date -u --rfc-3339=seconds)" \ --cache-from type=gha \ --cache-to type=gha,mode=max \ --pull --push .