diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index fab7b0a15f..7704b71669 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -11,6 +11,10 @@ on: description: 'tag to containerize' required: false +permissions: + contents: read + packages: write + concurrency: group: Containerization cancel-in-progress: false @@ -39,12 +43,19 @@ jobs: docker-images: true swap-storage: true - - name: Login + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} + - name: Login to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Setup Buildx uses: docker/setup-buildx-action@v3 @@ -92,7 +103,11 @@ jobs: FC_COMPILER=${{ 'gfortran' }} COMPILER_PATH=${{ '/usr/bin' }} COMPILER_LD_LIBRARY_PATH=${{ '/usr/lib' }} - tags: ${{ secrets.DOCKERHUB_USERNAME }}/mfc:${{ env.TAG }}-${{ matrix.config.name }}-${{ matrix.config.runner }} + labels: | + org.opencontainers.image.source=https://github.com/${{ github.repository }} + tags: | + ${{ secrets.DOCKERHUB_USERNAME }}/mfc:${{ env.TAG }}-${{ matrix.config.name }}-${{ matrix.config.runner }} + ghcr.io/${{ github.repository_owner }}/mfc:${{ env.TAG }}-${{ matrix.config.name }}-${{ matrix.config.runner }} push: true - name: Build and push image (gpu) @@ -110,35 +125,52 @@ jobs: FC_COMPILER=${{ 'nvfortran' }} COMPILER_PATH=/opt/nvidia/hpc_sdk/${{ matrix.config.compiler_arch }}/compilers/bin COMPILER_LD_LIBRARY_PATH=/opt/nvidia/hpc_sdk/${{ matrix.config.compiler_arch }}/compilers/lib - tags: ${{ secrets.DOCKERHUB_USERNAME }}/mfc:${{ env.TAG }}-${{ matrix.config.name }}-${{ matrix.config.runner}} + labels: | + org.opencontainers.image.source=https://github.com/${{ github.repository }} + tags: | + ${{ secrets.DOCKERHUB_USERNAME }}/mfc:${{ env.TAG }}-${{ matrix.config.name }}-${{ matrix.config.runner }} + ghcr.io/${{ github.repository_owner }}/mfc:${{ env.TAG }}-${{ matrix.config.name }}-${{ matrix.config.runner }} push: true manifests: runs-on: ubuntu-latest needs: Container steps: - - name: Login + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} + - name: Login to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Setup Buildx uses: docker/setup-buildx-action@v3 - name: Create and Push Manifest Lists env: TAG: ${{ needs.Container.outputs.tag }} - REGISTRY: ${{ secrets.DOCKERHUB_USERNAME }}/mfc + DH: ${{ secrets.DOCKERHUB_USERNAME }}/mfc + GH: ghcr.io/${{ github.repository_owner }}/mfc run: | - docker buildx imagetools create -t $REGISTRY:$TAG-cpu $REGISTRY:$TAG-cpu-ubuntu-22.04 $REGISTRY:$TAG-cpu-ubuntu-22.04-arm - docker buildx imagetools create -t $REGISTRY:$TAG-gpu $REGISTRY:$TAG-gpu-ubuntu-22.04 $REGISTRY:$TAG-gpu-ubuntu-22.04-arm + for R in "$DH" "$GH"; do + docker buildx imagetools create -t $R:$TAG-cpu $R:$TAG-cpu-ubuntu-22.04 $R:$TAG-cpu-ubuntu-22.04-arm + docker buildx imagetools create -t $R:$TAG-gpu $R:$TAG-gpu-ubuntu-22.04 $R:$TAG-gpu-ubuntu-22.04-arm + done - name: Update latest tags if: github.event_name == 'release' env: TAG: ${{ needs.Container.outputs.tag }} - REGISTRY: ${{ secrets.DOCKERHUB_USERNAME }}/mfc + DH: ${{ secrets.DOCKERHUB_USERNAME }}/mfc + GH: ghcr.io/${{ github.repository_owner }}/mfc run: | - docker buildx imagetools create -t $REGISTRY:latest-cpu $REGISTRY:$TAG-cpu-ubuntu-22.04 $REGISTRY:$TAG-cpu-ubuntu-22.04-arm - docker buildx imagetools create -t $REGISTRY:latest-gpu $REGISTRY:$TAG-gpu-ubuntu-22.04 $REGISTRY:$TAG-gpu-ubuntu-22.04-arm + for R in "$DH" "$GH"; do + docker buildx imagetools create -t $R:latest-cpu $R:$TAG-cpu-ubuntu-22.04 $R:$TAG-cpu-ubuntu-22.04-arm + docker buildx imagetools create -t $R:latest-gpu $R:$TAG-gpu-ubuntu-22.04 $R:$TAG-gpu-ubuntu-22.04-arm + done