Skip to content

feat(github-action): build and publish container images #562

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
knechtionscoding wants to merge 7 commits into
base: master
Choose a base branch
from
Open

feat(github-action): build and publish container images #562

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
8963caf
feat(github-action): build and publish container images
knechtionscoding Feb 10, 2026
c6c3c86
feat: build binaries as part of dockerfiles
knechtionscoding Feb 10, 2026
3f5a7df
fix: correct branhc
knechtionscoding Feb 10, 2026
da7a4da
fix: use platform directly for compilation
knechtionscoding Feb 10, 2026
edc1a8f
fix: simplify images
knechtionscoding Feb 10, 2026
ae17724
chore: remove unneded args
knechtionscoding Feb 10, 2026
ca0e960
fix: only push on tags
knechtionscoding Feb 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 73 additions & 0 deletions .github/workflows/publish-images.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
name: Publish Kraken Images

on:
push:
branches:
- master
tags:
- '*'
workflow_dispatch:

permissions:
contents: read
packages: write

jobs:
build-and-push:
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
include:
- component: kraken-agent
dockerfile: docker/agent/Dockerfile
- component: kraken-build-index
dockerfile: docker/build-index/Dockerfile
- component: kraken-origin
dockerfile: docker/origin/Dockerfile
- component: kraken-proxy
dockerfile: docker/proxy/Dockerfile
- component: kraken-testfs
dockerfile: docker/testfs/Dockerfile
- component: kraken-tracker
dockerfile: docker/tracker/Dockerfile
- component: kraken-herd
dockerfile: docker/herd/Dockerfile
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: amd64,arm64

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Generate image metadata (${{ matrix.component }})
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository_owner }}/${{ matrix.component }}
tags: |
Comment on lines +56 to +57
Copy link

Copilot AI Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Image naming uses only ${{ github.repository_owner }} (e.g., ghcr.io/uber/kraken-agent). That can collide if the owner publishes similarly named images from other repos. Consider including the repository in the path (e.g., ${{ github.repository }}) to make the namespace unambiguous.

Copilot uses AI. Check for mistakes.
Copy link
Copy Markdown
Author

@knechtionscoding knechtionscoding Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Anton-Kalpakchiev Do you want repo to be included in here?

type=ref,event=tag
type=ref,event=branch
type=sha,format=short

- name: Build and push ${{ matrix.component }}
uses: docker/build-push-action@v5
with:
context: .
file: ${{ matrix.dockerfile }}
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
23 changes: 22 additions & 1 deletion docker/agent/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,24 @@
# syntax=docker/dockerfile:1.6

FROM golang:1.23.11 AS builder

ARG TARGETOS
ARG TARGETARCH
ENV CGO_ENABLED=1 GO111MODULE=on

WORKDIR /src

RUN apt-get update && \
apt-get install -y --no-install-recommends build-essential pkg-config sqlite3 libsqlite3-dev && \
rm -rf /var/lib/apt/lists/*

COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN mkdir -p /out && \
go build -buildvcs=false -o /out/kraken-agent ./agent

FROM debian:12
Comment on lines +3 to 21
Copy link

Copilot AI Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CGO_ENABLED=1 plus installing libsqlite3-dev strongly suggests the built binary may be dynamically linked against libsqlite3.so.*. The runtime stage (debian:12) does not install the runtime SQLite library, so the container can fail at startup with missing shared library errors. Fix by either (a) installing the runtime package (typically libsqlite3-0) in the final stage, or (b) building a fully static binary (e.g., use CGO_ENABLED=0 if the project supports it).

Copilot uses AI. Check for mistakes.

RUN echo 'Acquire::Check-Valid-Until "false";' > /etc/apt/apt.conf.d/99no-check-valid-until && \
Expand Down Expand Up @@ -32,7 +53,7 @@ RUN if [ ${USERID} != "0" ]; then useradd --uid ${USERID} ${USERNAME}; fi
COPY ./docker/setup_nginx.sh /tmp/setup_nginx.sh
RUN /tmp/setup_nginx.sh ${USERNAME}

COPY ./agent/agent /usr/bin/kraken-agent
COPY --from=builder /out/kraken-agent /usr/bin/kraken-agent
COPY ./config /etc/kraken/config
COPY ./nginx/config /etc/kraken/nginx/config
COPY ./test/tls /etc/kraken/tls
Expand Down
23 changes: 22 additions & 1 deletion docker/build-index/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,24 @@
# syntax=docker/dockerfile:1.6

FROM golang:1.23.11 AS builder

ARG TARGETOS
ARG TARGETARCH
ENV CGO_ENABLED=1 GO111MODULE=on

WORKDIR /src

RUN apt-get update && \
apt-get install -y --no-install-recommends build-essential pkg-config sqlite3 libsqlite3-dev && \
rm -rf /var/lib/apt/lists/*

COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN mkdir -p /out && \
Comment on lines +15 to +18
Copy link

Copilot AI Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The builder stage doesn’t take advantage of BuildKit caching for Go modules/build cache, so CI builds will repeatedly download modules and recompile from scratch. Since you already set # syntax=docker/dockerfile:1.6, consider using BuildKit cache mounts for /go/pkg/mod and the Go build cache to significantly speed up repeated builds.

