Go/.gitea/workflows/docker.yml

name: Docker Image

on:
  push:
    branches:
      - main
    tags:
      - "v*"
  pull_request:
    branches:
      - "main"

env:
  BUILDKIT_NO_CLIENT_TOKEN: 1

jobs:
  build-docker:
    runs-on: ubuntu-latest
    container:
      image: catthehacker/ubuntu:act-20.04
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0 # all history for all branches and tags

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v2

      - name: Setup docker context for buildx
        id: buildx-context
        run: docker context create builders || docker context use builders

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
        with:
          endpoint: builders
          config-inline: |
            debug = true
            insecure-entitlements = [ "network.host", "security.insecure" ]

      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Docker meta
        id: docker-meta
        uses: docker/metadata-action@v5
        with:
          images: |
            gitea/example-go
          tags: |
            type=raw,value=latest,enable={{is_default_branch}}
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=semver,pattern={{major}}

      - name: Build and push
        uses: docker/build-push-action@v4
        env:
          ACTIONS_RUNTIME_TOKEN: ""
        with:
          context: .
          platforms: linux/amd64
          file: docker/Dockerfile
          push: ${{ github.event_name != 'pull_request' }}
          tags: ${{ steps.docker-meta.outputs.tags }}
          labels: ${{ steps.docker-meta.outputs.labels }}
          provenance: false
          sbom: false