ci: add Docker build and publish workflow

Add GitHub Actions workflow job to build and publish Docker images to GitHub Container Registry. Images are pushed on master branch commits and tags, with appropriate tagging strategy including semver, branch refs, and SHA.
2025-12-15 06:11:39 -06:00 · 2025-12-11 17:28:43 -06:00
parent e23c01e4fd
commit 65aa9d66d3
1 changed files with 42 additions and 0 deletions
--- a/.github/workflows/quality.yaml
+++ b/.github/workflows/quality.yaml
@@ -90,3 +90,45 @@ jobs:

      - name: Build
        run: pnpm build
+
+  docker:
+    name: Docker
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=sha
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: ${{ github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/') }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max