Make latest a multi-arch tag in the normal deploy flow#377
Open
Wuodan wants to merge 12 commits intonikolaik:mainfrom
Open
Make latest a multi-arch tag in the normal deploy flow#377Wuodan wants to merge 12 commits intonikolaik:mainfrom
Wuodan wants to merge 12 commits intonikolaik:mainfrom
Conversation
Keep nikolaik/python-nodejs as the default image name in the workflow, but resolve it through a GitHub Actions variable so forks can publish to a different image without changing the repository. Forks can set IMAGE_NAME in Actions variables or in workflow run configuration. That keeps the default behavior unchanged here while avoiding fork-specific edits in PRs.
Allow manual workflow runs from GitHub Actions with a force option and an optional IMAGE_NAME override. This makes it possible to test publish flows without overwriting the real published images tags.
Replace the QEMU-based multi-platform build with native amd64 and arm64 runner jobs, then publish the final image tags by assembling a manifest from the architecture-specific tags. Fixes nikolaik#258. Run the smoke test suite against each architecture-specific image before publishing the final manifest, instead of only testing the locally loaded amd64 image. The build-matrix helper now emits an architecture-expanded matrix for the workflow, and the new unit test covers that expansion. Fixes nikolaik#314.
Split the per-architecture workflow so each image is built locally, smoke-tested, and only then pushed to Docker Hub as an architecture-specific tag. This avoids publishing untested architecture images and keeps Docker Hub out of the build phase, so public base-image pulls are no longer attributed to the authenticated Docker Hub account.
Replace the deploy-side use of `docker buildx imagetools create` with a local `docker manifest create` followed by authenticated `docker manifest push`. This keeps the manifest assembly step anonymous and delays Docker Hub login until the actual publish step, which reduces authenticated rate-limit failures during multi-arch manifest publication.
Determine the canonical latest image from the current build set and publish `latest` during the normal deploy flow alongside the corresponding versioned tag. This replaces the separate `latest` build path, so `latest` is published for all supported architectures without relying on a separate Docker Hub build. Remove the root Dockerfile because it only existed for the separate Docker Hub Automated Build path. Any Docker Hub automated build still configured to use that file must be disabled in Docker Hub. Fixes nikolaik#263.
Address review feedback on PR nikolaik#373 by renaming the manual image override input and reformatting long shell commands for readability.
…replace-qemu-with-arm64-runner # Conflicts: # .github/workflows/build.yaml
…tream-PR/04-fix-latest-tag-missing-for-arm64 # Conflicts: # .github/workflows/build.yaml
…tream-PR/04-fix-latest-tag-missing-for-arm64
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Determine the canonical latest image from the current build set and publish
latestduring the normal deploy flow alongside the corresponding versioned tag.This replaces the separate
latestbuild path, solatestis published for all supported architectures without relying on a separate Docker Hub build.Remove the root Dockerfile because it only existed for the separate Docker Hub Automated Build path. Any Docker Hub automated build still configured to use that file must be disabled in Docker Hub.
Fixes #263.