docker-image #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: docker-image | |
| on: | |
| workflow_dispatch: | |
| push: | |
| tags: | |
| - v* | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| APP_NAME: CLIProxyAPI | |
| DOCKERHUB_REPO: ${{ secrets.DOCKERHUB_USERNAME }}/cli-proxy-api-plus | |
| GHCR_REPO: ghcr.io/${{ github.repository_owner }}/cli-proxy-api-plus | |
| jobs: | |
| docker_amd64: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Refresh models catalog | |
| run: | | |
| git fetch --depth 1 https://github.com/router-for-me/models.git main | |
| git show FETCH_HEAD:models.json > internal/registry/models/models.json | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Generate Build Metadata | |
| run: | | |
| echo "VERSION=${GITHUB_REF_NAME}" >> $GITHUB_ENV | |
| echo COMMIT=`git rev-parse --short HEAD` >> $GITHUB_ENV | |
| echo BUILD_DATE=`date -u +%Y-%m-%dT%H:%M:%SZ` >> $GITHUB_ENV | |
| - name: Build and push (amd64) | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| platforms: linux/amd64 | |
| push: true | |
| build-args: | | |
| VERSION=${{ env.VERSION }} | |
| COMMIT=${{ env.COMMIT }} | |
| BUILD_DATE=${{ env.BUILD_DATE }} | |
| tags: | | |
| ${{ env.DOCKERHUB_REPO }}:latest-amd64 | |
| ${{ env.DOCKERHUB_REPO }}:${{ env.VERSION }}-amd64 | |
| ${{ env.GHCR_REPO }}:latest-amd64 | |
| ${{ env.GHCR_REPO }}:${{ env.VERSION }}-amd64 | |
| docker_arm64: | |
| runs-on: ubuntu-24.04-arm | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Refresh models catalog | |
| run: | | |
| git fetch --depth 1 https://github.com/router-for-me/models.git main | |
| git show FETCH_HEAD:models.json > internal/registry/models/models.json | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Generate Build Metadata | |
| run: | | |
| echo "VERSION=${GITHUB_REF_NAME}" >> $GITHUB_ENV | |
| echo COMMIT=`git rev-parse --short HEAD` >> $GITHUB_ENV | |
| echo BUILD_DATE=`date -u +%Y-%m-%dT%H:%M:%SZ` >> $GITHUB_ENV | |
| - name: Build and push (arm64) | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| platforms: linux/arm64 | |
| push: true | |
| build-args: | | |
| VERSION=${{ env.VERSION }} | |
| COMMIT=${{ env.COMMIT }} | |
| BUILD_DATE=${{ env.BUILD_DATE }} | |
| tags: | | |
| ${{ env.DOCKERHUB_REPO }}:latest-arm64 | |
| ${{ env.DOCKERHUB_REPO }}:${{ env.VERSION }}-arm64 | |
| ${{ env.GHCR_REPO }}:latest-arm64 | |
| ${{ env.GHCR_REPO }}:${{ env.VERSION }}-arm64 | |
| docker_manifest: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - docker_amd64 | |
| - docker_arm64 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Generate Build Metadata | |
| run: | | |
| echo "VERSION=${GITHUB_REF_NAME}" >> $GITHUB_ENV | |
| echo COMMIT=`git rev-parse --short HEAD` >> $GITHUB_ENV | |
| echo BUILD_DATE=`date -u +%Y-%m-%dT%H:%M:%SZ` >> $GITHUB_ENV | |
| - name: Create and push multi-arch manifests (DockerHub) | |
| run: | | |
| docker buildx imagetools create \ | |
| --tag "${DOCKERHUB_REPO}:latest" \ | |
| "${DOCKERHUB_REPO}:latest-amd64" \ | |
| "${DOCKERHUB_REPO}:latest-arm64" | |
| docker buildx imagetools create \ | |
| --tag "${DOCKERHUB_REPO}:${VERSION}" \ | |
| "${DOCKERHUB_REPO}:${VERSION}-amd64" \ | |
| "${DOCKERHUB_REPO}:${VERSION}-arm64" | |
| - name: Create and push multi-arch manifests (GHCR) | |
| run: | | |
| docker buildx imagetools create \ | |
| --tag "${GHCR_REPO}:latest" \ | |
| "${GHCR_REPO}:latest-amd64" \ | |
| "${GHCR_REPO}:latest-arm64" | |
| docker buildx imagetools create \ | |
| --tag "${GHCR_REPO}:${VERSION}" \ | |
| "${GHCR_REPO}:${VERSION}-amd64" \ | |
| "${GHCR_REPO}:${VERSION}-arm64" | |
| - name: Cleanup temporary tags (DockerHub) | |
| continue-on-error: true | |
| env: | |
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | |
| DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | |
| run: | | |
| set -euo pipefail | |
| namespace="${DOCKERHUB_REPO%%/*}" | |
| repo_name="${DOCKERHUB_REPO#*/}" | |
| token="$( | |
| curl -fsSL \ | |
| -H 'Content-Type: application/json' \ | |
| -d "{\"username\":\"${DOCKERHUB_USERNAME}\",\"password\":\"${DOCKERHUB_TOKEN}\"}" \ | |
| 'https://hub.docker.com/v2/users/login/' \ | |
| | python3 -c 'import json,sys; print(json.load(sys.stdin)["token"])' | |
| )" | |
| delete_tag() { | |
| local tag="$1" | |
| local url="https://hub.docker.com/v2/repositories/${namespace}/${repo_name}/tags/${tag}/" | |
| local http_code | |
| http_code="$(curl -sS -o /dev/null -w "%{http_code}" -X DELETE -H "Authorization: JWT ${token}" "${url}" || true)" | |
| if [ "${http_code}" = "204" ] || [ "${http_code}" = "404" ]; then | |
| echo "Docker Hub tag removed (or missing): ${DOCKERHUB_REPO}:${tag} (HTTP ${http_code})" | |
| return 0 | |
| fi | |
| echo "Docker Hub tag delete failed: ${DOCKERHUB_REPO}:${tag} (HTTP ${http_code})" | |
| return 0 | |
| } | |
| delete_tag "latest-amd64" | |
| delete_tag "latest-arm64" | |
| delete_tag "${VERSION}-amd64" | |
| delete_tag "${VERSION}-arm64" | |
| - name: Cleanup temporary tags (GHCR) | |
| continue-on-error: true | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| set -euo pipefail | |
| owner="${{ github.repository_owner }}" | |
| package_name="cli-proxy-api-plus" | |
| delete_ghcr_tag() { | |
| local tag="$1" | |
| # Get the version ID for the tag | |
| local version_id | |
| version_id="$( | |
| gh api \ | |
| "users/${owner}/packages/container/${package_name}/versions" \ | |
| --paginate --jq ".[] | select(.metadata.container.tags[] == \"${tag}\") | .id" \ | |
| 2>/dev/null || true | |
| )" | |
| if [ -z "${version_id}" ]; then | |
| echo "GHCR tag not found (or already removed): ${tag}" | |
| return 0 | |
| fi | |
| if gh api --method DELETE \ | |
| "users/${owner}/packages/container/${package_name}/versions/${version_id}" \ | |
| 2>/dev/null; then | |
| echo "GHCR tag removed: ${tag}" | |
| else | |
| echo "GHCR tag delete failed: ${tag}" | |
| fi | |
| return 0 | |
| } | |
| delete_ghcr_tag "latest-amd64" | |
| delete_ghcr_tag "latest-arm64" | |
| delete_ghcr_tag "${VERSION}-amd64" | |
| delete_ghcr_tag "${VERSION}-arm64" |