name: Build and Push Container Image on: push: branches: - main paths-ignore: - "deploy/**" env: REGISTRY: reg.milasholsting.dk IMAGE_NAME: taskarr/taskarr jobs: build-and-push: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: config-inline: | [registry."reg.milasholsting.dk"] http = false insecure = true - name: Log in to the Container registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ secrets.REGISTRY_USER }} password: ${{ secrets.REGISTRY_PASSWORD }} - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5 flavor: latest=false with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=sha,prefix=sha-,format=short type=raw,value=latest - name: Build and push Docker image uses: docker/build-push-action@v5 with: context: . file: ./Containerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} build-args: | DATABASE_URL="posgres://no:account@nowhere/db" cache-from: type=gha cache-to: type=gha,mode=max - name: Extract metadata for Migrator id: meta-migrator uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-migrator tags: | type=sha,prefix=sha-,format=short type=raw,value=latest - name: Build and push Migrator image uses: docker/build-push-action@v5 with: context: . file: ./Containerfile.migrator push: true tags: ${{ steps.meta-migrator.outputs.tags }} labels: ${{ steps.meta-migrator.outputs.labels }} build-args: | DATABASE_URL=${{ secrets.DATABASE_URL }} cache-from: type=gha cache-to: type=gha,mode=max - name: Install Kustomize run: | curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash sudo mv kustomize /usr/local/bin/ - name: Update Kustomize run: | # 1. Extract specifically the SHA tag from the metadata outputs # This looks at the JSON output and finds the tag matching our 'sha-' prefix IMAGE_TAG=$(echo '${{ steps.meta.outputs.json }}' | jq -r '.tags[] | select(contains("sha-"))' | cut -d: -f2) echo "Targeting Tag: $IMAGE_TAG" # 2. Update the manifest cd deploy/overlays/production kustomize edit set image election=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:$IMAGE_TAG kustomize edit set image election-migration=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-migrator:$IMAGE_TAG - name: Commit and Push Change run: | # 1. Set identity to fix the "Author identity unknown" error git config user.name "Gitea Action" git config user.email "actions@gitea.io" # 2. Stage the change git add deploy/overlays/production/kustomization.yaml # 3. Only commit if the file actually changed (prevents empty commit errors) if git diff --staged --quiet; then echo "No changes to commit" else git commit -m "chore(deploy): update image to ${{ steps.meta.outputs.version }}" git push origin master fi