name: Docker Build on: push: branches: [ main, dev ] tags: - 'v*' pull_request: branches: [ main ] workflow_dispatch: env: GHCR_REGISTRY: ghcr.io DOCKER_REGISTRY: docker.io IMAGE_NAME: ${{ github.repository }} DOCKER_HUB_IMAGE: mskmind/mosaic jobs: build: name: Build Docker Image runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up SSH key for private repos uses: webfactory/ssh-agent@v0.9.0 with: ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to GitHub Container Registry if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: registry: ${{ env.GHCR_REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Log in to Docker Hub if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' uses: docker/login-action@v3 with: registry: ${{ env.DOCKER_REGISTRY }} username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Extract metadata for GHCR id: meta-ghcr uses: docker/metadata-action@v5 with: images: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=ref,event=branch type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=sha,prefix=sha- - name: Extract metadata for Docker Hub id: meta-dockerhub if: github.ref == 'refs/heads/main' uses: docker/metadata-action@v5 with: images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_HUB_IMAGE }} tags: | type=raw,value=latest type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=sha - name: Build and push to GHCR uses: docker/build-push-action@v5 with: context: . push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta-ghcr.outputs.tags }} labels: ${{ steps.meta-ghcr.outputs.labels }} ssh: default=${{ env.SSH_AUTH_SOCK }} secrets: | GH_TOKEN=${{ secrets.GH_PAT || secrets.GITHUB_TOKEN }} cache-from: type=gha cache-to: type=gha,mode=max - name: Build and push to Docker Hub if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' uses: docker/build-push-action@v5 with: context: . push: true tags: ${{ steps.meta-dockerhub.outputs.tags }} labels: ${{ steps.meta-dockerhub.outputs.labels }} ssh: default=${{ env.SSH_AUTH_SOCK }} secrets: | GH_TOKEN=${{ secrets.GH_PAT || secrets.GITHUB_TOKEN }} cache-from: type=gha - name: Docker Summary run: | echo "## Docker Build :whale:" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "### GitHub Container Registry" >> $GITHUB_STEP_SUMMARY echo "Registry: ${{ env.GHCR_REGISTRY }}" >> $GITHUB_STEP_SUMMARY echo "Image: ${{ env.IMAGE_NAME }}" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "**Tags:**" >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY echo "${{ steps.meta-ghcr.outputs.tags }}" >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY if [ "${{ github.ref }}" == "refs/heads/main" ]; then echo "" >> $GITHUB_STEP_SUMMARY echo "### Docker Hub" >> $GITHUB_STEP_SUMMARY echo "Registry: ${{ env.DOCKER_REGISTRY }}" >> $GITHUB_STEP_SUMMARY echo "Image: ${{ env.DOCKER_HUB_IMAGE }}" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "**Tags:**" >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY echo "${{ steps.meta-dockerhub.outputs.tags }}" >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY fi