Skip to content

feat(infrastructure): development-capable simple-webapp template #460

feat(infrastructure): development-capable simple-webapp template

feat(infrastructure): development-capable simple-webapp template #460

Workflow file for this run

name: Container Image Build and Push
on:
release:
types: [created]
push:
tags:
- 'v*'
# On PRs, the jobs below run in build-only mode (push: false, single-arch)
# so a broken Dockerfile or build context is caught before a release tag.
pull_request:
branches: [main]
permissions:
contents: read
packages: write
id-token: write
env:
REGISTRY: ghcr.io
HUB_IMAGE_NAME: ${{ github.repository }}-hub
AGENT_IMAGE_NAME: ${{ github.repository }}-agent
jobs:
build-and-push-hub-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Log in to the Container registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.HUB_IMAGE_NAME }}
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
file: ./deploy/Dockerfile.hub
# Multi-arch on release; single-arch build-only on PRs (no QEMU emulation cost).
platforms: ${{ github.event_name == 'pull_request' && 'linux/amd64' || 'linux/amd64,linux/arm64' }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
VERSION=${{ github.ref_name }}
GIT_COMMIT=${{ github.sha }}
BUILD_DATE=${{ github.event.release.created_at }}
# PR-only validation that every provider Dockerfile + build context still
# builds, before the split sync ever reaches a mirror. Each provider is a
# self-contained build context (providers/<name>/). These builds are NEVER
# pushed here — provider images are published per-provider, stamped with the
# provider's own version, by provider-release.yaml on a `providers/<name>/v*`
# tag. (Publishing here would tag provider images with the hub version.)
build-and-push-provider-images:
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
include:
- name: quickstart
image: ${{ github.repository_owner }}/kedge-quickstart-provider
- name: infrastructure
image: ${{ github.repository_owner }}/kedge-infrastructure-provider
- name: code
image: ${{ github.repository_owner }}/kedge-code-provider
- name: kuery
image: ${{ github.repository_owner }}/kedge-kuery-provider
- name: app-studio
image: ${{ github.repository_owner }}/kedge/app-studio-provider
- name: databricks
image: ${{ github.repository_owner }}/kedge-databricks-provider
# Companion image of the infrastructure provider (the dev-agent its
# kro backend injects into development-mode pods); published by
# provider-release.yaml on the infrastructure provider's tag.
- name: infrastructure/dev-agent
image: ${{ github.repository_owner }}/kedge-dev-agent
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Log in to the Container registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ matrix.image }}
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: ./providers/${{ matrix.name }}
file: ./providers/${{ matrix.name }}/Dockerfile
# Multi-arch on release; single-arch build-only on PRs (no QEMU emulation cost).
platforms: ${{ github.event_name == 'pull_request' && 'linux/amd64' || 'linux/amd64,linux/arm64' }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-and-push-agent-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Log in to the Container registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
file: ./deploy/Dockerfile.agent
# Multi-arch on release; single-arch build-only on PRs (no QEMU emulation cost).
platforms: ${{ github.event_name == 'pull_request' && 'linux/amd64' || 'linux/amd64,linux/arm64' }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
VERSION=${{ github.ref_name }}
GIT_COMMIT=${{ github.sha }}
BUILD_DATE=${{ github.event.release.created_at }}