diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml index 0a7109d4a..197237175 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/build-docker.yml @@ -17,12 +17,21 @@ on: paths: - .github/workflows/build-docker.yml +env: + UV_BASE_IMG: ghcr.io/${{ github.repository_owner }}/uv + jobs: - docker-publish: - name: Build Docker image (ghcr.io/astral-sh/uv) + docker-build: + name: Build Docker image (ghcr.io/astral-sh/uv) for ${{ matrix.platform }} runs-on: ubuntu-latest environment: name: release + strategy: + fail-fast: false + matrix: + platform: + - linux/amd64 + - linux/arm64 steps: - uses: actions/checkout@v4 with: @@ -40,7 +49,7 @@ jobs: id: meta uses: docker/metadata-action@v5 with: - images: ghcr.io/astral-sh/uv + images: ${{ env.UV_BASE_IMG }} - name: Check tag consistency if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }} @@ -55,14 +64,72 @@ jobs: echo "Releasing ${version}" fi - - name: "Build and push Docker image" + - name: Normalize Platform Pair (replace / with -) + run: | + platform=${{ matrix.platform }} + echo "PLATFORM_TUPLE=${platform//\//-}" >> $GITHUB_ENV + + # Adapted from https://docs.docker.com/build/ci/github-actions/multi-platform/ + - name: Build and push by digest + id: build uses: docker/build-push-action@v6 with: context: . - platforms: linux/amd64,linux/arm64 - # Reuse the builder - cache-from: type=gha - cache-to: type=gha,mode=max - push: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }} - tags: ghcr.io/astral-sh/uv:latest,ghcr.io/astral-sh/uv:${{ (inputs.plan != '' && fromJson(inputs.plan).announcement_tag) || 'dry-run' }} + platforms: ${{ matrix.platform }} + cache-from: type=gha,scope=uv-${{ env.PLATFORM_TUPLE }} + cache-to: type=gha,mode=min,scope=uv-${{ env.PLATFORM_TUPLE }} labels: ${{ steps.meta.outputs.labels }} + outputs: type=image,name=${{ env.UV_BASE_IMG }},push-by-digest=true,name-canonical=true,push=${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }} + + - name: Export digests + run: | + mkdir -p /tmp/digests + digest="${{ steps.build.outputs.digest }}" + touch "/tmp/digests/${digest#sha256:}" + + - name: Upload digests + uses: actions/upload-artifact@v4 + with: + name: digests-${{ env.PLATFORM_TUPLE }} + path: /tmp/digests/* + if-no-files-found: error + retention-days: 1 + + docker-publish: + name: Publish Docker image (ghcr.io/astral-sh/uv) + runs-on: ubuntu-latest + environment: + name: release + needs: + - docker-build + if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }} + steps: + - name: Download digests + uses: actions/download-artifact@v4 + with: + path: /tmp/digests + pattern: digests-* + merge-multiple: true + + - uses: docker/setup-buildx-action@v3 + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.UV_BASE_IMG }} + + - uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + # Adapted from https://docs.docker.com/build/ci/github-actions/multi-platform/ + - name: Create manifest list and push + working-directory: /tmp/digests + run: | + docker buildx imagetools create \ + -t ${{ env.UV_BASE_IMG }}:latest \ + -t ${{ env.UV_BASE_IMG }}:${{ (inputs.plan != '' && fromJson(inputs.plan).announcement_tag) || 'dry-run' }} \ + $(printf '${{ env.UV_BASE_IMG }}@sha256:%s ' *) diff --git a/Dockerfile b/Dockerfile index f5b70045f..2a4622296 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM --platform=$BUILDPLATFORM ubuntu as build +FROM --platform=$BUILDPLATFORM ubuntu AS build ENV HOME="/root" WORKDIR $HOME