[pull] develop from baserow:develop

.github/workflows/ci.yml

@@ -22,6 +22,24 @@ env:
   DEVELOP_BRANCH_NAME: develop
 
 jobs:
+  check-build-and-publish:
+    name: Check build and publish
+    runs-on: ubuntu-latest
+    outputs:
+      should_build_and_publish: ${{ steps.setflag.outputs.should_build_and_publish }}
+    steps:
+      - id: setflag
+        shell: bash
+        run: |
+          if [[ -n "${{ secrets.RELEASE_DOCKER_REPOSITORY }}" && \
+                -n "${{ secrets.RELEASE_DOCKER_REGISTRY }}" && \
+                -n "${{ secrets.RELEASE_DOCKER_USERNAME }}" && \
+                -n "${{ secrets.RELEASE_DOCKER_PASSWORD }}" ]]; then
+            echo "should_build_and_publish=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "should_build_and_publish=false" >> "$GITHUB_OUTPUT"
+          fi
+
   # ==========================================================================
   # BUILD STAGE - Build Docker images for backend and frontend
   # ==========================================================================
@@ -766,3 +784,323 @@ jobs:
         with:
           GITHUB_TOKEN: ${{ github.token }}
           MERGE_COVERAGE_FILES: false
+
+  # ==========================================================================
+  # Build and publish stage - builds production grade images and publishes
+  # ==========================================================================
+
+  build-final-backend:
+    name: Build Final Backend Image
+    runs-on: ubuntu-latest
+    if: needs.check-build-and-publish.outputs.should_build_and_publish == 'true' && (github.ref_name == 'develop' || github.ref_name == 'master')
+    needs:
+      - test-backend
+      - test-e2e
+      - backend-lint
+      - check-build-and-publish
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push final backend image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: backend/Dockerfile
+          push: true
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/backend:ci-tested-${{ github.sha }}
+          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/backend_dev:ci-${{ github.sha }}
+          cache-to: type=inline
+          labels: |
+            org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.title=backend
+            org.opencontainers.image.created=${{ github.event.head_commit.timestamp }}
+
+  build-final-web-frontend:
+    name: Build Final Web-Frontend Image
+    runs-on: ubuntu-latest
+    if: needs.check-build-and-publish.outputs.should_build_and_publish == 'true' && (github.ref_name == 'develop' || github.ref_name == 'master')
+    needs:
+      - test-frontend
+      - test-e2e
+      - frontend-lint
+      - check-build-and-publish
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push final web-frontend image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: web-frontend/Dockerfile
+          push: true
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/web-frontend:ci-tested-${{ github.sha }}
+          cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/web-frontend_dev:ci-${{ github.sha }}
+          cache-to: type=inline
+          labels: |
+            org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.title=web-frontend
+            org.opencontainers.image.created=${{ github.event.head_commit.timestamp }}
+
+  build-final-all-in-one:
+    name: Build All-in-One Image
+    runs-on: ubuntu-latest
+    if: needs.check-build-and-publish.outputs.should_build_and_publish == 'true' && (github.ref_name == 'develop' || github.ref_name == 'master')
+    needs:
+      - build-final-backend
+      - build-final-web-frontend
+      - check-build-and-publish
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push all-in-one image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: deploy/all-in-one/Dockerfile
+          push: true
+          build-args: |
+            FROM_BACKEND_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/backend:ci-tested-${{ github.sha }}
+            FROM_WEBFRONTEND_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/web-frontend:ci-tested-${{ github.sha }}
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/baserow:ci-tested-${{ github.sha }}
+          cache-to: type=inline
+          labels: |
+            org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.title=baserow
+            org.opencontainers.image.created=${{ github.event.head_commit.timestamp }}
+
+  build-cloudron:
+    name: Build Cloudron Image
+    runs-on: ubuntu-latest
+    if: needs.check-build-and-publish.outputs.should_build_and_publish == 'true' && (github.ref_name == 'develop' || github.ref_name == 'master')
+    needs:
+      - build-final-all-in-one
+      - check-build-and-publish
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push Cloudron image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: deploy/cloudron/Dockerfile
+          push: true
+          build-args: |
+            FROM_ALL_IN_ONE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/baserow:ci-tested-${{ github.sha }}
+          tags: |
+            ${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/cloudron:ci-tested-${{ github.sha }}
