Skip to content

Trusted auctioneer

Trusted auctioneer #24

name: Build and Publish Docker image
# Trigger on pushes to astria branch, new semantic version tags, and pull request updates
on:
workflow_dispatch:
push:
branches:
- "main"
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
# trigger on pull request updates when target is `astria` branch
pull_request:
branches:
- "main"
jobs:
build-and-publish-latest:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
packages: write
steps:
# Checking out the repo
- uses: actions/checkout@v4
- uses: depot/setup-action@v1
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
# Setting up Go
- uses: actions/setup-go@v4
with:
go-version: "^1.21.x" # The Go version to download (if necessary) and use.
- run: go version
# https://github.com/docker/setup-qemu-action
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Log in to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Generate correct tabs and labels
- name: Docker metadata
id: metadata
uses: docker/metadata-action@v4
with:
images: |
ghcr.io/astriaorg/flame
tags: |
type=ref,event=pr
type=match,pattern=v(.*),group=1
type=sha
# set latest tag for `astria` branch
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
- name: Build and push
uses: depot/build-push-action@v1
with:
# this gets rid of the unknown/unknown image that is created without this setting
# https://github.com/docker/build-push-action/issues/820#issuecomment-1455687416
provenance: false
context: .
# It takes a long time to build the arm image right now, so we only build it on tags which is what we use for releases, or on merges to the default branch.
platforms: ${{ (contains(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
push: true
tags: ${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
project: w2d6w0spqz