changed runner

Author: rela-v

.github/workflows/docker-publish.yml

@@ -4,10 +4,15 @@ on:
   push:
     branches: [ "main" ]
 
+permissions:
+  contents: read
+
 jobs:
   build:
-    runs-on: ${{ matrix.arch == 'amd64' && 'ubuntu-latest' || 'ubuntu-24.04-arm64' }}
+    # Note: If ubuntu-24.04-arm64 hangs, verify your Org settings for "Larger Runners"
+    runs-runs-on: ${{ matrix.arch == 'amd64' && 'ubuntu-latest' || 'ubuntu-24.04-arm64' }}
     strategy:
+      fail-fast: false # Robustness: If one arch fails, don't kill the other immediately
       matrix:
         arch: [amd64, arm64]
 
@@ -24,25 +29,35 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_API_KEY }}
 
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: cdrl/3podr_container
+
       - name: Build and push by digest
         id: build
         uses: docker/build-push-action@v6
         with:
           context: .
           platforms: linux/${{ matrix.arch }}
+          labels: ${{ steps.meta.outputs.labels }}
+          # Use gha cache for speed across parallel runs
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
           outputs: type=image,name=cdrl/3podr_container,push-by-digest=true,name-canonical=true,push=true
 
       - name: Export digest
         run: |
-          mkdir -p /tmp/digests
+          mkdir -p ${{ runner.temp }}/digests
           digest="${{ steps.build.outputs.digest }}"
-          touch "/tmp/digests/${digest#sha256:}"          
+          touch "${{ runner.temp }}/digests/${digest#sha256:}"          
 
       - name: Upload digest
         uses: actions/upload-artifact@v4
         with:
           name: digests-${{ matrix.arch }}
-          path: /tmp/digests/*
+          path: ${{ runner.temp }}/digests/*
           if-no-files-found: error
           retention-days: 1
 
@@ -53,18 +68,35 @@ jobs:
       - name: Download digests
         uses: actions/download-artifact@v4
         with:
-          path: /tmp/digests
+          path: ${{ runner.temp }}/digests
           pattern: digests-*
           merge-multiple: true
 
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_API_KEY }}
 
+      - name: Extract metadata (for final tags)
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: cdrl/3podr_container
+          tags: |
+            type=ref,event=branch
+            type=sha,format=short
+            latest
+
       - name: Create manifest list and push
-        working-directory: /tmp/digests
+        working-directory: ${{ runner.temp }}/digests
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf 'cdrl/3podr_container@sha256:%s ' *)          
+
+      - name: Inspect image
         run: |
-          docker buildx imagetools create -t cdrl/3podr_container:latest \
-            $(printf 'cdrl/3podr_container@sha256:%s ' *)
+          docker buildx imagetools inspect cdrl/3podr_container:${{ steps.meta.outputs.version }}