ci: Docker move build stage outside container (no-changelog) (#16009)

2025-12-17 01:56:46 +00:00 · 2025-06-25 12:52:16 +01:00
parent 3f6eef1706
commit 909b65d266
14 changed files with 949 additions and 350 deletions
--- a/.github/workflows/release-publish.yml
+++ b/.github/workflows/release-publish.yml
@@ -72,62 +72,11 @@ jobs:
  publish-to-docker-hub:
    name: Publish to DockerHub
    needs: [publish-to-npm]
-    runs-on: ubuntu-latest
-    if: github.event.pull_request.merged == true
-    timeout-minutes: 30
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-        with:
-          fetch-depth: 0
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@53851d14592bedcffcf25ea515637cff71ef929a # v3.3.0
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Login to DockerHub
-        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-
-      - name: Build
-        uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0
-        env:
-          DOCKER_BUILD_SUMMARY: false
-        with:
-          context: .
-          file: docker/images/n8n/Dockerfile
-          build-args: |
-            N8N_VERSION=${{ needs.publish-to-npm.outputs.release }}
-            N8N_RELEASE_TYPE=stable
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          platforms: linux/amd64,linux/arm64
-          provenance: false
-          push: true
-          tags: |
-            ${{ secrets.DOCKER_USERNAME }}/n8n:${{ needs.publish-to-npm.outputs.release }}
-            ghcr.io/${{ github.repository_owner }}/n8n:${{ needs.publish-to-npm.outputs.release }}
-
-  security-scan:
-    name: Security Scan Release Image
-    needs: [publish-to-npm, publish-to-docker-hub]
-    uses: ./.github/workflows/security-trivy-scan-callable.yml
+    uses: ./.github/workflows/docker-build-push.yml
    with:
-      image_ref: ghcr.io/${{ github.repository_owner }}/n8n:${{ needs.publish-to-npm.outputs.release }}
-    secrets:
-      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+      n8n_version: ${{ needs.publish-to-npm.outputs.release }}
+      release_type: stable
+    secrets: inherit

  create-github-release:
    name: Create a GitHub Release