diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0534d82..68bb241 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -49,6 +49,9 @@ jobs: with: ref: ${{ matrix.build.tag }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v4 + - name: Login to DockerHub Registry run: echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin @@ -121,8 +124,9 @@ jobs: TAGS="$TAGS --tag $GHCR_TAG_MAJOR" fi - docker build --output "type=image,push=$PUSH" \ + docker buildx build --output "type=image,push=$PUSH" \ --provenance=false \ + --sbom=true \ --platform "linux/${ARCH_TAG}" \ --target="pimcore_php_$imageVariant" \ --build-arg PHP_VERSION="${PHP_VERSION}" \ @@ -160,6 +164,9 @@ jobs: if: github.event_name != 'workflow_dispatch' || inputs.publish steps: + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v4 + - name: Login to DockerHub Registry run: echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin @@ -170,7 +177,7 @@ jobs: uses: actions/download-artifact@v8 with: path: artifacts - + - name: Process tags run: | find artifacts -type f -name "aggregated_tags.txt" -exec cat {} + > all_aggregated_tags.txt @@ -185,12 +192,16 @@ jobs: for tag in "${!UNIQUE_TAGS[@]}"; do echo "Processing tag: $tag" - - docker manifest create "$tag" \ - --amend "${tag}-amd64" \ - --amend "${tag}-arm64" - docker manifest push "$tag" + # Verify both per-arch images exist in the registry before merging + if docker buildx imagetools inspect "${tag}-amd64" > /dev/null 2>&1 \ + && docker buildx imagetools inspect "${tag}-arm64" > /dev/null 2>&1; then + docker buildx imagetools create \ + --tag "$tag" \ + "${tag}-amd64" \ + "${tag}-arm64" + else + echo "Error: Missing per-arch image for $tag, skipping" + fi - done - + done \ No newline at end of file