GitHub Actions Update

.github/workflows/dockerhub.yml

@@ -6,47 +6,61 @@
 # Add the dockerhub repo path in a secret named:
 #    DOCKERHUB_REPO
 # This workflow will use them automatically.
-
-# FIXME: Refactor this workflow using matrix and the new docker args
+## Notes:
+# - The workflow_dispatch event will be named latest only on dockerhub.
+# - The push event is used to automatically trigger the workflow when a new tag is pushed to the repository.
+# - The metadata action is used to extract the version from the tag and generate the appropriate Docker tags.
+# - The build-push-action is used to build and push the Docker image to Docker Hub.
+# - The cache-from and cache-to actions are used to cache the Docker image layers between builds.
+# -- If you don't want to have a build cache image, you can remove the cache-from and cache-to actions,
+# -- or you can set it to another dockerhub repo (e.g. user/different-dockerhub-repo)
+# - The sbom action is used to generate a Software Bill of Materials (SBOM) for the Docker image.
 
 name: Publish Docker images
 
-on: workflow_dispatch
-#    TODO: put this back once the docker files work correctly
-#  release:
-#    types: [released]
+on:
+    workflow_dispatch:
+    push:
+        tags:
+            - 'v*'
 
 jobs:
   publish-image:
-    environment: dockerhub-publish
     name: Push Docker image to Docker Hub
+    environment: dockerhub-publish
     runs-on: ubuntu-latest
     steps:
-      - name: Check out the repo
-        uses: actions/checkout@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
 
-      - name: Log in to Docker Hub
-        uses: docker/login-action@v1
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
 
-      - name: Extract metadata (tags, labels) for Docker
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Extract metadata
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v5
         with:
           images: ${{ secrets.DOCKERHUB_REPO }}
           tags: |
-            type=semver,pattern={{version}}
-            type=raw,value=latest
-          flavor: |
-            latest=false
+            type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
+            type=raw,value=develop,enable=${{ github.ref == 'refs/heads/develop' }}
+            type=pep440,pattern={{version}},event=push,enable=${{ github.ref == 'refs/heads/main' }}
 
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v2
+      - name: Build and push
+        uses: docker/build-push-action@v5
         with:
-          file: './Dockerfile'
           context: .
+          file: './Dockerfile'
           push: true
+          platforms: linux/amd64,linux/arm64
+          cache-from: type=registry,ref=${{ secrets.DOCKERHUB_REPO }}:buildcache
+          cache-to: type=registry,ref=${{ secrets.DOCKERHUB_REPO }}:buildcache,mode=max
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+          sbom: true

Dockerfile

@@ -1,6 +1,6 @@
 # Build the node software
 ARG NODE_VERSION=16.20.2
-FROM node:${NODE_VERSION}-alpine as builder
+FROM node:${NODE_VERSION}-alpine AS builder
 
 # Add the latest alpine repositories
 RUN echo "http://dl-3.alpinelinux.org/alpine/latest-stable/main" > /etc/apk/repositories \