name: Build and Push Docker Images on: push: branches: [main] defaults: run: shell: sh jobs: build-and-push: # Runner offers ubuntu-latest; the label only selects the runner. The job # overrides the image below with docker:cli and mounts the host socket. runs-on: ubuntu-latest # Run the job in a Docker-CLI container. act_runner already auto-mounts the # host Docker socket (OrbStack), so `docker` reaches the host daemon — don't # mount it again here or Docker errors with "Duplicate mount point". container: image: docker:cli steps: - name: Install git run: apk add --no-cache git - name: Checkout run: | git config --global --add safe.directory '*' git init -q . git remote add origin "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@git.plexultra.com/${{ github.repository }}.git" \ || git remote set-url origin "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@git.plexultra.com/${{ github.repository }}.git" git fetch --depth 1 origin "${{ github.ref_name }}" git checkout -q -f FETCH_HEAD # Uses a Forgejo token with write:package scope (the auto GITHUB_TOKEN # can't write packages — push fails with 'unauthorized: reqPackageAccess') - name: Log in to Forgejo container registry run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.plexultra.com -u "${{ github.actor }}" --password-stdin - name: Build and push API image run: | IMAGE=git.plexultra.com/${{ github.repository }} docker build --target production -t "$IMAGE:main" -t "$IMAGE:${{ github.sha }}" . docker push "$IMAGE:main" docker push "$IMAGE:${{ github.sha }}" - name: Build and push Nginx image run: | IMAGE=git.plexultra.com/${{ github.repository }}-nginx docker build --target nginx-frontend -t "$IMAGE:main" -t "$IMAGE:${{ github.sha }}" . docker push "$IMAGE:main" docker push "$IMAGE:${{ github.sha }}"