.github/workflows/docker-build.yml

name: Docker Build

on:
  push:
    branches:
      - main
    tags:
      - "[0-9]+.[0-9]+.[0-9]+"
      - "[0-9]+.[0-9]+.[0-9]+-RC[0-9]+"
  workflow_dispatch:

env:
  REGISTRY: ghcr.io

jobs:
  build:
    name: Build Docker Image
    runs-on: ubuntu-24.04
    permissions:
      packages: write
    strategy:
      matrix:
        # Define the Docker images to build. The job first builds an image using Docker which is used for the ui and for
        # worker base images. Then the job builds an image using Jib. Both steps are optional, e.g., not all Jib builds
        # need a base image, and the ui build does not need a Jib build.
        #
        # If the image is built with Docker:
        # preparationTask (optional): Gradle task to run before building the image.
        # image: Name of the image, used for the Docker image name.
        # context: Path to the Docker context directory.
        # dockerfile: Path of the Dockerfile to use, relative to context.
        # imageVariant (optional): Variant of the image, used for the Docker image tag.
        # buildArgs (optional): Build arguments to pass to the Docker build.
        #
        # If the image is built with Jib:
        # jibImage: Name of the image built by Jib.
        # task: Gradle task to build the image.
        #
        # Optional properties:
        # freeDiskSpace: Whether to free disk space before building the image.
        docker:
        - jibImage: core
          task: :core:jibDockerBuild
        - jibImage: orchestrator
          task: :orchestrator:jibDockerBuild
        - jibImage: kubernetes-jobmonitor
          task: :transport:kubernetes-jobmonitor:jibDockerBuild
        - jibImage: advisor-worker
          task: :workers:advisor:jibDockerBuild
        - image: analyzer-worker-base-image
          buildArgs: TEMURIN_VERSION=21
          context: workers/analyzer/docker
          dockerfile: Analyzer.Dockerfile
          jibImage: analyzer-worker
          imageVariant: jdk21
          task: :workers:analyzer:jibDockerBuild
          freeDiskSpace: true
        - image: analyzer-worker-base-image
          buildArgs: |
            TEMURIN_VERSION=11
            ANDROID_CMD_VERSION=9862592
          context: workers/analyzer/docker
          dockerfile: Analyzer.Dockerfile
          jibImage: analyzer-worker
          imageVariant: jdk11
          task: :workers:analyzer:jibDockerBuild
          freeDiskSpace: true
        - image: analyzer-worker-base-image
          context: workers/analyzer/docker
          dockerfile: Analyzer.Dockerfile
          jibImage: analyzer-worker
          imageVariant: jdk17
          task: :workers:analyzer:jibDockerBuild
          freeDiskSpace: true
        - image: config-worker-base-image
          context: workers/config/docker
          dockerfile: Config.Dockerfile
          jibImage: config-worker
          task: :workers:config:jibDockerBuild
        - image: evaluator-worker-base-image
          context: workers/evaluator/docker
          dockerfile: Evaluator.Dockerfile
          jibImage: evaluator-worker
          task: :workers:evaluator:jibDockerBuild
        - image: notifier-worker-base-image
          context: workers/notifier/docker
          dockerfile: Notifier.Dockerfile
          jibImage: notifier-worker
          task: :workers:notifier:jibDockerBuild
        - image: reporter-worker-base-image
          context: workers/reporter/docker
          dockerfile: Reporter.Dockerfile
          jibImage: reporter-worker
          task: :workers:reporter:jibDockerBuild
        - image: scanner-worker-base-image
          context: workers/scanner/docker
          dockerfile: Scanner.Dockerfile
          jibImage: scanner-worker
          task: :workers:scanner:jibDockerBuild
        - preparationTask: :core:generateOpenApiSpec
          image: ui
          context: ui
          dockerfile: docker/UI.Dockerfile

    steps:
    - name: Checkout Repository
      uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4

    - name: Free Disk Space
      if: ${{ matrix.docker.freeDiskSpace }}
      uses: ./.github/actions/free-disk-space

    - name: Setup Java 11
      uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4
      with:
        distribution: 'temurin'
        java-version: '11'

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3

    - name: Login to GitHub Container Registry
      uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
      with:
        registry: ${{ env.REGISTRY }}
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}

    - name: Setup Gradle
      uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4

    - name: Get ORT-Server Version
      run: |
        ORT_SERVER_VERSION=$(./gradlew -q properties --property version | sed -nr 's/version: (.+)/\1/p')
        echo "ORT_SERVER_VERSION=${ORT_SERVER_VERSION}" >> $GITHUB_ENV

