Skip to content

feat(ci): improve Docker workflow with Buildx, caching and semver tags #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
devZenta merged 1 commit into from
Dec 28, 2025
Merged

feat(ci): improve Docker workflow with Buildx, caching and semver tags #3

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 20 additions & 6 deletions .github/workflows/docker.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,26 +1,35 @@
name: Docker
name: Build and Publish Docker Image

on:
push:
branches: [main]
branches:
- main
tags:
- "v*"
pull_request:
branches:
- main

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
build-and-push:
name: Build & Push Docker Image
runs-on: ubuntu-latest
permissions:
contents: read
packages: write

steps:
- name: Checkout code
- name: Checkout repository
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Log in to Container Registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
Expand All @@ -33,13 +42,18 @@ jobs:
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
Copy link

Copilot AI Dec 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The semver tagging configuration is missing the type=semver,pattern={{major}} pattern. Without this, major version tags (e.g., v1) won't be created, which is a common practice for allowing users to pin to major versions. Consider adding this pattern to provide more flexibility for consumers of the image.

Suggested change
type=semver,pattern={{version}}
type=semver,pattern={{version}}
type=semver,pattern={{major}}

Copilot uses AI. Check for mistakes.
type=semver,pattern={{major}}.{{minor}}
Copy link

Copilot AI Dec 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The removal of the type=raw,value=latest tag means that images pushed from the main branch will no longer be tagged as latest. This could break workflows or documentation that relies on pulling the latest tag. Consider adding back the latest tag for main branch pushes using:

type=raw,value=latest,enable={{is_default_branch}}

This ensures the latest tag is only applied to the default branch (main).

Suggested change
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}.{{minor}}
type=raw,value=latest,enable={{is_default_branch}}

Copilot uses AI. Check for mistakes.
type=sha,prefix=
Copy link

Copilot AI Dec 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The SHA tag format uses an empty prefix (prefix=), which will result in tags that are just the raw SHA (e.g., abc123 instead of sha-abc123). This could be confusing as it's unclear what the tag represents. Consider using the default sha- prefix by removing the prefix= parameter, or use a more descriptive prefix to make it clear these are commit SHA tags.

Suggested change
type=sha,prefix=
type=sha

Copilot uses AI. Check for mistakes.

- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
push: true
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max