+          cache-to: type=inline
+          labels: |
+            org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.title=cloudron
+            org.opencontainers.image.created=${{ github.event.head_commit.timestamp }}
+
+  publish-develop-latest-backend:
+    name: Publish develop-latest backend image
+    runs-on: ubuntu-latest
+    if: needs.check-build-and-publish.outputs.should_build_and_publish == 'true' && github.ref_name == 'develop'
+    needs:
+      - build-final-backend
+      - check-build-and-publish
+    env:
+      RELEASE_DOCKER_REGISTRY: ${{ secrets.RELEASE_DOCKER_REGISTRY }}
+      RELEASE_DOCKER_REPOSITORY: ${{ secrets.RELEASE_DOCKER_REPOSITORY }}
+      RELEASE_DOCKER_USERNAME: ${{ secrets.RELEASE_DOCKER_USERNAME }}
+      RELEASE_DOCKER_PASSWORD: ${{ secrets.RELEASE_DOCKER_PASSWORD }}
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.RELEASE_DOCKER_REGISTRY }}
+          username: ${{ env.RELEASE_DOCKER_USERNAME }}
+          password: ${{ env.RELEASE_DOCKER_PASSWORD }}
+
+      - name: Create and push develop-latest image on Docker Hub
+        run: |
+          SOURCE=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/backend:ci-tested-${{ github.sha }}
+          TARGET=${{ env.RELEASE_DOCKER_REPOSITORY }}/backend:develop-latest
+          echo "Publishing $SOURCE → $TARGET"
+          docker buildx imagetools create -t $TARGET $SOURCE
+
+  publish-webfrontend-develop-latest-image:
+    name: Publish develop-latest web-frontend image
+    runs-on: ubuntu-latest
+    if: needs.check-build-and-publish.outputs.should_build_and_publish == 'true' && github.ref_name == 'develop'
+    needs:
+      - build-final-web-frontend
+      - check-build-and-publish
+    env:
+      RELEASE_DOCKER_REGISTRY: ${{ secrets.RELEASE_DOCKER_REGISTRY }}
+      RELEASE_DOCKER_REPOSITORY: ${{ secrets.RELEASE_DOCKER_REPOSITORY }}
+      RELEASE_DOCKER_USERNAME: ${{ secrets.RELEASE_DOCKER_USERNAME }}
+      RELEASE_DOCKER_PASSWORD: ${{ secrets.RELEASE_DOCKER_PASSWORD }}
+    permissions:
+      contents: read
+      packages: read
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.RELEASE_DOCKER_REGISTRY }}
+          username: ${{ env.RELEASE_DOCKER_USERNAME }}
+          password: ${{ env.RELEASE_DOCKER_PASSWORD }}
+
+      - name: Create and push develop-latest image on Docker Hub
+        run: |
+          SOURCE=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/web-frontend:ci-tested-${{ github.sha }}
+          TARGET=${{ env.RELEASE_DOCKER_REPOSITORY }}/web-frontend:develop-latest
+          echo "Publishing $SOURCE → $TARGET"
+          docker buildx imagetools create -t $TARGET $SOURCE
+
+  publish-all-in-one-develop-latest-image:
+    name: Publish develop-latest all-in-one image
+    runs-on: ubuntu-latest
+    if: needs.check-build-and-publish.outputs.should_build_and_publish == 'true' && github.ref_name == 'develop'
+    needs:
+      - build-final-all-in-one
+      - check-build-and-publish
+    env:
+      RELEASE_DOCKER_REGISTRY: ${{ secrets.RELEASE_DOCKER_REGISTRY }}
+      RELEASE_DOCKER_REPOSITORY: ${{ secrets.RELEASE_DOCKER_REPOSITORY }}
+      RELEASE_DOCKER_USERNAME: ${{ secrets.RELEASE_DOCKER_USERNAME }}
+      RELEASE_DOCKER_PASSWORD: ${{ secrets.RELEASE_DOCKER_PASSWORD }}
+    permissions:
+      contents: read
+      packages: read
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.RELEASE_DOCKER_REGISTRY }}
+          username: ${{ env.RELEASE_DOCKER_USERNAME }}
+          password: ${{ env.RELEASE_DOCKER_PASSWORD }}
+
+      - name: Create and push develop-latest image on Docker Hub
+        run: |
+          SOURCE=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/baserow:ci-tested-${{ github.sha }}
+          TARGET=${{ env.RELEASE_DOCKER_REPOSITORY }}/baserow:develop-latest
+          echo "Publishing $SOURCE → $TARGET"
+          docker buildx imagetools create -t $TARGET $SOURCE
+
+  publish-cloudron-develop-latest-image:
+    name: Publish develop-latest Cloudron image
+    runs-on: ubuntu-latest
+    if: needs.check-build-and-publish.outputs.should_build_and_publish == 'true' && github.ref_name == 'develop'
+    needs:
+      - build-cloudron
+      - check-build-and-publish
+    env:
+      RELEASE_DOCKER_REGISTRY: ${{ secrets.RELEASE_DOCKER_REGISTRY }}
+      RELEASE_DOCKER_REPOSITORY: ${{ secrets.RELEASE_DOCKER_REPOSITORY }}
+      RELEASE_DOCKER_USERNAME: ${{ secrets.RELEASE_DOCKER_USERNAME }}
+      RELEASE_DOCKER_PASSWORD: ${{ secrets.RELEASE_DOCKER_PASSWORD }}
+    permissions:
+      contents: read
+      packages: read
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.RELEASE_DOCKER_REGISTRY }}
+          username: ${{ env.RELEASE_DOCKER_USERNAME }}
+          password: ${{ env.RELEASE_DOCKER_PASSWORD }}
+
+      - name: Create and push develop-latest image on Docker Hub
+        run: |
+          SOURCE=${{ env.REGISTRY }}/${{ env.IMAGE_REPO }}/cloudron:ci-tested-${{ github.sha }}
+          TARGET=${{ env.RELEASE_DOCKER_REPOSITORY }}/cloudron:develop-latest
+          echo "Publishing $SOURCE → $TARGET"
+          docker buildx imagetools create -t $TARGET $SOURCE