# docker-build.yml --- name: Docker Build on: push: branches: - "**" pull_request: jobs: docker: runs-on: ubuntu-latest env: # Bring secrets into the job env so we can check them from shell steps REGISTRY: ${{ secrets.REGISTRY }} REGISTRY_USER: ${{ secrets.REGISTRY_USER }} REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Show git status (debug) run: | echo "GIT dir: $(pwd)" git --version git rev-parse --abbrev-ref HEAD || true git remote -v || true - name: Set IMAGE env (uses $GITHUB_SHA) run: | if [ -n "${REGISTRY}" ]; then echo "IMAGE=${REGISTRY}/vitrify.me:${GITHUB_SHA}" >> $GITHUB_ENV else echo "IMAGE=vitrify.me:${GITHUB_SHA}" >> $GITHUB_ENV fi echo "IMAGE computed: $IMAGE" - name: Set up QEMU (for multi-platform builds) uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to registry (only if secrets present) if: ${{ secrets.REGISTRY && secrets.REGISTRY_USER && secrets.REGISTRY_PASSWORD }} uses: docker/login-action@v3 with: registry: ${{ secrets.REGISTRY }} username: ${{ secrets.REGISTRY_USER }} password: ${{ secrets.REGISTRY_PASSWORD }} - name: Build (and push only if logged in) uses: docker/build-push-action@v6 with: context: . file: ./Dockerfile platforms: linux/amd64,linux/arm64 push: ${{ secrets.REGISTRY && secrets.REGISTRY_USER && secrets.REGISTRY_PASSWORD }} tags: ${{ env.IMAGE }} - name: Inspect image (local) if: ${{ ! (secrets.REGISTRY && secrets.REGISTRY_USER && secrets.REGISTRY_PASSWORD) }} run: | echo "Built local image ${IMAGE}" docker images | grep vitrify.me || true