Skip to content

Build docker images #1094

Build docker images

Build docker images #1094

Workflow file for this run

# GitHub actions workflow which builds and publishes the docker images. Four images can come from this run
# 1. A latest image which is based on an actual release, also tagged with version number in format 'v*.*.*'
# 2. A prerelease image which is based on release candidates. This is only tagged with a version, 'v*.*.*'
# 3. A nightly image, which is based on the develop branch and is cut at 1 UTC which is about 8pm in my timezone
# 4. A custom image, sourced from a remote repository. Give the workflow a custom repo in the format 'owner/repo'
# and a branch in the format 'custom-branch' and an image will be built and uploaded with the custom branch
# name as it's tag. Do not use characters in your branch name that are not docker tag approved, or the build
# will fail. Hyphens are ok, underscores and either slashes are not.
# All are automated builds, by checking the matrix-org repo once a day and if a new release is found building
# the image, or in the case of nightly just building it every night, even weekends(sometimes things get committed
# then too).
# Added 2023.03.16: Push to GHCR.io registry as well. According to:
# https://docs.github.com/en/actions/publishing-packages/publishing-docker-images#publishing-images-to-docker-hub-and-github-packages
# it is as simple as logging into both dockerhub and ghcr.io and then updating the tags to reference both places. It's unclear
# if the image to go to dockerhub should be prefixed with 'docker.io' or not. Write permissions active for 'packages' is an
# important detail.
# Added 2023.07.08: Build from custom repo and branch
# Mutated the unified dockerfile to remove the $FROM ARG and use build-contexts instead, which allows overriding
# the image pulled from the outside. Added in a a local registry to store the intermediate image built, as the
# local docker store won't allow access to built images directly(some kind of security issue?). Information came from:
# https://docs.docker.com/build/ci/github-actions/named-contexts and the normal docs for docker buildx.
# Also went ahead and reformatted this file and fixed some loose conditions.
# We rebuild Release, Pre-Release and Nightly if there is a human change(push) to the master branch. Earlier in the day, a different
# workflow will make updates to the release files and commit those changes. These changes are not detected here. A later scheduled
# run will check for these changes and build appropriate images. In the case of Nightly, it will be built every night.
# The conditions to look for are:
# schedule:
# release: steps.changes.outputs.release == true
# prelease: steps.changes.outputs.prerelease == true
# nightly: github.event_name == 'schedule'
#
# push: always rebuild all images
# workflow_dispatch: always rebuild all images if master branch is chosen
name: Build docker images
on:
schedule:
- cron: '0 1 * * *'
push:
branches:
- "master"
workflow_dispatch:
inputs:
branch:
type: choice
options:
- master
- custom
custom_repo:
custom_branch:
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
packages: write
jobs:
build-unified:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
- name: Checkout
uses: actions/checkout@v3
- uses: dorny/paths-filter@v2
# If the automated schedule for updating the version string has run and committed
# an update, it will not register as a push. Only human pushed changes register as
# such.
if: |
github.event_name == 'schedule'
id: changes
with:
base: 'master'
filters: |
release:
- 'release-versions/synapse-latest.txt'
prerelease:
- 'release-versions/synapse-prerelease.txt'
# - name: Set up QEMU
# id: qemu
# uses: docker/setup-qemu-action@v2
# with:
# platforms: arm64
- name: Get Release Version
id: get_release_version
if: |
github.event_name == 'push' ||
steps.changes.outputs.release == 'true' ||
github.event.inputs.branch == 'master'
run: |
echo "synapse_latest_version=$(cat release-versions/synapse-latest.txt)" >> $GITHUB_OUTPUT