    - name: Run Preparation Task ${{ matrix.docker.preparationTask }}
      if: ${{ matrix.docker.preparationTask != '' }}
      run: ./gradlew ${{ matrix.docker.preparationTask }}

    - name: Compute the tags
      run: |
        VARIANT=${{ matrix.docker.imageVariant || '' }}
        DOCKER_IMAGE_TAG=${{ env.ORT_SERVER_VERSION }}

        if [[ -n $VARIANT ]]; then
          DOCKER_IMAGE_TAG=$DOCKER_IMAGE_TAG-${{ matrix.docker.imageVariant }}
        fi
        echo "DOCKER_IMAGE_TAG=$DOCKER_IMAGE_TAG" >> $GITHUB_ENV

    - name: Compute Tag Suffix
      id: compute-tag-suffix
      run: |
        if [[ "${{ matrix.docker.imageVariant }}" == "jdk17" || "${{ matrix.docker.imageVariant }}" == "" ]]; then
          # No suffix.
          echo "::set-output name=suffix::"
        else
          echo "::set-output name=suffix::-${{ matrix.docker.imageVariant }}"
        fi

    - name: Extract Docker Metadata for ${{ matrix.docker.image }} Image
      if: ${{ matrix.docker.dockerfile != '' }}
      id: meta-base
      uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5
      with:
        images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.image }}
        tags: |
          type=raw,value=${{ env.DOCKER_IMAGE_TAG }}
          type=ref,event=branch,suffix=${{ steps.compute-tag-suffix.outputs.suffix }}
          type=sha,suffix=${{ steps.compute-tag-suffix.outputs.suffix }}
          type=raw,value=latest,enable=${{github.ref == 'refs/heads/main' && matrix.docker.imageVariant != 'jdk11' && matrix.docker.imageVariant != 'jdk21'}}
          type=raw,value=latest-${{ matrix.docker.imageVariant}},enable=${{github.ref == 'refs/heads/main' && matrix.docker.imageVariant != ''}}

    - name: Build ${{ matrix.docker.image }} Image with '${{ matrix.docker.imageVariant || 'default' }}' variant
      if: ${{ matrix.docker.dockerfile != '' }}
      uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6
      with:
        context: ${{ matrix.docker.context }}
        file: ${{ matrix.docker.context }}/${{ matrix.docker.dockerfile }}
        build-args: ${{ matrix.docker.buildArgs }}
        push: true
        tags: ${{ steps.meta-base.outputs.tags }}
        labels: ${{ steps.meta-base.outputs.labels }}
        cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.image }}:cache${{ steps.compute-tag-suffix.outputs.suffix }}
        cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.image }}:cache${{ steps.compute-tag-suffix.outputs.suffix }},mode=max

    - name: Extract Docker Metadata for ${{ matrix.docker.jibImage }} Image
      if: ${{ matrix.docker.task != '' }}
      id: meta
      uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5
      with:
        tags: |
          type=raw,value=${{ env.DOCKER_IMAGE_TAG }}
          type=ref,event=branch,suffix=${{ steps.compute-tag-suffix.outputs.suffix }}
          type=sha,suffix=${{ steps.compute-tag-suffix.outputs.suffix }}
          type=raw,value=latest,enable=${{github.ref == 'refs/heads/main' && matrix.docker.imageVariant != 'jdk11' && matrix.docker.imageVariant != 'jdk21'}}
          type=raw,value=latest-${{ matrix.docker.imageVariant}},enable=${{github.ref == 'refs/heads/main' && matrix.docker.imageVariant != ''}}

    - name: Build ${{ matrix.docker.jibImage }} Image with '${{ matrix.docker.imageVariant || 'default' }}' variant
      if: ${{ matrix.docker.task != '' }}
      run: |
        ./gradlew \
          -PdockerBaseImagePrefix=${{ env.REGISTRY }}/${{ github.repository_owner }}/ \
          -PdockerBaseImageTag=${{ env.DOCKER_IMAGE_TAG }} \
          -PdockerImagePrefix=${{ env.REGISTRY }}/${{ github.repository_owner }}/ \
          -PdockerImageTag=${{ env.DOCKER_IMAGE_TAG }} \
          ${{ matrix.docker.task }} \
          -Djib.console=plain \
          -Djib.container.labels="$(echo "${{ steps.meta.outputs.labels }}" | tr '\n' ',' | sed 's/,$//')" \
          -Djib.to.tags="$(echo "${{ steps.meta.outputs.tags }}" | tr '\n' ',' | sed 's/,$//')"
        docker push ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.jibImage }} --all-tags