Suggested change
RUN go mod download
COPY . .
RUN mkdir -p /out && \
RUN --mount=type=cache,target=/go/pkg/mod \
go mod download
COPY . .
RUN --mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
mkdir -p /out && \

Copilot uses AI. Check for mistakes.
go build -buildvcs=false -o /out/kraken-build-index ./build-index

FROM debian:12

# Fix repository configuration for Debian 12 (bookworm) with multiple mirrors and better retry logic
Expand Down Expand Up @@ -33,7 +54,7 @@ RUN if [ ${USERID} != "0" ]; then useradd --uid ${USERID} ${USERNAME}; fi
COPY ./docker/setup_nginx.sh /tmp/setup_nginx.sh
RUN /tmp/setup_nginx.sh ${USERNAME}

COPY ./build-index/build-index /usr/bin/kraken-build-index
COPY --from=builder /out/kraken-build-index /usr/bin/kraken-build-index
COPY ./config /etc/kraken/config
COPY ./nginx/config /etc/kraken-build-index/nginx/config
COPY ./localdb/migrations /etc/kraken-build-index/localdb/migrations
Expand Down
35 changes: 30 additions & 5 deletions docker/herd/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,30 @@
# syntax=docker/dockerfile:1.6

# This image combines all central components into one container, for easier
# deployment and management.
FROM golang:1.23.11 AS builder

ARG TARGETOS
ARG TARGETARCH
ENV CGO_ENABLED=1 GO111MODULE=on

WORKDIR /src

RUN apt-get update && \
apt-get install -y --no-install-recommends build-essential pkg-config sqlite3 libsqlite3-dev && \
rm -rf /var/lib/apt/lists/*

COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN mkdir -p /out && \
go build -buildvcs=false -o /out/kraken-build-index ./build-index && \
go build -buildvcs=false -o /out/kraken-origin ./origin && \
go build -buildvcs=false -o /out/kraken-proxy ./proxy && \
go build -buildvcs=false -o /out/kraken-testfs ./tools/bin/testfs && \
go build -buildvcs=false -o /out/kraken-tracker ./tracker

FROM debian:12

# Fix repository configuration for Debian 12 (bookworm) with multiple mirrors and better retry logic
Expand Down Expand Up @@ -58,11 +83,11 @@ RUN if [ ${USERID} != "0" ]; then mkdir -p /etc/sudoers.d/ && \
COPY ./docker/setup_nginx.sh /tmp/setup_nginx.sh
RUN /tmp/setup_nginx.sh ${USERNAME}

COPY ./build-index/build-index /usr/bin/kraken-build-index
COPY ./origin/origin /usr/bin/kraken-origin
COPY ./proxy/proxy /usr/bin/kraken-proxy
COPY ./tools/bin/testfs/testfs /usr/bin/kraken-testfs
COPY ./tracker/tracker /usr/bin/kraken-tracker
COPY --from=builder /out/kraken-build-index /usr/bin/kraken-build-index
COPY --from=builder /out/kraken-origin /usr/bin/kraken-origin
COPY --from=builder /out/kraken-proxy /usr/bin/kraken-proxy
COPY --from=builder /out/kraken-testfs /usr/bin/kraken-testfs
COPY --from=builder /out/kraken-tracker /usr/bin/kraken-tracker

RUN chmod +x /usr/bin/kraken-build-index && \
chmod +x /usr/bin/kraken-origin && \
Expand Down
23 changes: 22 additions & 1 deletion docker/origin/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,24 @@
# syntax=docker/dockerfile:1.6

FROM golang:1.23.11 AS builder

ARG TARGETOS
ARG TARGETARCH
ENV CGO_ENABLED=1 GO111MODULE=on

WORKDIR /src

RUN apt-get update && \
apt-get install -y --no-install-recommends build-essential pkg-config sqlite3 libsqlite3-dev && \
rm -rf /var/lib/apt/lists/*

COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN mkdir -p /out && \
go build -buildvcs=false -o /out/kraken-origin ./origin

