11# .github/workflows/ci.yml
2- name : CI (Build & Push Docker + Auto Release )
2+ name : CI (Auto-tag + Build & Push Docker on SemVer )
33
44on :
55 push :
1313 DOCKERFILE : ./Dockerfile
1414
1515permissions :
16- contents : write # required to create and push tags
16+ contents : write # needed to create/ push git tags
1717
1818jobs :
19+ # ------------------------------------------------------------
20+ # 1️⃣ MAIN BRANCH: only auto-tag if '#release' is in commit msg
21+ # ------------------------------------------------------------
22+ auto-release :
23+ if : ${{ github.ref == 'refs/heads/main' && contains(join(github.event.commits.*.message, ' '), '#release') }}
24+ runs-on : ubuntu-latest
25+ steps :
26+ - name : Checkout full history
27+ uses : actions/checkout@v4
28+ with :
29+ fetch-depth : 0
30+
31+ - name : Bump patch version and create tag
32+ run : |
33+ set -e
34+ LAST=$(git tag -l 'v*' --sort=-v:refname | head -n1)
35+ [ -z "$LAST" ] && LAST="v0.0.0"
36+ VER=${LAST#v}
37+ IFS='.' read -r MA MI PA <<<"$VER"
38+ NEW_TAG="v$MA.$MI.$((PA+1))"
39+ echo "Creating $NEW_TAG"
40+ git config user.name "github-actions[bot]"
41+ git config user.email "github-actions[bot]@users.noreply.github.com"
42+ git tag -a "$NEW_TAG" -m "release $NEW_TAG"
43+ git push origin "$NEW_TAG"
44+
45+ # ------------------------------------------------------------
46+ # 2️⃣ TAG EVENT: build & push image ONLY for SemVer tags
47+ # ------------------------------------------------------------
1948 build-and-push :
49+ if : startsWith(github.ref, 'refs/tags/')
2050 runs-on : ubuntu-latest
2151 steps :
2252 - name : Checkout
@@ -35,29 +65,19 @@ jobs:
3565 username : ${{ secrets.DOCKERHUB_USERNAME }}
3666 password : ${{ secrets.DOCKERHUB_TOKEN }}
3767
38- - name : Sanitize Docker context env
39- run : echo "DOCKER_CONTEXT=" >> $GITHUB_ENV
40-
4168 - name : Extract Docker metadata
4269 id : meta
4370 uses : docker/metadata-action@v5
4471 with :
4572 images : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
46- # 👇 Only push semver tags on tag events
4773 tags : |
48- type=semver,pattern={{version}},enable=${{ startsWith(github.ref, 'refs/tags/') }}
49- type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
50- type=ref,event=branch,enable=${{ github.ref == 'refs/heads/main' }}
51- type=sha,enable=${{ github.ref == 'refs/heads/main' }}
74+ type=semver,pattern={{version}}
5275labels : |
5376 org.opencontainers.image.title=${{ github.event.repository.name }}
5477 org.opencontainers.image.source=${{ github.repository }}
5578 org.opencontainers.image.revision=${{ github.sha }}
5679
57- name : Debug tags
58- run : echo "→ ${{ steps.meta.outputs.tags }}"
59-
60- - name : Build & Push multi-arch
80+ name : Build & Push SemVer image
6181 uses : docker/build-push-action@v6
6282 with :
6383 context : .
6888 labels : ${{ steps.meta.outputs.labels }}
6989 cache-from : type=gha
7090 cache-to : type=gha,mode=max
71- provenance : false
72-
73- auto-release :
74- needs : build-and-push
75- # Fire only on main branch pushes containing '#release'
76- if : ${{ github.ref == 'refs/heads/main' && contains(join(github.event.commits.*.message, ' '), '#release') }}
77- runs-on : ubuntu-latest
78- steps :
79- - uses : actions/checkout@v4
80- with :
81- fetch-depth : 0
82-
83- - name : Bump patch version and create tag
84- id : bump
85- run : |
86- set -e
87- LAST=$(git tag -l 'v*' --sort=-v:refname | head -n1)
88- [ -z "$LAST" ] && LAST="v0.0.0"
89- VER=${LAST#v}
90- IFS='.' read -r MA MI PA <<<"$VER"
91- NEW_TAG="v$MA.$MI.$((PA+1))"
92- echo "Creating $NEW_TAG"
93- git config user.name "github-actions[bot]"
94- git config user.email "github-actions[bot]@users.noreply.github.com"
95- git tag -a "$NEW_TAG" -m "release $NEW_TAG"
96- git push origin "$NEW_TAG"
91+ provenance : false
0 commit comments