name: Create and publish Docker images on: release: types: - published env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} jobs: docker_build: runs-on: ${{ matrix.os }} strategy: matrix: include: - os: ubuntu-latest arch: amd64 run_tests: true - os: ubuntu-24.04-arm arch: arm64 run_tests: true permissions: contents: read packages: write steps: - name: Checkout repository uses: actions/checkout@v4 - name: Build and run firegex if: matrix.run_tests run: python3 start.py start -P testpassword - name: Run tests if: matrix.run_tests run: sudo apt-get install -y iperf3 && cd tests && ./run_tests.sh - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@master - name: Log in to the Container registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - name: Extract tag name id: tag run: echo TAG_NAME=$(echo $GITHUB_REF | cut -d / -f 3) >> $GITHUB_OUTPUT - name: Update version in setup.py run: >- sed -i "s/{{VERSION_PLACEHOLDER}}/${{ steps.tag.outputs.TAG_NAME }}/g" backend/utils/__init__.py; sed -i "s/{{VERSION_PLACEHOLDER}}/${{ steps.tag.outputs.TAG_NAME }}/g" fgex-lib/setup.py; sed -i "s/{{VERSION_PLACEHOLDER}}/${{ steps.tag.outputs.TAG_NAME }}/g" fgex-lib/firegex/__init__.py; - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: . builder: ${{ steps.buildx.outputs.name }} platforms: linux/${{ matrix.arch }} push: true tags: ${{ steps.meta.outputs.tags }}-${{ matrix.arch }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha,scope=${{ matrix.arch }} cache-to: type=gha,mode=max,scope=${{ matrix.arch }} docker_manifest: needs: docker_build runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Log in to the Container registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - name: Create and push multi-platform manifest run: | # Create manifest list docker manifest create ${{ steps.meta.outputs.tags }} \ ${{ steps.meta.outputs.tags }}-amd64 \ ${{ steps.meta.outputs.tags }}-arm64 docker manifest push ${{ steps.meta.outputs.tags }} create-rootfs-assets: runs-on: ubuntu-latest needs: [docker_manifest] permissions: contents: write packages: read steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up QEMU uses: docker/setup-qemu-action@master with: platforms: all - name: Set up Docker Buildx uses: docker/setup-buildx-action@master - name: Log in to the Container registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Get latest release tag id: get_tag run: | LATEST_TAG=$(curl -s https://api.github.com/repos/${{ github.repository }}/releases/latest | jq -r '.tag_name') echo "tag=$LATEST_TAG" >> $GITHUB_OUTPUT echo "Latest release tag: $LATEST_TAG" - name: Export rootfs for amd64 run: | echo "Creating and exporting amd64 container..." CONTAINER_ID=$(docker create --platform linux/amd64 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.get_tag.outputs.tag }}) docker export $CONTAINER_ID --output="firegex-rootfs-amd64.tar" docker rm $CONTAINER_ID echo "Compressing amd64 rootfs..." gzip firegex-rootfs-amd64.tar ls -lh firegex-rootfs-amd64.tar.gz - name: Export rootfs for arm64 run: | echo "Creating and exporting arm64 container..." CONTAINER_ID=$(docker create --platform linux/arm64 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.get_tag.outputs.tag }}) docker export $CONTAINER_ID --output="firegex-rootfs-arm64.tar" docker rm $CONTAINER_ID echo "Compressing arm64 rootfs..." gzip firegex-rootfs-arm64.tar ls -lh firegex-rootfs-arm64.tar.gz - name: Calculate checksums run: | echo "Calculating checksums..." sha256sum firegex-rootfs-amd64.tar.gz > firegex-rootfs-amd64.tar.gz.sha256 sha256sum firegex-rootfs-arm64.tar.gz > firegex-rootfs-arm64.tar.gz.sha256 cat *.sha256 - name: Upload rootfs assets to release run: | echo "Uploading assets to release ${{ steps.get_tag.outputs.tag }}..." gh release upload ${{ steps.get_tag.outputs.tag }} \ firegex-rootfs-amd64.tar.gz \ firegex-rootfs-amd64.tar.gz.sha256 \ firegex-rootfs-arm64.tar.gz \ firegex-rootfs-arm64.tar.gz.sha256 \ --clobber echo "Assets uploaded successfully!" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}