name: Development Build on: pull_request: branches: [ main ] push: branches: [ main ] paths-ignore: - '**.md' - 'docs/**' - 'notebooks/**' - '.github/workflows/claude*.yml' workflow_dispatch: inputs: platform: description: 'Platform to build' required: true default: 'linux/amd64' type: choice options: - linux/amd64 - linux/arm64 - linux/amd64,linux/arm64 permissions: contents: read packages: write env: GHCR_IMAGE: ghcr.io/lfnovo/open-notebook DOCKERHUB_IMAGE: lfnovo/open_notebook jobs: extract-version: runs-on: ubuntu-latest outputs: version: ${{ steps.version.outputs.version }} has_dockerhub_secrets: ${{ steps.check.outputs.has_dockerhub_secrets }} is_push_to_main: ${{ steps.check.outputs.is_push_to_main }} steps: - name: Checkout uses: actions/checkout@v4 - name: Extract version from pyproject.toml id: version run: | VERSION=$(grep -m1 '^version = ' pyproject.toml | cut -d'"' -f2) echo "version=$VERSION" >> $GITHUB_OUTPUT echo "Extracted version: $VERSION" - name: Check environment id: check env: SECRET_DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} SECRET_DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} run: | # Check for Docker Hub credentials if [[ -n "$SECRET_DOCKER_USERNAME" && -n "$SECRET_DOCKER_PASSWORD" ]]; then echo "has_dockerhub_secrets=true" >> $GITHUB_OUTPUT echo "Docker Hub credentials available" else echo "has_dockerhub_secrets=false" >> $GITHUB_OUTPUT echo "Docker Hub credentials not available" fi # Check if this is a push to main (not a PR) if [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/main" ]]; then echo "is_push_to_main=true" >> $GITHUB_OUTPUT echo "This is a push to main - will publish v1-dev tags" else echo "is_push_to_main=false" >> $GITHUB_OUTPUT echo "This is a PR or manual run - test build only" fi build-regular: needs: extract-version runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Free up disk space if: needs.extract-version.outputs.is_push_to_main == 'true' run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /usr/local/lib/android sudo rm -rf /opt/ghc sudo rm -rf /opt/hostedtoolcache/CodeQL sudo docker image prune --all --force df -h - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry if: needs.extract-version.outputs.is_push_to_main == 'true' uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login to Docker Hub if: needs.extract-version.outputs.is_push_to_main == 'true' && needs.extract-version.outputs.has_dockerhub_secrets == 'true' uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Cache Docker layers uses: actions/cache@v3 with: path: /tmp/.buildx-cache-dev key: ${{ runner.os }}-buildx-dev-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx-dev- - name: Prepare Docker tags id: tags run: | if [[ "${{ needs.extract-version.outputs.is_push_to_main }}" == "true" ]]; then # Push to main: build and push v1-dev tags TAGS="${{ env.GHCR_IMAGE }}:v1-dev" if [[ "${{ needs.extract-version.outputs.has_dockerhub_secrets }}" == "true" ]]; then TAGS="${TAGS},${{ env.DOCKERHUB_IMAGE }}:v1-dev" fi echo "tags=${TAGS}" >> $GITHUB_OUTPUT echo "push=true" >> $GITHUB_OUTPUT echo "platforms=linux/amd64,linux/arm64" >> $GITHUB_OUTPUT else # PR or manual: test build only echo "tags=${{ env.DOCKERHUB_IMAGE }}:${{ needs.extract-version.outputs.version }}-dev" >> $GITHUB_OUTPUT echo "push=false" >> $GITHUB_OUTPUT echo "platforms=${{ github.event.inputs.platform || 'linux/amd64' }}" >> $GITHUB_OUTPUT fi - name: Build and push regular image uses: docker/build-push-action@v5 with: context: . file: ./Dockerfile platforms: ${{ steps.tags.outputs.platforms }} push: ${{ steps.tags.outputs.push }} tags: ${{ steps.tags.outputs.tags }} cache-from: type=local,src=/tmp/.buildx-cache-dev cache-to: type=local,dest=/tmp/.buildx-cache-dev-new,mode=max - name: Move cache run: | rm -rf /tmp/.buildx-cache-dev mv /tmp/.buildx-cache-dev-new /tmp/.buildx-cache-dev build-single: needs: extract-version # Only build single image on push to main if: needs.extract-version.outputs.is_push_to_main == 'true' runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Free up disk space run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /usr/local/lib/android sudo rm -rf /opt/ghc sudo rm -rf /opt/hostedtoolcache/CodeQL sudo docker image prune --all --force df -h - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login to Docker Hub if: needs.extract-version.outputs.has_dockerhub_secrets == 'true' uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Cache Docker layers uses: actions/cache@v3 with: path: /tmp/.buildx-cache-dev-single key: ${{ runner.os }}-buildx-dev-single-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx-dev-single- - name: Prepare Docker tags id: tags run: | TAGS="${{ env.GHCR_IMAGE }}:v1-dev-single" if [[ "${{ needs.extract-version.outputs.has_dockerhub_secrets }}" == "true" ]]; then TAGS="${TAGS},${{ env.DOCKERHUB_IMAGE }}:v1-dev-single" fi echo "tags=${TAGS}" >> $GITHUB_OUTPUT - name: Build and push single-container image uses: docker/build-push-action@v5 with: context: . file: ./Dockerfile.single platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.tags.outputs.tags }} cache-from: type=local,src=/tmp/.buildx-cache-dev-single cache-to: type=local,dest=/tmp/.buildx-cache-dev-single-new,mode=max - name: Move cache run: | rm -rf /tmp/.buildx-cache-dev-single mv /tmp/.buildx-cache-dev-single-new /tmp/.buildx-cache-dev-single summary: needs: [extract-version, build-regular, build-single] runs-on: ubuntu-latest if: always() steps: - name: Development Build Summary run: | echo "## Development Build Summary" >> $GITHUB_STEP_SUMMARY echo "**Version:** ${{ needs.extract-version.outputs.version }}" >> $GITHUB_STEP_SUMMARY echo "**Event:** ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY echo "**Push to Main:** ${{ needs.extract-version.outputs.is_push_to_main }}" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY if [[ "${{ needs.extract-version.outputs.is_push_to_main }}" == "true" ]]; then echo "### Published Tags:" >> $GITHUB_STEP_SUMMARY if [[ "${{ needs.build-regular.result }}" == "success" ]]; then echo "✅ **Regular:** \`${{ env.GHCR_IMAGE }}:v1-dev\`" >> $GITHUB_STEP_SUMMARY if [[ "${{ needs.extract-version.outputs.has_dockerhub_secrets }}" == "true" ]]; then echo "✅ **Regular (Docker Hub):** \`${{ env.DOCKERHUB_IMAGE }}:v1-dev\`" >> $GITHUB_STEP_SUMMARY fi else echo "❌ **Regular:** Build failed" >> $GITHUB_STEP_SUMMARY fi if [[ "${{ needs.build-single.result }}" == "success" ]]; then echo "✅ **Single:** \`${{ env.GHCR_IMAGE }}:v1-dev-single\`" >> $GITHUB_STEP_SUMMARY if [[ "${{ needs.extract-version.outputs.has_dockerhub_secrets }}" == "true" ]]; then echo "✅ **Single (Docker Hub):** \`${{ env.DOCKERHUB_IMAGE }}:v1-dev-single\`" >> $GITHUB_STEP_SUMMARY fi elif [[ "${{ needs.build-single.result }}" == "skipped" ]]; then echo "⏭️ **Single:** Skipped" >> $GITHUB_STEP_SUMMARY else echo "❌ **Single:** Build failed" >> $GITHUB_STEP_SUMMARY fi echo "" >> $GITHUB_STEP_SUMMARY echo "### Platforms:" >> $GITHUB_STEP_SUMMARY echo "- linux/amd64" >> $GITHUB_STEP_SUMMARY echo "- linux/arm64" >> $GITHUB_STEP_SUMMARY else echo "### Test Build Results:" >> $GITHUB_STEP_SUMMARY if [[ "${{ needs.build-regular.result }}" == "success" ]]; then echo "✅ **Dockerfile:** Build successful" >> $GITHUB_STEP_SUMMARY else echo "❌ **Dockerfile:** Build failed" >> $GITHUB_STEP_SUMMARY fi echo "" >> $GITHUB_STEP_SUMMARY echo "### Notes:" >> $GITHUB_STEP_SUMMARY echo "- This is a test build (no images pushed to registry)" >> $GITHUB_STEP_SUMMARY echo "- Merge to main to publish \`v1-dev\` tags" >> $GITHUB_STEP_SUMMARY echo "- For stable releases, use the 'Build and Release' workflow" >> $GITHUB_STEP_SUMMARY fi