name: "Docker build & push OnTop" on: workflow_call: inputs: base_docker_image_version: description: 'Base Docker Image version' type: string required: true tags: description: 'Comma separated tags' type: string required: true dockerfile_path: description: "Dockerfile path" type: string required: true ref: description: "Dockerfile ref or sha" type: string required: true workflow_dispatch: inputs: base_docker_image_version: description: 'Base Docker Image version' type: string required: true tags: description: 'Comma separated tags' type: string required: true dockerfile_path: description: "Dockerfile path" type: string required: true ref: description: "Dockerfile ref or sha" type: string required: true default: develop env: IMAGE_NAME: "${{ vars.DOCKERHUB_ORG }}/label-studio" jobs: docker_build: name: "Docker image (${{ matrix.platform }})" timeout-minutes: 90 runs-on: ${{ matrix.runner }} strategy: fail-fast: false matrix: include: - platform: linux/amd64 runner: ubuntu-latest - platform: linux/arm64 runner: ubuntu-24.04-arm steps: - uses: hmarr/debug-action@v3.0.0 - name: Prepare run: | platform=${{ matrix.platform }} echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV - name: Checkout id: checkout uses: actions/checkout@v6 with: submodules: 'recursive' ref: ${{ inputs.ref }} fetch-depth: 2147483647 - name: Edit Dockerfile env: BASE_DOCKER_IMAGE_VERSION: ${{ inputs.base_docker_image_version }} DOCKERFILE_PATH: ${{ inputs.dockerfile_path }} run: | sed -i "s#^FROM .*#FROM ${IMAGE_NAME}:${BASE_DOCKER_IMAGE_VERSION}#g" "${DOCKERFILE_PATH}" cat "${DOCKERFILE_PATH}" - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3.11.1 - name: Login to DockerHub uses: docker/login-action@v3.5.0 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Docker meta id: meta uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }} - name: Push Docker image (${{ matrix.platform }}) uses: docker/build-push-action@v6.18.0 id: docker_build_and_push with: context: . file: ${{ inputs.dockerfile_path }} platforms: ${{ matrix.platform }} sbom: true provenance: true tags: ${{ env.IMAGE_NAME }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=min outputs: type=image,push-by-digest=true,name-canonical=true,push=true - name: Export digest run: | mkdir -p ${{ runner.temp }}/digests digest="${{ steps.docker_build_and_push.outputs.digest }}" touch "${{ runner.temp }}/digests/${digest#sha256:}" - name: Upload digest uses: actions/upload-artifact@v6 with: name: digests-${{ env.PLATFORM_PAIR }} path: ${{ runner.temp }}/digests/* if-no-files-found: error retention-days: 1 merge_docker_manifest: runs-on: ubuntu-latest needs: - docker_build steps: - name: Download digests uses: actions/download-artifact@v7 with: path: ${{ runner.temp }}/digests pattern: digests-* merge-multiple: true - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Calculate Docker tags id: calculate-docker-tags uses: actions/github-script@v8 with: script: | core.setOutput('docker-tags', `${{ inputs.tags }}`.split(",").join("\n")) - name: Extract Docker metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }} tags: | ${{ steps.calculate-docker-tags.outputs.docker-tags }} - name: Create manifest list and push working-directory: ${{ runner.temp }}/digests run: | docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ $(printf '${{ env.IMAGE_NAME }}@sha256:%s ' *) - name: Inspect image run: | docker buildx imagetools inspect ${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}