webui/.github/workflows/release.yml

name: Release & Docker

on:
  push:
    tags:
      - 'v*'

jobs:
  release:
    runs-on: ubuntu-latest
    permissions:
      contents: write   # required: create GitHub Release
      packages: write   # required: push to ghcr.io

    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2

      # Create GitHub Release from tag with auto-generated notes
      - name: Create GitHub Release
        uses: softprops/action-gh-release@c062e08bd532815e2082a7e09ce9571a6592a176  # v2.2.1
        with:
          generate_release_notes: true

      # Set up multi-arch build (QEMU + Buildx)
      - uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf  # v3.2.0
      - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349  # v3.7.1

      # Log in to GitHub Container Registry
      - name: Log in to GitHub Container Registry
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567  # v3.3.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      # Extract semver tags: e.g. v0.26 -> 0.26, 0.26 (major.minor), latest
      - name: Extract metadata
        id: meta
        uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96  # v5.6.1
        with:
          images: ghcr.io/${{ github.repository }}
          tags: |
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}
            type=raw,value=latest,enable={{is_default_branch}}

      # Build and push multi-arch image (amd64 + arm64)
      - name: Build and push Docker image
        uses: docker/build-push-action@ca877d9245fef47ef8e79a0c8ffc0a6d6b2e36a1  # v6.10.0
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max