.github/workflows/build-and-push-runners.yaml


# TODO SHAs and updating them
# TODO check metadata action
# 
# https://docs.github.com/en/actions/use-cases-and-examples/publishing-packages/publishing-docker-images
# https://github.com/marketplace/actions/build-and-push-docker-images

name: Multiplatform Build with Runners

on:
  push:

jobs:
  armbuild:
    runs-on: [linux-arm-for-testing]
    outputs:
      digest: ${{ steps.build.outputs.digest }}
    steps:
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      -
        name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        id: build
        name: Build and push
        uses: docker/build-push-action@v6
        with:
          platforms: linux/arm64
          push: true
          tags: amouat/images-bite-back:arm-runner-${{ github.RUN_ID }}

  x86build:
    runs-on: [ubuntu-latest-2-cores-testing]
    outputs:
      digest: ${{ steps.build.outputs.digest }}
    steps:
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      -
        name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        id: build
        name: Build and push
        uses: docker/build-push-action@v6
        with:
          platforms: linux/x86_64
          push: true
          tags: amouat/images-bite-back:x86-runner-${{ github.RUN_ID }}

  manifest:
    needs: [x86build, armbuild]
    runs-on: ubuntu-latest
    steps:
      -
        name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - 
        name: Install crane
        uses: imjasonh/setup-crane@v0.4
      -
        name: Create and Push Multi-Platform Manifest
        run: |
          X86DIGEST=$(crane digest --platform linux/amd64 amouat/images-bite-back@${{ needs.x86build.outputs.digest }})
          ARMDIGEST=$(crane digest --platform linux/arm64 amouat/images-bite-back@${{ needs.armbuild.outputs.digest }})
          docker manifest create amouat/images-bite-back:multiplatorm-${{ github.RUN_ID }} \
            amouat/images-bite-back@$X86DIGEST \
            amouat/images-bite-back@$ARMDIGEST
          docker manifest push amouat/images-bite-back:multiplatorm-${{ github.RUN_ID }}


#name: Publish Docker image
#
#on:
#  release:
#    types: [published]
#
#jobs:
#  push_to_registries:
#    name: Push Docker image to multiple registries
#    runs-on: ubuntu-latest
#    permissions:
#      packages: write
#      contents: read
#      attestations: write
#      id-token: write
#    steps:
#      - name: Check out the repo
#        uses: actions/checkout@v4
#
#      - name: Log in to Docker Hub
#        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
#        with:
#          username: ${{ secrets.DOCKER_USERNAME }}
#          password: ${{ secrets.DOCKER_PASSWORD }}
#
#      - name: Log in to the Container registry
#        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
#        with:
#          registry: ghcr.io
#          username: ${{ github.actor }}
#          password: ${{ secrets.GITHUB_TOKEN }}
#
#      - name: Extract metadata (tags, labels) for Docker
#        id: meta
#        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
#        with:
#          images: |
#            my-docker-hub-namespace/my-docker-hub-repository
#            ghcr.io/${{ github.repository }}
#
#      - name: Build and push Docker images
#        id: push
#        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
#        with:
#          context: .
#          push: true
#          tags: ${{ steps.meta.outputs.tags }}
#          labels: ${{ steps.meta.outputs.labels }}
#
#      - name: Generate artifact attestation
#        uses: actions/attest-build-provenance@v1
#        with:
#          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
#          subject-digest: ${{ steps.push.outputs.digest }}
#          push-to-registry: true