name: "docker: build latest container" on: push: tags: - '*' workflow_dispatch: inputs: source_ref: description: 'Git ref to build (branch, tag, or commit SHA)' required: true default: 'master' image_tag: description: 'Docker tag to publish (without variant suffix)' required: true default: 'latest' variant: description: 'Variant to build manually' required: true type: choice default: all options: - all - standard - large_disk permissions: contents: read jobs: setup: runs-on: ubuntu-latest outputs: variants: ${{ steps.set-variants.outputs.variants }} steps: - name: Select variants for this run id: set-variants run: | if [ "${{ github.event_name }}" = "workflow_dispatch" ] && [ "${{ github.event.inputs.variant }}" != "all" ]; then variants="[\"${{ github.event.inputs.variant }}\"]" else variants='["standard","large_disk"]' fi echo "variants=$variants" >> "$GITHUB_OUTPUT" build: needs: [setup] runs-on: ubuntu-latest strategy: matrix: platform: [amd64, arm64, arm, 386] variant: ${{ fromJSON(needs.setup.outputs.variants) }} steps: - name: Checkout uses: actions/checkout@v6 with: ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.source_ref || github.ref }} - name: Free Disk Space run: | echo "Available disk space before cleanup:" df -h # Remove pre-installed tools sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc /opt/hostedtoolcache/CodeQL # Clean package managers sudo apt-get clean sudo rm -rf /var/lib/apt/lists/* # Clean Docker aggressively sudo docker system prune -af --volumes # Clean Go cache if it exists [ -d ~/.cache/go-build ] && rm -rf ~/.cache/go-build || true [ -d /go/pkg ] && rm -rf /go/pkg || true echo "Available disk space after cleanup:" df -h - name: Configure variant id: config run: | if [ "${{ matrix.variant }}" == "large_disk" ]; then echo "tag_suffix=_large_disk" >> $GITHUB_OUTPUT echo "build_args=TAGS=5BytesOffset" >> $GITHUB_OUTPUT else echo "tag_suffix=" >> $GITHUB_OUTPUT echo "build_args=" >> $GITHUB_OUTPUT fi - name: Docker meta id: docker_meta uses: docker/metadata-action@v5 with: images: | chrislusf/seaweedfs ghcr.io/chrislusf/seaweedfs tags: type=raw,value=${{ github.event_name == 'workflow_dispatch' && github.event.inputs.image_tag || 'latest' }},suffix=${{ steps.config.outputs.tag_suffix }} labels: | org.opencontainers.image.title=seaweedfs org.opencontainers.image.description=SeaweedFS is a distributed storage system for blobs, objects, files, and data lake, to store and serve billions of files fast! org.opencontainers.image.vendor=Chris Lu - name: Set up QEMU if: matrix.platform != 'amd64' uses: docker/setup-qemu-action@v3 - name: Create BuildKit config run: | cat > /tmp/buildkitd.toml <> $GITHUB_OUTPUT else echo "tag_suffix=" >> $GITHUB_OUTPUT fi - name: Docker meta id: docker_meta uses: docker/metadata-action@v5 with: images: | chrislusf/seaweedfs ghcr.io/chrislusf/seaweedfs tags: type=raw,value=${{ github.event_name == 'workflow_dispatch' && github.event.inputs.image_tag || 'latest' }},suffix=${{ steps.config.outputs.tag_suffix }} - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GHCR uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ secrets.GHCR_USERNAME }} password: ${{ secrets.GHCR_TOKEN }} - name: Install crane run: | # Install crane for efficient multi-arch image copying cd $(mktemp -d) curl -sL "https://github.com/google/go-containerregistry/releases/latest/download/go-containerregistry_Linux_x86_64.tar.gz" | tar xz sudo mv crane /usr/local/bin/ crane version - name: Create and push manifest run: | SUFFIX="${{ steps.config.outputs.tag_suffix }}" BASE_TAG="${{ github.event_name == 'workflow_dispatch' && github.event.inputs.image_tag || 'latest' }}" # Create manifest on GHCR first (no rate limits) echo "Creating GHCR manifest (no rate limits)..." docker buildx imagetools create -t ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX} \ ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX}-amd64 \ ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX}-arm64 \ ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX}-arm \ ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX}-386 # Copy the complete multi-arch image from GHCR to Docker Hub # This only requires one pull from GHCR (no rate limit) and one push to Docker Hub echo "Copying manifest from GHCR to Docker Hub..." # Function to retry with exponential backoff for Docker Hub operations retry_with_backoff() { local max_attempts=5 local timeout=1 local attempt=1 local exit_code=0 while [ $attempt -le $max_attempts ]; do if "$@"; then return 0 else exit_code=$? fi if [ $attempt -lt $max_attempts ]; then echo "Attempt $attempt failed. Retrying in ${timeout}s..." >&2 sleep $timeout timeout=$((timeout * 2)) fi attempt=$((attempt + 1)) done echo "Command failed after $max_attempts attempts" >&2 return $exit_code } # Use crane or skopeo to copy, fallback to docker if not available if command -v crane &> /dev/null; then echo "Using crane to copy..." retry_with_backoff crane copy ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX} chrislusf/seaweedfs:${BASE_TAG}${SUFFIX} elif command -v skopeo &> /dev/null; then echo "Using skopeo to copy..." retry_with_backoff skopeo copy --all docker://ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX} docker://chrislusf/seaweedfs:${BASE_TAG}${SUFFIX} else echo "Using docker buildx imagetools (pulling 4 images from Docker Hub)..." # Fallback: create manifest directly on Docker Hub (pulls from Docker Hub - rate limited) retry_with_backoff docker buildx imagetools create -t chrislusf/seaweedfs:${BASE_TAG}${SUFFIX} \ ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX}-amd64 \ ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX}-arm64 \ ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX}-arm \ ghcr.io/chrislusf/seaweedfs:${BASE_TAG}${SUFFIX}-386 fi