Files
hermes-workspace/.github/workflows/docker-publish.yml
2026-05-01 11:03:49 -04:00

110 lines
3.1 KiB
YAML

name: Build & publish Docker image
# Publishes Hermes Workspace to GitHub Container Registry (GHCR) so users
# can deploy via Coolify / Easypanel / Dokploy / any Docker host with:
#
# image: ghcr.io/outsourc-e/hermes-workspace:latest
#
# Triggers:
# - push to main -> tags: latest, main, main-<sha>
# - push a git tag v* -> tags: <version>, <major>.<minor>, latest
# - manual dispatch -> tags: latest
on:
push:
branches: [main]
tags: ['v*']
workflow_dispatch:
permissions:
contents: read
packages: write
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build-and-push:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract image metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest,enable={{is_default_branch}}
type=ref,event=branch
type=ref,event=tag
type=sha,prefix=main-,enable={{is_default_branch}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
- name: Build smoke-test image
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
load: true
tags: hermes-workspace:smoke
cache-from: type=gha
- name: Smoke test container startup
run: |
set -euo pipefail
cid=$(docker run -d \
-p 127.0.0.1:3000:3000 \
-e HERMES_API_URL=http://127.0.0.1:8642 \
-e CLAUDE_PASSWORD=ci-smoke-test-password \
hermes-workspace:smoke)
trap 'docker logs "$cid" || true; docker rm -f "$cid" || true' EXIT
for _ in $(seq 1 30); do
status=$(docker inspect -f '{{.State.Status}} {{.State.ExitCode}}' "$cid")
case "$status" in
exited*)
echo "Container exited before becoming healthy: $status"
exit 1
;;
esac
if curl -fsS http://127.0.0.1:3000/ >/dev/null; then
echo "Container stayed alive and served HTTP successfully"
exit 0
fi
sleep 2
done
echo "Container did not become ready before timeout"
exit 1
- name: Build & push
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max