- name: Get Pre-Release Version
id: get_prerelease_version
if: |
github.event_name == 'push' ||
steps.changes.outputs.prerelease == 'true' ||
github.event.inputs.branch == 'master'
run: |
echo "synapse_prerelease_version=$(cat release-versions/synapse-prerelease.txt)" >> $GITHUB_OUTPUT
- name: Grab Context
env:
EVENT_CONTEXT: ${{ toJSON(github) }}
STEPS_CONTEXT: ${{ toJSON(steps) }}
run: |
echo $EVENT_CONTEXT
- name: Grab Github ENV outputs
run: |
echo ${GITHUB_OUTPUT}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: network=host
- name: Log in to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log in to GHCR.io
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Push Latest Image
if: |
github.event_name == 'push' ||
steps.changes.outputs.release == 'true' ||
github.event.inputs.branch == 'master'
uses: docker/build-push-action@v4
with:
push: true
context: .
labels: "gitsha1=${{ github.sha }}"
tags: |
realtyem/synapse:latest
realtyem/synapse:${{ steps.get_release_version.outputs.synapse_latest_version }}
ghcr.io/realtyem/synapse:latest
ghcr.io/realtyem/synapse:${{ steps.get_release_version.outputs.synapse_latest_version }}
build-contexts: |
matrixdotorg/synapse=docker-image://matrixdotorg/synapse:${{ steps.get_release_version.outputs.synapse_latest_version }}
file: "Dockerfile-unified"
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build and Push Pre-Release Image
if: |
github.event_name == 'push' ||
steps.changes.outputs.prerelease == 'true' ||
github.event.inputs.branch == 'master'
uses: docker/build-push-action@v4
with:
push: true
context: .
labels: "gitsha1=${{ github.sha }}"
tags: |
realtyem/synapse:${{ steps.get_prerelease_version.outputs.synapse_prerelease_version }}
ghcr.io/realtyem/synapse:${{ steps.get_prerelease_version.outputs.synapse_prerelease_version }}
build-contexts: |
matrixdotorg/synapse=docker-image://matrixdotorg/synapse:${{ steps.get_prerelease_version.outputs.synapse_prerelease_version }}
file: "Dockerfile-unified"
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build and Push Nightly Image
if: |
github.event_name == 'push' ||
github.event_name == 'schedule' ||
github.event.inputs.branch == 'master'
uses: docker/build-push-action@v4
with:
push: true
context: .
tags: |
realtyem/synapse:nightly
ghcr.io/realtyem/synapse:nightly
build-contexts: |
matrixdotorg/synapse=docker-image://matrixdotorg/synapse:develop
file: "Dockerfile-unified"
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Experimental Image - Download external repo
if: github.event.inputs.branch == 'custom'
uses: actions/checkout@v3
with:
repository: ${{ github.event.inputs.custom_repo }}
ref: ${{ github.event.inputs.custom_branch }}
path: 'external_repo'
- name: Build Experimental Image from External Repo
if: github.event.inputs.branch == 'custom'
uses: docker/build-push-action@v4
with:
push: true
context: external_repo
tags: |
localhost:5000/externalimage:latest
file: "external_repo/docker/Dockerfile"
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: List docker images
if: github.event.inputs.branch == 'custom'
run: |
docker images -a
- name: Build and Push Experimental Image
if: github.event.inputs.branch == 'custom'
uses: docker/build-push-action@v4
with:
# ${{ github.event.inputs.custom_repo }}:${{ github.event.inputs.custom_branch }}
push: true
context: .
tags: |
docker.io/realtyem/synapse:${{ github.event.inputs.custom_branch }}
ghcr.io/realtyem/synapse:${{ github.event.inputs.custom_branch }}
build-contexts: |
matrixdotorg/synapse=docker-image://localhost:5000/externalimage:latest
file: "Dockerfile-unified"
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build and Push Pull Request(develop only) Image
if: |
github.event_name == 'pull_request'
uses: docker/build-push-action@v4
with:
push: true
context: .
tags: |
realtyem/synapse:${{ github.head_ref }}
ghcr.io/realtyem/synapse:${{ github.head_ref }}
build-contexts: |
matrixdotorg/synapse=docker-image://matrixdotorg/synapse:develop
file: "Dockerfile-unified"
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max