P2TSH: adding additional script verification tests that verify correct #5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Coordinate Core - Build and Push to GHCR | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - dev | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| packages: write | |
| env: | |
| IMAGE_NAME: coordinatecore | |
| jobs: | |
| build-and-push: | |
| name: Build and Push Docker Image | |
| runs-on: governance-testenv-github-self-hosted | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Set environment based on branch | |
| id: env | |
| run: | | |
| if [[ "${{ github.ref_name }}" == "main" ]]; then | |
| echo "tag_suffix=latest" >> $GITHUB_OUTPUT | |
| echo "release_branch=main" >> $GITHUB_OUTPUT | |
| else | |
| echo "tag_suffix=beta" >> $GITHUB_OUTPUT | |
| echo "release_branch=dev" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Create new tag (semantic versioning) | |
| id: tag | |
| uses: mathieudutour/github-tag-action@v6.1 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| release_branches: ${{ steps.env.outputs.release_branch }} | |
| default_bump: patch | |
| - name: Set lowercase owner name | |
| id: lowercase | |
| run: | | |
| echo "owner=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT | |
| - name: Fix Docker socket permissions | |
| run: sudo chmod 666 /var/run/docker.sock | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| platforms: linux/amd64,linux/arm64 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ steps.lowercase.outputs.owner }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=raw,value=${{ steps.tag.outputs.new_tag }} | |
| type=raw,value=${{ steps.env.outputs.tag_suffix }} | |
| # Build for BOTH platforms using multi-stage Dockerfile | |
| # This compiles native binaries inside Docker for each architecture | |
| - name: Build and Push Multi-Platform Docker Image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: true | |
| platforms: linux/amd64,linux/arm64 | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build-args: | | |
| BUILDKIT_INLINE_CACHE=1 | |
| - name: Verify multi-platform manifest | |
| run: | | |
| echo "📊 Verifying multi-platform support:" | |
| docker buildx imagetools inspect ghcr.io/${{ steps.lowercase.outputs.owner }}/${{ env.IMAGE_NAME }}:${{ steps.env.outputs.tag_suffix }} |