kpango · kpango · Apr 23, 2026 · Apr 23, 2026
diff --git a/.github/actions/docker-build/action.yml b/.github/actions/docker-build/action.yml
@@ -0,0 +1,79 @@
+name: "Build and Push Docker Image"
+description: "Sets up QEMU, Buildx, and builds/pushes a Docker image using the repository's Makefile."
+inputs:
+  target:
+    description: "The Makefile target to run (e.g., build_base)"
+    required: true
+  docker_user:
+    description: "DockerHub username"
+    required: true
+    default: "kpango"
+  docker_pass:
+    description: "DockerHub password"
+    required: true
+  github_token:
+    description: "GitHub Token for registry/cache"
+    required: true
+  docker_push:
+    description: "Whether this is a push build"
+    required: false
+    default: "false"
+  platform:
+    description: "The platform to build (e.g., linux/amd64)"
+    required: false
+  suffix:
+    description: "The suffix for the docker tag (e.g., amd64)"
+    required: false
+  ghcr_user:
+    description: "GHCR username"
+    required: false
+    default: ${{ github.repository_owner }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v3
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Login to DockerHub
+      if: inputs.docker_push == 'true'
+      uses: docker/login-action@v4
+      with:
+        username: ${{ inputs.docker_user }}
+        password: ${{ inputs.docker_pass }}
+
+    - name: Login to GitHub Container Registry
+      if: inputs.docker_push == 'true'
+      uses: docker/login-action@v4
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ inputs.github_token }}
+
+    - name: Run Makefile Target
+      shell: bash
+      env:
+        TARGET: ${{ inputs.target }}
+        USER_DEFAULT: ${{ inputs.docker_user }}
+        GHCR_USER: ${{ inputs.ghcr_user }}
+        DOCKER_PUSH: ${{ inputs.docker_push }}
+        GITHUB_ACCESS_TOKEN: ${{ inputs.github_token }}
+        DOCKER_BUILDER_PLATFORM: ${{ inputs.platform }}
+        DOCKER_ARCH_SUFFIX: ${{ inputs.suffix }}
+        EVENT_NAME: ${{ github.event_name }}
+        EVENT_PATH: ${{ github.event_path }}
+        GITHUB_REF_VAR: ${{ github.ref }}
+      run: |
+        VERSION="nightly"
+
+        if [ "$EVENT_NAME" == "pull_request" ]; then
+          PR_NUM=$(jq -r ".number" "$EVENT_PATH")
+          VERSION="pr-$PR_NUM"
+        elif [[ "$GITHUB_REF_VAR" == refs/tags/* ]]; then
+          VERSION="${GITHUB_REF_VAR#refs/tags/}"
+        fi
+
+        make "$TARGET" DOCKER_PUSH="$DOCKER_PUSH" USER="$USER_DEFAULT" GHCR_USER="$GHCR_USER" VERSION="$VERSION" GITHUB_ACCESS_TOKEN="$GITHUB_ACCESS_TOKEN" DOCKER_BUILDER_PLATFORM="$DOCKER_BUILDER_PLATFORM" DOCKER_ARCH_SUFFIX="$DOCKER_ARCH_SUFFIX"
diff --git a/.github/workflows/docker-base.yml b/.github/workflows/docker-base.yml
diff --git a/.github/workflows/docker-matrix.yml b/.github/workflows/docker-matrix.yml
@@ -0,0 +1,151 @@
+name: "Build docker images"
+on:
+  push:
+    branches:
+      - master
+    tags:
+      - "*.*.*"
+      - "v*.*.*"
+      - "*.*.*-*"
+      - "v*.*.*-*"
+    paths:
+      - "dockers/**"
+      - "Makefile"
+  pull_request:
+    paths:
+      - "dockers/**"
+      - "Makefile"
+  workflow_dispatch:
+
+jobs:
+  build:
+    strategy:
+      fail-fast: false
+      matrix:
+        arch:
+          - platform: linux/amd64
+            runner: ubuntu-latest
+            suffix: amd64
+          - platform: linux/arm64/v8
+            runner: ubuntu-24.04-arm
+            suffix: arm64
+        image_target:
+          - image: base
+            target: build_base
+          - image: dart
+            target: build_dart
+          - image: docker
+            target: build_docker
+          - image: env
+            target: build_env
+          - image: gcloud
+            target: build_gcloud
+          - image: go
+            target: build_go
+          - image: kube
+            target: build_k8s
+          - image: nim
+            target: build_nim
+          - image: rust
+            target: build_rust
+    runs-on: ${{ matrix.arch.runner }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 10
+
+      - name: Build and Push Docker Image
+        uses: ./.github/actions/docker-build
+        with:
+          target: ${{ matrix.image_target.target }}
+          docker_user: ${{ secrets.DOCKERHUB_USER || 'kpango' }}
+          docker_pass: ${{ secrets.DOCKERHUB_PASS }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          docker_push: true
+          platform: ${{ matrix.arch.platform }}
+          suffix: ${{ matrix.arch.suffix }}
+
+  merge:
+    needs: build
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        image_target:
+          - image: base
+            target: merge_base
+          - image: dart
+            target: merge_dart
+          - image: docker
+            target: merge_docker
+          - image: env
+            target: merge_env
+          - image: gcloud
+            target: merge_gcloud
+          - image: go
+            target: merge_go
+          - image: kube
+            target: merge_k8s
+          - image: nim
+            target: merge_nim
+          - image: rust
+            target: merge_rust
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 10
+
+      - name: Merge and Push Manifest
+        uses: ./.github/actions/docker-build
+        with:
+          target: ${{ matrix.image_target.target }}
+          docker_user: ${{ secrets.DOCKERHUB_USER || 'kpango' }}
+          docker_pass: ${{ secrets.DOCKERHUB_PASS }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          docker_push: true
+
+  build_dev:
+    needs: merge
+    strategy:
+      fail-fast: false
+      matrix:
+        arch:
+          - platform: linux/amd64
+            runner: ubuntu-latest
+            suffix: amd64
+          - platform: linux/arm64/v8
+            runner: ubuntu-24.04-arm
+            suffix: arm64
+    runs-on: ${{ matrix.arch.runner }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 10
+
+      - name: Build and Push Docker Image
+        uses: ./.github/actions/docker-build
+        with:
+          target: prod_build
+          docker_user: ${{ secrets.DOCKERHUB_USER || 'kpango' }}
+          docker_pass: ${{ secrets.DOCKERHUB_PASS }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          docker_push: true
+          platform: ${{ matrix.arch.platform }}
+          suffix: ${{ matrix.arch.suffix }}
+
+  merge_dev:
+    needs: build_dev
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 10
+
+      - name: Merge and Push Manifest
+        uses: ./.github/actions/docker-build
+        with:
+          target: merge_dev
+          docker_user: ${{ secrets.DOCKERHUB_USER || 'kpango' }}
+          docker_pass: ${{ secrets.DOCKERHUB_PASS }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          docker_push: true