name: Release (Production) on: workflow_dispatch: {} push: tags: - "v[0-9]+.[0-9]+.[0-9]+" - "**/v[0-9]+.[0-9]+.[0-9]+" jobs: lint: name: Lint runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: go-version: stable - name: golangci-lint uses: golangci/golangci-lint-action@v6 with: version: v1.60 test: name: Test strategy: matrix: go-version: - 1.23.x platform: - ubuntu-latest - macos-latest - windows-latest runs-on: ${{ matrix.platform }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up Go uses: actions/setup-go@v5 with: go-version: 1.23.x - name: Run tests run: | go test ./... -coverprofile coverage.out build: name: Build runs-on: ubuntu-latest permissions: packages: write contents: read attestations: write id-token: write needs: - test - lint env: CGO_ENABLED: 0 TAG: ${{ github.ref_name }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up Go uses: actions/setup-go@v5 with: go-version: 1.23.x - name: Login to Docker Hub uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GHCR uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1 with: version: v0.155.0 args: --debug env: GITHUB_TOKEN: ${{ secrets.BOT_GHCR_PAT }} - name: Enable experimental docker features run: | mkdir -p ~/.docker/ && \ echo '{"experimental": "enabled"}' > ~/.docker/config.json - name: Create GHCR manifests for version and latest and push to GHCR env: GHCR_USER: ${{ secrets.BOT_USERNAME }} GHCR_TOKEN: ${{ secrets.BOT_GHCR_PAT }} run: | echo $GHCR_TOKEN | docker login ghcr.io -u $GHCR_USER --password-stdin && \ export DH_TAG=$(git tag --points-at HEAD | sed 's/^v*//') && \ # Create latest manifest docker manifest create \ ghcr.io/nicholas-fedor/watchtower:latest \ ghcr.io/nicholas-fedor/watchtower:amd64-latest \ ghcr.io/nicholas-fedor/watchtower:i386-latest \ ghcr.io/nicholas-fedor/watchtower:armhf-latest \ ghcr.io/nicholas-fedor/watchtower:arm64v8-latest # Create versioned manifest docker manifest create \ ghcr.io/nicholas-fedor/watchtower:$DH_TAG \ ghcr.io/nicholas-fedor/watchtower:amd64-$DH_TAG \ ghcr.io/nicholas-fedor/watchtower:i386-$DH_TAG \ ghcr.io/nicholas-fedor/watchtower:armhf-$DH_TAG \ ghcr.io/nicholas-fedor/watchtower:arm64v8-$DH_TAG # Latest manifest annotation # for REPO in '' ghcr.io/ ; do # docker manifest annotate \ # ${REPO}nicholas-fedor/watchtower:latest \ # ${REPO}nicholas-fedor/watchtower:i386-latest \ # --os linux \ # --arch 386 # docker manifest annotate \ # ${REPO}nicholas-fedor/watchtower:latest \ # ${REPO}nicholas-fedor/watchtower:armhf-latest \ # --os linux \ # --arch arm # docker manifest annotate \ # ${REPO}nicholas-fedor/watchtower:latest \ # ${REPO}nicholas-fedor/watchtower:arm64v8-latest \ # --os linux \ # --arch arm64 \ # --variant v8 # done # Versioned manifest annotation # for REPO in '' ghcr.io/ ; do # docker manifest annotate \ # ${REPO}nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') \ # ${REPO}nicholas-fedor/watchtower:i386-$(echo $TAG | sed 's/^v*//') \ # --os linux \ # --arch 386 # docker manifest annotate \ # ${REPO}nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') \ # ${REPO}nicholas-fedor/watchtower:armhf-$(echo $TAG | sed 's/^v*//') \ # --os linux \ # --arch arm # docker manifest annotate \ # ${REPO}nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') \ # ${REPO}nicholas-fedor/watchtower:arm64v8-$(echo $TAG | sed 's/^v*//') \ # --os linux \ # --arch arm64 \ # --variant v8 # done # Push manifests to GHCR docker manifest push ghcr.io/nicholas-fedor/watchtower:latest docker manifest push ghcr.io/nicholas-fedor/watchtower:$(echo $TAG | sed 's/^v*//') - name: Create Docker Hub manifests for version and latest and push to Docker Hub env: DOCKER_USER: ${{ secrets.DOCKERHUB_USERNAME }} DOCKER_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} run: | echo $DOCKER_TOKEN | docker login -u $DOCKER_USER --password-stdin && \ export DH_TAG=$(git tag --points-at HEAD | sed 's/^v*//') && \ # Create latest manifest docker manifest create \ nickfedor/watchtower:latest \ nickfedor/watchtower:amd64-latest \ nickfedor/watchtower:i386-latest \ nickfedor/watchtower:armhf-latest \ nickfedor/watchtower:arm64v8-latest # Create versioned manifest docker manifest create \ nickfedor/watchtower:$DH_TAG \ nickfedor/watchtower:amd64-$DH_TAG \ nickfedor/watchtower:i386-$DH_TAG \ nickfedor/watchtower:armhf-$DH_TAG \ nickfedor/watchtower:arm64v8-$DH_TAG # Push manifests to Docker Hub docker manifest push nickfedor/watchtower:latest docker manifest push nickfedor/watchtower:$(echo $TAG | sed 's/^v*//')