feat: Add GitHub Actions workflow for Docker image publishing

Adds a GitHub Actions workflow to automatically build and publish Docker images for the backend and frontend services. The workflow (`.github/workflows/docker-publish.yml`) is triggered on pushes to the `main` branch. It includes two jobs: 1. `build_and_push_backend`: Builds the Docker image from `surfsense_backend/Dockerfile` and pushes it to `ghcr.io/<owner>/surfsense_backend:<commit_sha>`. 2. `build_and_push_frontend`: Builds the Docker image from `surfsense_web/Dockerfile` and pushes it to `ghcr.io/<owner>/surfsense_web:<commit_sha>`. Both jobs include steps for: - Checking out the repository. - Setting up QEMU and Docker Buildx. - Logging into the GitHub Container Registry (ghcr.io) using `secrets.GITHUB_TOKEN`. - Building and pushing the respective Docker images, tagged with the commit SHA. - Adding OCI labels for image source, creation date, and revision. This CI pipeline automates the process of creating and distributing Docker images for the application, ensuring that new versions are available in the GitHub Container Registry upon changes to the main branch.
2025-09-02 10:39:13 +00:00 · 2025-05-29 01:58:58 +00:00 · 2025-05-29 01:58:58 +00:00 · 5ff08e7b3f
commit 5ff08e7b3f
parent fd6da4c472
1 changed files with 74 additions and 0 deletions
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@ -0,0 +1,74 @@
+name: Docker Publish
+
+on:
+  push:
+    branches: [ "main" ]
+
+jobs:
+  build_and_push_backend:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push backend image
+        uses: docker/build-push-action@v5
+        with:
+          context: ./surfsense_backend
+          file: ./surfsense_backend/Dockerfile
+          push: true
+          tags: ghcr.io/${{ github.repository_owner }}/surfsense_backend:${{ github.sha }}
+          labels: |
+            org.opencontainers.image.source=${{ github.repositoryUrl }}
+            org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
+            org.opencontainers.image.revision=${{ github.sha }}
+
+  build_and_push_frontend:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push frontend image
+        uses: docker/build-push-action@v5
+        with:
+          context: ./surfsense_web
+          file: ./surfsense_web/Dockerfile
+          push: true
+          tags: ghcr.io/${{ github.repository_owner }}/surfsense_web:${{ github.sha }}
+          labels: |
+            org.opencontainers.image.source=${{ github.repositoryUrl }}
+            org.opencontainers.image.created=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
+            org.opencontainers.image.revision=${{ github.sha }}