ci(docker): publish multi-arch latest and harden release tagging path

2026-02-19 19:25:01 +08:00 · 2026-02-19 19:25:01 +08:00 · b611609c30
commit b611609c30
parent 772bb15ed9
2 changed files with 7 additions and 3 deletions
--- a/.github/workflows/main-branch-flow.md
+++ b/.github/workflows/main-branch-flow.md
@ -143,7 +143,7 @@ Workflow: `.github/workflows/pub-docker-img.yml`
   - `latest` + SHA tag (`sha-<12 chars>`) for `main`
   - semantic tag from pushed git tag (`vX.Y.Z`) + SHA tag for tag pushes
   - branch name + SHA tag for non-`main` manual dispatch refs
-5. Multi-platform publish is used for tag pushes (`linux/amd64,linux/arm64`), while `main` publish stays `linux/amd64`.
+5. Multi-platform publish is used for both `main` and tag pushes (`linux/amd64,linux/arm64`).
 6. Typical runtime in recent sample: ~139.9s.
 7. Result: pushed image tags under `ghcr.io/<owner>/<repo>`.

--- a/.github/workflows/pub-docker-img.yml
+++ b/.github/workflows/pub-docker-img.yml
@ -75,6 +75,8 @@ jobs:
                  tags: zeroclaw-pr-smoke:latest
                  labels: ${{ steps.meta.outputs.labels || '' }}
                  platforms: linux/amd64
+                  cache-from: type=gha
+                  cache-to: type=gha,mode=max

            - name: Verify image
              run: docker run --rm zeroclaw-pr-smoke:latest --version
@ -83,7 +85,7 @@ jobs:
        name: Build and Push Docker Image
        if: (github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')))) && github.repository == 'zeroclaw-labs/zeroclaw'
        runs-on: blacksmith-2vcpu-ubuntu-2404
-        timeout-minutes: 25
+        timeout-minutes: 45
        permissions:
            contents: read
            packages: write
@ -128,7 +130,9 @@ jobs:
                  context: .
                  push: true
                  tags: ${{ steps.meta.outputs.tags }}
-                  platforms: ${{ startsWith(github.ref, 'refs/tags/v') && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
+                  platforms: linux/amd64,linux/arm64
+                  cache-from: type=gha
+                  cache-to: type=gha,mode=max

            - name: Set GHCR package visibility to public
              shell: bash