# Builds and pushes a multi-arch Docker image to the Gitea container registry # whenever a semver tag (v*.*.*) is pushed. # # One-time setup required: # 1. Create a Gitea token with "package:write" scope. # 2. Add it as a repository secret named GITEA_TOKEN # (Repository → Settings → Secrets → Actions). # # After a successful run the image is available at: # //: name: Docker Publish on: push: tags: - 'v*.*.*' jobs: build-push: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 # Strip the protocol from the server URL to get the registry hostname. # e.g. https://gitea.example.com → gitea.example.com - name: Derive registry hostname run: | echo "REGISTRY=$(echo '${{ gitea.server_url }}' | sed 's|https://||;s|http://||')" >> $GITHUB_ENV # Generates OCI-compliant tags and labels from the git tag. # v1.2.3 → image tags: 1.2.3 / 1.2 / 1 - name: Extract Docker metadata id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ gitea.repository }} tags: | type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} # QEMU enables emulation of arm64 on the amd64 runner. - name: Set up QEMU uses: docker/setup-qemu-action@v3 # BuildKit driver required for multi-platform builds and layer caching. - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Log in to Gitea registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ gitea.actor }} password: ${{ secrets.GITEA_TOKEN }} - name: Build and push uses: docker/build-push-action@v5 with: context: . platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} # Registry-based layer cache — survives between runs without a separate cache store. cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ gitea.repository }}:buildcache cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ gitea.repository }}:buildcache,mode=max