name: Build and Push Docker Images on: pull_request: branches: - main - dev release: types: - published workflow_dispatch: inputs: push: description: Push images to registry required: false type: boolean default: false env: REGISTRY: ghcr.io permissions: contents: read packages: write jobs: build: runs-on: ubuntu-latest strategy: matrix: image: [backend, frontend] steps: - name: Checkout repository uses: actions/checkout@v5 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to Container Registry if: github.event_name != 'workflow_dispatch' || github.event_name == 'workflow_dispatch' && github.event.inputs.push == 'true' uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.repository_owner }} # Using PAT as a hack due to issues with GITHUB_TOKEN and package permissions # This should be reverted to use GITHUB_TOKEN once a solution is discovered. password: ${{ secrets.GHCR_PAT }} - name: Extract metadata (tags, labels) id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/patchmon-${{ matrix.image }} tags: | type=ref,event=pr type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} type=raw,value=latest,enable={{is_default_branch}} - name: Build and push ${{ matrix.image }} image if: github.event_name != 'workflow_dispatch' || github.event_name == 'workflow_dispatch' && github.event.inputs.push == 'true' uses: docker/build-push-action@v6 with: context: . file: docker/${{ matrix.image }}.Dockerfile platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha,scope=${{ matrix.image }} cache-to: type=gha,mode=max,scope=${{ matrix.image }}