FROM debian:12

# Fix repository configuration for Debian 12 (bookworm) with multiple mirrors and better retry logic
Expand Down Expand Up @@ -34,7 +55,7 @@ RUN if [ ${USERID} != "0" ]; then useradd --uid ${USERID} ${USERNAME}; fi
COPY ./docker/setup_nginx.sh /tmp/setup_nginx.sh
RUN /tmp/setup_nginx.sh ${USERNAME}

COPY ./origin/origin /usr/bin/kraken-origin
COPY --from=builder /out/kraken-origin /usr/bin/kraken-origin
COPY ./config /etc/kraken/config
COPY ./nginx/config /etc/kraken/nginx/config
COPY ./localdb/migrations /etc/kraken/localdb/migrations
Expand Down
23 changes: 22 additions & 1 deletion docker/proxy/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,24 @@
# syntax=docker/dockerfile:1.6

FROM golang:1.23.11 AS builder

ARG TARGETOS
ARG TARGETARCH
ENV CGO_ENABLED=1 GO111MODULE=on

WORKDIR /src

RUN apt-get update && \
apt-get install -y --no-install-recommends build-essential pkg-config sqlite3 libsqlite3-dev && \
rm -rf /var/lib/apt/lists/*

COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN mkdir -p /out && \
go build -buildvcs=false -o /out/kraken-proxy ./proxy

FROM debian:12

# Fix repository configuration for Debian 12 (bookworm) with multiple mirrors and better retry logic
Expand Down Expand Up @@ -33,7 +54,7 @@ RUN if [ ${USERID} != "0" ]; then useradd --uid ${USERID} ${USERNAME}; fi
COPY ./docker/setup_nginx.sh /tmp/setup_nginx.sh
RUN /tmp/setup_nginx.sh ${USERNAME}

COPY ./proxy/proxy /usr/bin/kraken-proxy
COPY --from=builder /out/kraken-proxy /usr/bin/kraken-proxy
COPY ./config /etc/kraken/config
COPY ./nginx/config /etc/kraken/nginx/config
COPY ./test/tls /etc/kraken/tls
Expand Down
23 changes: 22 additions & 1 deletion docker/testfs/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,24 @@
# syntax=docker/dockerfile:1.6

FROM golang:1.23.11 AS builder

ARG TARGETOS
ARG TARGETARCH
ENV CGO_ENABLED=1 GO111MODULE=on

WORKDIR /src

RUN apt-get update && \
apt-get install -y --no-install-recommends build-essential pkg-config sqlite3 libsqlite3-dev && \
rm -rf /var/lib/apt/lists/*

COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN mkdir -p /out && \
go build -buildvcs=false -o /out/kraken-testfs ./tools/bin/testfs

FROM debian:12

# Fix repository configuration for Debian 12 (bookworm) with CDN mirror for better stability
Expand Down Expand Up @@ -28,7 +49,7 @@ ARG USERNAME="root"
ARG USERID="0"
RUN if [ ${USERID} != "0" ]; then useradd --uid ${USERID} ${USERNAME}; fi

COPY tools/bin/testfs/testfs /usr/bin/kraken-testfs
COPY --from=builder /out/kraken-testfs /usr/bin/kraken-testfs
RUN chmod +x /usr/bin/kraken-testfs

USER ${USERNAME}
Expand Down
23 changes: 22 additions & 1 deletion docker/tracker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,24 @@
# syntax=docker/dockerfile:1.6

FROM golang:1.23.11 AS builder

ARG TARGETOS
ARG TARGETARCH
ENV CGO_ENABLED=1 GO111MODULE=on

WORKDIR /src

RUN apt-get update && \
apt-get install -y --no-install-recommends build-essential pkg-config sqlite3 libsqlite3-dev && \
rm -rf /var/lib/apt/lists/*

COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN mkdir -p /out && \
go build -buildvcs=false -o /out/kraken-tracker ./tracker

FROM debian:12

# Fix repository configuration for Debian 12 (bookworm) with multiple mirrors and better retry logic
Expand Down Expand Up @@ -33,7 +54,7 @@ RUN if [ ${USERID} != "0" ]; then useradd --uid ${USERID} ${USERNAME}; fi
COPY ./docker/setup_nginx.sh /tmp/setup_nginx.sh
RUN /tmp/setup_nginx.sh ${USERNAME}

COPY ./tracker/tracker /usr/bin/kraken-tracker
COPY --from=builder /out/kraken-tracker /usr/bin/kraken-tracker
COPY ./config /etc/kraken/config
COPY ./nginx/config /etc/kraken/nginx/config
COPY ./test/tls /etc/kraken/tls
Expand Down
Loading