name: Publish Docker image to Docker Hub on: push: tags: - 'v*' workflow_dispatch: jobs: prepare: name: Prepare metadata runs-on: ubuntu-latest permissions: contents: read outputs: version: ${{ steps.notes.outputs.version }} desc: ${{ steps.notes.outputs.desc }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} steps: - name: Checkout uses: actions/checkout@v5.0.0 - name: Prepare release notes from template id: notes shell: bash run: | VERSION_REF="${GITHUB_REF##*/}" # e.g. v1.2.3 TEMPLATE="RELEASE_NOTES_TEMPLATE.md" if [ -f "$TEMPLATE" ]; then sed "s/\${VERSION}/${VERSION_REF}/g" "$TEMPLATE" > RELEASE_NOTES.md else echo "# MTG Python Deckbuilder ${VERSION_REF}" > RELEASE_NOTES.md echo >> RELEASE_NOTES.md echo "Automated release." >> RELEASE_NOTES.md fi DESC=$(awk 'BEGIN{ORS="\\n"} {print}' RELEASE_NOTES.md) echo "desc=$DESC" >> $GITHUB_OUTPUT echo "version=$VERSION_REF" >> $GITHUB_OUTPUT - name: Extract Docker metadata id: meta uses: docker/metadata-action@v5.8.0 with: images: | mwisnowski/mtg-python-deckbuilder tags: | type=semver,pattern={{version}} type=raw,value=latest labels: | org.opencontainers.image.title=MTG Python Deckbuilder org.opencontainers.image.version=${{ github.ref_name }} org.opencontainers.image.description=${{ steps.notes.outputs.desc }} org.opencontainers.image.revision=${{ github.sha }} build_amd64: name: Build (amd64) runs-on: ubuntu-latest needs: prepare permissions: contents: read outputs: digest: ${{ steps.build.outputs.digest }} steps: - name: Checkout uses: actions/checkout@v5.0.0 - name: Prepare amd64 tag list id: arch_tags shell: bash run: | echo "Generating amd64 tag variants" >&2 TAGS='${{ needs.prepare.outputs.tags }}' # Exclude 'latest' so we don't leave latest-amd64 dangling; only final manifest will produce plain 'latest' echo "$TAGS" | grep -v ':latest$' | sed 's/$/-amd64/' | grep . > tags.txt echo "Computed tags:" >&2; cat tags.txt >&2 echo "tags<> $GITHUB_OUTPUT cat tags.txt >> $GITHUB_OUTPUT echo "EOF" >> $GITHUB_OUTPUT - name: Docker Hub login uses: docker/login-action@v3.5.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3.11.1 - name: Smoke test Web UI (local build) shell: bash env: APP_VERSION: ${{ needs.prepare.outputs.version }} run: | docker buildx build --platform linux/amd64 --load -t mtg-deckbuilder:test --build-arg APP_VERSION=$APP_VERSION . docker rm -f mtg-smoke 2>/dev/null || true docker run -d --name mtg-smoke -p 8080:8080 mtg-deckbuilder:test echo "Waiting for Web UI (amd64)..." for i in {1..30}; do if curl -fsS http://localhost:8080/ >/dev/null; then echo "Up"; break; fi sleep 2 done if ! curl -fsS http://localhost:8080/ >/dev/null; then echo "Web UI did not start in time. Logs:" && docker logs mtg-smoke || true exit 1 fi docker rm -f mtg-smoke >/dev/null 2>&1 || true - name: Build & push arch image (amd64) id: build uses: docker/build-push-action@v6.18.0 with: context: . file: ./Dockerfile push: true platforms: linux/amd64 tags: ${{ steps.arch_tags.outputs.tags }} labels: ${{ needs.prepare.outputs.labels }} build-args: | APP_VERSION=${{ needs.prepare.outputs.version }} build_arm64: name: Build (arm64) runs-on: ubuntu-latest needs: prepare permissions: contents: read steps: - name: Checkout uses: actions/checkout@v5.0.0 - name: Prepare arm64 tag list (fallback) id: arch_tags shell: bash run: | echo "Generating arm64 tag variants (fallback)" >&2 TAGS='${{ needs.prepare.outputs.tags }}' # Exclude 'latest' so only final manifest produces plain 'latest' echo "$TAGS" | grep -v ':latest$' | sed 's/$/-arm64/' | grep . > tags.txt echo "tags<> $GITHUB_OUTPUT cat tags.txt >> $GITHUB_OUTPUT echo "EOF" >> $GITHUB_OUTPUT - name: Docker Hub login uses: docker/login-action@v3.5.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Set up QEMU (for emulation) uses: docker/setup-qemu-action@v3.6.0 - name: Set up Buildx uses: docker/setup-buildx-action@v3.11.1 - name: Build & push arch image (arm64 emulated) uses: docker/build-push-action@v6.18.0 with: context: . file: ./Dockerfile push: true platforms: linux/arm64 tags: ${{ steps.arch_tags.outputs.tags }} labels: ${{ needs.prepare.outputs.labels }} build-args: | APP_VERSION=${{ needs.prepare.outputs.version }} manifest: name: Create multi-arch manifests runs-on: ubuntu-latest needs: [prepare, build_amd64, build_arm64] steps: - name: Docker Hub login uses: docker/login-action@v3.5.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Create & push manifests shell: bash env: TAGS: ${{ needs.prepare.outputs.tags }} run: | echo "Creating multi-arch manifests (amd64 + arm64)..." VERSION_PRIMARY=$(echo "$TAGS" | grep -v ':latest$' | head -n1) echo "$TAGS" | while read -r tag; do [ -z "$tag" ] && continue echo "Processing $tag" # For 'latest', reuse the version tag's arch images (we did not push latest-amd64/-arm64) if [[ "$tag" == *":latest" ]]; then BASE="$VERSION_PRIMARY" else BASE="$tag" fi SOURCES="${BASE}-amd64" if docker buildx imagetools inspect "${BASE}-arm64" >/dev/null 2>&1; then echo "Found arm64 image tag: ${BASE}-arm64" SOURCES="$SOURCES ${BASE}-arm64" else echo "No arm64 image found for $tag (skipping arm64 in manifest)" >&2 fi docker buildx imagetools create -t "$tag" $SOURCES done echo "Done." - name: Inspect primary tag run: | FIRST=$(echo "$TAGS" | head -n1) docker buildx imagetools inspect "$FIRST"