name: Build and release server on: workflow_dispatch: {} release: types: [published] # This can be used to automatically publish nightlies at UTC nighttime schedule: - cron: "0 2 * * *" # run at 2 AM UTC env: REGISTRY_IMAGE: ghcr.io/drop-oss/drop jobs: build: strategy: fail-fast: false matrix: include: - platform: linux/amd64 runner: ubuntu-latest - platform: linux/arm64 runner: ubuntu-24.04-arm runs-on: ${{ matrix.runner }} permissions: packages: write contents: read steps: - name: Check out the repo uses: actions/checkout@v4 with: submodules: true fetch-depth: 3 # fix for when this gets triggered by tag fetch-tags: true ref: ${{ github.ref }} token: ${{ secrets.GITHUB_TOKEN }} - name: Prepare run: | platform=${{ matrix.platform }} echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY_IMAGE }} - name: Login to Docker Hub uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Determine final version id: get_final_ver run: | BASE_VER=v$(jq -r '.version' package.json) TODAY=$(date +'%Y.%m.%d') echo "Today will be: $TODAY" echo "today=$TODAY" >> $GITHUB_OUTPUT if [[ "${{ github.event_name }}" == "release" ]]; then FINAL_VER="$BASE_VER" else FINAL_VER="${BASE_VER}-nightly.$TODAY" fi echo "Drop's release tag will be: $FINAL_VER" echo "final_ver=$FINAL_VER" >> $GITHUB_OUTPUT - name: Build and push by digest id: build uses: docker/build-push-action@v6 with: platforms: ${{ matrix.platform }} labels: ${{ steps.meta.outputs.labels }} tags: ${{ env.REGISTRY_IMAGE }} outputs: type=image,push-by-digest=true,name-canonical=true,push=true provenance: mode=max sbom: true build-args: | BUILD_DROP_VERSION=${{ steps.get_final_ver.outputs.final_ver }} BUILD_GIT_REF=${{ github.sha }} context: ./server file: ./server/Dockerfile - name: Export digest run: | mkdir -p ${{ runner.temp }}/digests digest="${{ steps.build.outputs.digest }}" touch "${{ runner.temp }}/digests/${digest#sha256:}" - name: Upload digest uses: actions/upload-artifact@v4 with: name: digests-${{ env.PLATFORM_PAIR }} path: ${{ runner.temp }}/digests/* if-no-files-found: error retention-days: 1 merge: runs-on: ubuntu-latest needs: - build permissions: packages: write contents: read steps: - name: Download digests uses: actions/download-artifact@v4 with: path: ${{ runner.temp }}/digests pattern: digests-* merge-multiple: true - name: Login to Docker Hub uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5 with: images: | ghcr.io/drop-OSS/drop tags: | type=schedule,pattern=nightly type=schedule,pattern=nightly.${{ steps.get_final_ver.outputs.today }} type=semver,pattern=v{{version}} type=semver,pattern=v{{major}}.{{minor}} type=semver,pattern=v{{major}} type=ref,event=branch,prefix=branch- type=ref,event=pr type=sha # set latest tag for stable releases type=raw,value=latest,enable=${{ github.event_name == 'release' && github.event.release.prerelease == false }} - name: Create manifest list and push working-directory: ${{ runner.temp }}/digests run: | docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) - name: Inspect image run: | docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}