@@ -655,7 +655,7 @@ jobs:
655655# to main branch. We are only building this for amd64 platform. (>95% pulls
656656# are for amd64)
657657needs :changes
658- if :github.ref == 'refs/heads/main' && needs.changes.outputs.docs-only == 'false'
658+ if :needs.changes.outputs.docs-only == 'false' && !github.event.pull_request.head.repo.fork
659659runs-on :${{ github.repository_owner == 'coder' && 'buildjet-8vcpu-ubuntu-2204' || 'ubuntu-latest' }}
660660env :
661661DOCKER_CLI_EXPERIMENTAL :" enabled"
@@ -692,46 +692,70 @@ jobs:
692692 go mod download
693693
694694 version="$(./scripts/version.sh)"
695+ tag="main-$(echo "$version" | sed 's/+/-/g')"
696+ echo "tag=$tag" >> $GITHUB_OUTPUT
697+
695698 make gen/mark-fresh
696699 make -j \
697- build/coder_linux_amd64 \
700+ build/coder_linux_{amd64,arm64,armv7} \
698701 build/coder_"$version"_windows_amd64.zip \
699702 build/coder_"$version"_linux_amd64.{tar.gz,deb}
700703
701- name :Buildand Push Linuxamd64 DockerImage
704+ name :Build Linux Dockerimages
702705id :build-docker
706+ env :
707+ CODER_IMAGE_BASE :ghcr.io/coder/coder-preview
708+ CODER_IMAGE_TAG_PREFIX :main
709+ DOCKER_CLI_EXPERIMENTAL :" enabled"
703710run :|
704711 set -euxo pipefail
712+
713+ # build Docker images for each architecture
705714 version="$(./scripts/version.sh)"
706715 tag="main-$(echo "$version" | sed 's/+/-/g')"
707-
708- export CODER_IMAGE_BUILD_BASE_TAG="$(CODER_IMAGE_BASE=coder-base ./scripts/image_tag.sh --version "$version")"
709- ./scripts/build_docker.sh \
710- --arch amd64 \
711- --target "ghcr.io/coder/coder-preview:$tag" \
712- --version $version \
713- --push \
714- build/coder_linux_amd64
715-
716- # Tag as main
717- docker tag "ghcr.io/coder/coder-preview:$tag" ghcr.io/coder/coder-preview:main
718- docker push ghcr.io/coder/coder-preview:main
719-
720- # Store the tag in an output variable so we can use it in other jobs
721716 echo "tag=$tag" >> $GITHUB_OUTPUT
722717
718+ # build images for each architecture
719+ make -j build/coder_"$version"_linux_{amd64,arm64,armv7}.tag
720+
721+ # only push if we are on main branch
722+ if [ "${{ github.ref }}" == "refs/heads/main" ]; then
723+ # build and push multi-arch manifest, this depends on the other images
724+ # being pushed so will automatically push them
725+ make -j push/build/coder_"$version"_linux_{amd64,arm64,armv7}.tag
726+
727+ # Define specific tags
728+ tags=("$tag" "main" "latest")
729+
730+ # Create and push a multi-arch manifest for each tag
731+ # we are adding `latest` tag and keeping `main` for backward
732+ # compatibality
733+ for t in "${tags[@]}"; do
734+ ./scripts/build_docker_multiarch.sh \
735+ --push \
736+ --target "ghcr.io/coder/coder-preview:$t" \
737+ --version $version \
738+ $(cat build/coder_"$version"_linux_{amd64,arm64,armv7}.tag)
739+ done
740+ fi
741+
723742name :Prune old images
743+ if :github.ref == 'refs/heads/main'
724744uses :vlaurin/action-ghcr-prune@v0.5.0
725745with :
726746token :${{ secrets.GITHUB_TOKEN }}
727747organization :coder
728748container :coder-preview
729749keep-younger-than :7 # days
750+ keep-tags :latest
730751keep-tags-regexes :^pr
731- prune-tags-regexes :^main-
752+ prune-tags-regexes :|
753+ ^main-
754+ ^v
732755prune-untagged :true
733756
734757 -name :Upload build artifacts
758+ if :github.ref == 'refs/heads/main'
735759uses :actions/upload-artifact@v4
736760with :
737761name :coder