From 6cdf7909874f942de31d0d680506e580536458f0 Mon Sep 17 00:00:00 2001 From: akumar-99 Date: Thu, 11 Jun 2026 06:57:41 +0530 Subject: [PATCH] Publish multi-arch image to GHCR on every merge to main --- .github/workflows/publish.yml | 41 +++++++++++++++++++++++++++++++++++ README.md | 2 +- docker-compose.yml | 4 +++- docs/guide/deployment.md | 15 ++++++++++++- 4 files changed, 59 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/publish.yml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml new file mode 100644 index 0000000..f7c3d57 --- /dev/null +++ b/.github/workflows/publish.yml @@ -0,0 +1,41 @@ +name: Publish image + +on: + push: + branches: [main] + tags: ['v*'] + +permissions: + contents: read + packages: write + +jobs: + publish: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + - uses: docker/setup-qemu-action@v4 + - uses: docker/setup-buildx-action@v4 + - uses: docker/login-action@v4 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - id: meta + uses: docker/metadata-action@v6 + with: + images: ghcr.io/${{ github.repository }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=sha + - uses: docker/build-push-action@v7 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/README.md b/README.md index d12f7b3..2e4b02d 100644 --- a/README.md +++ b/README.md @@ -49,7 +49,7 @@ Prereq: a one-time Google Chat app configuration (~15 min) — see ```bash cp .env.example .env # fill in GOOGLE_CHAT_AUDIENCE, mount your service account key -docker compose up -d +docker compose up -d # pulls ghcr.io/asyncup-dev/asyncup (amd64 + arm64) ``` Expose `POST /chat/events` via HTTPS, point the Chat app at it, then in your team space: diff --git a/docker-compose.yml b/docker-compose.yml index 5c2ec1e..4eb8ad5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,8 @@ services: asyncup: - build: . + image: ghcr.io/asyncup-dev/asyncup:latest + # To build from source instead, comment out `image:` and uncomment: + # build: . restart: unless-stopped ports: - "8080:8080" diff --git a/docs/guide/deployment.md b/docs/guide/deployment.md index 296ff16..8b1e6c6 100644 --- a/docs/guide/deployment.md +++ b/docs/guide/deployment.md @@ -4,12 +4,25 @@ AsyncUp is one small container with SQLite inside — no external database, no queue, no other moving parts. Google Chat needs to reach it on a public HTTPS URL. +## Prebuilt image + +Multi-arch images (`linux/amd64`, `linux/arm64`) are published to GHCR on +every merge to `main`: + +```bash +docker pull ghcr.io/asyncup-dev/asyncup:latest +``` + +Tags: `latest` (main), `vX.Y.Z` + `X.Y` (releases), `sha-…` (every build) — +pin a digest for reproducible deploys. Building from source stays a +one-liner (`docker build -t asyncup .`) if you prefer auditing what you run. + ## Docker Compose (simplest) ```bash cp .env.example .env # set GOOGLE_CHAT_AUDIENCE, credentials path # uncomment the service-account.json mount in docker-compose.yml -docker compose up -d +docker compose up -d # pulls the GHCR image by default ``` Put it behind any HTTPS reverse proxy (Caddy, nginx, Traefik) and point the