diff --git a/.github/workflows/docker_build_push.yml b/.github/workflows/docker_build_push.yml index de8d749..2075c6c 100644 --- a/.github/workflows/docker_build_push.yml +++ b/.github/workflows/docker_build_push.yml @@ -6,11 +6,10 @@ on: - main env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} + GHCR_IMAGE_NAME: ${{ github.repository }} jobs: - docker_build_and_push: + docker_build: runs-on: ubuntu-latest permissions: packages: write @@ -46,35 +45,91 @@ jobs: uses: docker/metadata-action@a64d0487d7069df33b279515d35d60fa80e2ea62 with: images: | - ${{ env.DOCKERHUB_REPOSITORY }} - ghcr.io/${{ github.repository }} + docker.io/${{ env.DOCKERHUB_IMAGE_NAME }} + ghcr.io/${{ env.GHCR_IMAGE_NAME }} tags: | type=sha labels: | - maintainer=uZer - org.opencontainers.image.title=${{ github.repository }} - org.opencontainers.image.description = "tg2 IRIG-B or WWV timecode generator" + org.opencontainers.image.title=${{ env.GHCR_IMAGE_NAME }} + org.opencontainers.image.description="tg2 IRIG-B or WWV timecode generator" org.opencontainers.image.vendor="${{ env.GITHUB_REPOSITORY_OWNER }}" - org.opencontainers.image.url = "https://github.com/${{ github.repository }}" - org.opencontainers.image.source = "https://github.com/${{ github.repository }}" - org.opencontainers.image.version = "0.0.1" - org.opencontainers.image.created = "${{ github.event.head_commit.timestamp }}" - org.opencontainers.image.revision = "${{ github.sha }}" - org.opencontainers.image.licenses = "MIT" - - - name: Build and push Docker image - id: push + org.opencontainers.image.url="https://github.com/${{ github.repository }}" + org.opencontainers.image.source="https://github.com/${{ github.repository }}" + org.opencontainers.image.version="0.0.1" + org.opencontainers.image.created="${{ github.event.head_commit.timestamp }}" + org.opencontainers.image.revision="${{ github.sha }}" + org.opencontainers.image.licenses="MIT" + annotations: | + org.opencontainers.image.title=${{ env.GHCR_IMAGE_NAME }} + org.opencontainers.image.description="tg2 IRIG-B or WWV timecode generator" + org.opencontainers.image.vendor="${{ env.GITHUB_REPOSITORY_OWNER }}" + org.opencontainers.image.url="https://github.com/${{ github.repository }}" + org.opencontainers.image.source="https://github.com/${{ github.repository }}" + org.opencontainers.image.version="0.0.1" + org.opencontainers.image.created="${{ github.event.head_commit.timestamp }}" + org.opencontainers.image.revision="${{ github.sha }}" + org.opencontainers.image.licenses="MIT" + + - name: Build Docker image + id: build uses: docker/build-push-action@e050dfa622d93dfcc095192a984db567cb14f0f0 with: context: . - push: true + push: false tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} platforms: ${{ matrix.architecture }} + outputs: type=registry + + create_multi_platform_manifest_and_push: + runs-on: ubuntu-latest + needs: docker_build + steps: + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to Docker Hub + uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + - name: Log in to the Container registry + uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Create and push multi-platform manifest + id: push + run: | + docker buildx imagetools create \ + --tag docker.io/${{ env.DOCKERHUB_IMAGE_NAME }}:${{ github.sha }} \ + docker.io/${{ env.DOCKERHUB_IMAGE_NAME }}:${{ github.sha }}-linux/arm/v6 \ + docker.io/${{ env.DOCKERHUB_IMAGE_NAME }}:${{ github.sha }}-linux/amd64 \ + docker.io/${{ env.DOCKERHUB_IMAGE_NAME }}:${{ github.sha }}-linux/arm64 \ + docker.io/${{ env.DOCKERHUB_IMAGE_NAME }}:${{ github.sha }}-linux/arm/v7 + + docker buildx imagetools create \ + --tag ghcr.io/${{ env.GHCR_IMAGE_NAME }}:${{ github.sha }} \ + ghcr.io/${{ env.GHCR_IMAGE_NAME }}:${{ github.sha }}-linux/arm/v6 \ + ghcr.io/${{ env.GHCR_IMAGE_NAME }}:${{ github.sha }}-linux/amd64 \ + ghcr.io/${{ env.GHCR_IMAGE_NAME }}:${{ github.sha }}-linux/arm64 \ + ghcr.io/${{ env.GHCR_IMAGE_NAME }}:${{ github.sha }}-linux/arm/v7 + + - name: Generate artifact attestation (ghcr) + id: push-ghcr + uses: actions/attest-build-provenance@v1 + with: + subject-name: ghcr.io/${{ env.GHCR_IMAGE_NAME }} + subject-digest: ${{ needs.docker_build_and_push.outputs.digest }} + push-to-registry: true - - name: Generate artifact attestation + - name: Generate artifact attestation (dockerhub) + id: push-dockerhub uses: actions/attest-build-provenance@v1 with: - subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - subject-digest: ${{ steps.push.outputs.digest }} + subject-name: index.docker.io/${{ env.DOCKERHUB_IMAGE_NAME }} + subject-digest: ${{ needs.docker_build_and_push.outputs.digest }} push-to-registry: true diff --git a/Dockerfile b/Dockerfile index 457a5a5..5289dd0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,8 @@ RUN set -x \ && ./configure --without-crypto \ && make \ && cd util \ - && make tg2 + && make tg2 \ + && chmod +x tg2 FROM debian:stable-slim @@ -25,4 +26,5 @@ WORKDIR /app COPY --from=build /tmp/ntp/util/tg2 /app/tg2 + ENTRYPOINT ["/app/tg2"]