.github/workflows/docker-image.yml

name: docker-image

on:
  push:
    tags:
      - 'v*'
    paths-ignore:
      - '**.md'
      - '.github/workflows/docs.yml'

jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Prepare
        id: prepare
        run: |
          DOCKER_IMAGE=smallstep/step-ca-bootstrap
          DOCKER_PLATFORMS=linux/amd64,linux/386,linux/arm,linux/arm64
          VERSION=latest
          if [[ $GITHUB_REF == refs/tags/* ]]; then
            VERSION="${GITHUB_REF#refs/tags/v}"
          fi
          TAGS="--tag ${DOCKER_IMAGE}:${VERSION}"
          if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
            TAGS="$TAGS --tag ${DOCKER_IMAGE}:latest"
          fi
          # shellcheck disable=SC2129
          echo "docker_image=${DOCKER_IMAGE}" >> "${GITHUB_OUTPUT}"
          echo "version=${VERSION}" >> "${GITHUB_OUTPUT}"
          echo "buildx_args=--platform ${DOCKER_PLATFORMS} \
            --build-arg VERSION=${VERSION} \
            --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \
            --build-arg VCS_REF=${GITHUB_SHA::8} \
            ${TAGS} --file docker/step-ca-bootstrap/Dockerfile docker/step-ca-bootstrap/" >> "${GITHUB_OUTPUT}"
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v3
      - name: Docker Buildx (build)
        run: |
          docker buildx build --output "type=image,push=false" ${{ steps.prepare.outputs.buildx_args }}
      - name: Login to DockerHub
        if: success() && github.event_name != 'pull_request' && (endsWith(github.ref, github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))
        run: |
          echo '${{ secrets.DOCKER_PASSWORD }}' | docker login -u="${{ secrets.DOCKER_USERNAME }}" --password-stdin
      - name: Docker Buildx (push)
        if: success() && github.event_name != 'pull_request' && (endsWith(github.ref, github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))
        run: |
          docker buildx build --output "type=image,push=true" ${{ steps.prepare.outputs.buildx_args }}
      - name: Docker Check Manifest
        if: success() && github.event_name != 'pull_request' && (endsWith(github.ref, github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/'))
        run: |
          docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }}