Merge: rebrand to DockPull + daily scan time + settings icon (#12) #11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish image | |
| on: | |
| push: | |
| branches: [main] | |
| tags: ["v*"] | |
| # Only one publish run per ref at a time; a newer push cancels an in-flight | |
| # build for the same ref instead of letting it hang/queue behind it. | |
| concurrency: | |
| group: publish-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| publish: | |
| name: Build and push to GHCR | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # GHCR image names must be lowercase; the owner may not be. | |
| - name: Compute lowercase image name | |
| id: img | |
| run: echo "name=ghcr.io/${GITHUB_REPOSITORY,,}" >> "$GITHUB_OUTPUT" | |
| - name: Docker metadata (tags/labels) | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ steps.img.outputs.name }} | |
| flavor: latest=false | |
| # Use explicit ref checks rather than {{is_default_branch}} — the | |
| # repo's default branch isn't necessarily `main`, which would leave | |
| # a push to main with zero tags (and buildx refuses to push then). | |
| tags: | | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| type=raw,value=edge,enable=${{ github.ref == 'refs/heads/main' }} | |
| type=raw,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/v') }} | |
| # Pin a recent QEMU build. The default binfmt image lagged the toolchain | |
| # in node:22-alpine (gcc 15 / musl 1.2.6), and emulating those newer | |
| # arm64 binaries crashed with "uncaught target signal 4 (Illegal | |
| # instruction)", which core-dumped and left the build hung. A current | |
| # QEMU emulates the new userspace correctly. | |
| - uses: docker/setup-qemu-action@v3 | |
| with: | |
| image: tonistiigi/binfmt:qemu-v10.2.3 | |
| - uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: server/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max |