From 3dec478c804e554bfb136acb78af2fd0ba54f6d0 Mon Sep 17 00:00:00 2001
From: "Austin S. Hemmelgarn" <austin@netdata.cloud>
Date: Tue, 31 Jan 2023 08:18:22 -0500
Subject: [PATCH] Publish Docker images to GHCR.io and Quay.io (#14372)

* Also publish official images to GHCR.

This provides an alternative source for users to get our Docker images.

* Add basic static labels to our Docker images.

These provide slightly better behavior on GHCR, as well as providing
useful metadata for users.

* Also publish to Quay.io.

* Fix typo.

Co-authored-by: Ilya Mashchenko <ilya@netdata.cloud>

---------

Co-authored-by: Ilya Mashchenko <ilya@netdata.cloud>
---
 .github/workflows/docker.yml | 37 +++++++++++++++++++++++++++++++-----
 packaging/docker/Dockerfile  |  8 ++++++++
 2 files changed, 40 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index ae968bae93..973f309c02 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -169,12 +169,28 @@ jobs:
         id: buildx
         uses: docker/setup-buildx-action@v2
       - name: Docker Hub Login
-        id: login
+        id: docker-hub-login
         if: github.repository == 'netdata/netdata'
         uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKER_HUB_USERNAME }}
           password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+      - name: GitHub Container Registry Login
+        id: ghcr-login
+        if: github.repository == 'netdata/netdata'
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Quay.io Login
+        id: quay-login
+        if: github.repository == 'netdata/netdata'
+        uses: docker/login-action@v2
+        with:
+          registry: quay.io
+          username: ${{ secrets.NETDATABOT_QUAY_USERNAME }}
+          password: ${{ secrets.NETDATABOT_QUAY_TOKEN }}
       - name: Docker Build
         id: build
         uses: docker/build-push-action@v3
@@ -199,7 +215,9 @@ jobs:
               Setup environment: ${{ steps.env.outcome }}
               Setup QEMU: ${{ steps.qemu.outcome }}
               Setup buildx: ${{ steps.buildx.outcome }}
-              Authenticate against DockerHub: ${{ steps.login.outcome }}
+              Login to DockerHub: ${{ steps.docker-hub-login.outcome }}
+              Login to GHCR: ${{ steps.ghcr-login.outcome }}
+              Login to Quay: ${{ steps.quay-login.outcome }}
               Build and publish images: ${{ steps.build.outcome }}
           SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
         if: >-
@@ -254,12 +272,20 @@ jobs:
         id: buildx
         uses: docker/setup-buildx-action@v2
       - name: Docker Hub Login
-        id: login
+        id: docker-hub-login
         if: github.repository == 'netdata/netdata'
         uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKER_HUB_USERNAME }}
           password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+      - name: GitHub Container Registry Login
+        id: ghcr-login
+        if: github.repository == 'netdata/netdata'
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
       - name: Docker Build
         id: build
         uses: docker/build-push-action@v3
@@ -280,13 +306,14 @@ jobs:
           SLACK_USERNAME: 'GitHub Actions'
           SLACK_MESSAGE: |-
               ${{ github.repository }}: Failed to build or publish Docker debug images.
-              CHeckout: ${{ steps.checkout.outcome }}
+              Checkout: ${{ steps.checkout.outcome }}
               Generate release tags: ${{ steps.release-tags.outcome }}
               Generate nightly tags: ${{ steps.nightly-tags.outcome }}
               Setup environment: ${{ steps.env.outcome }}
               Setup QEMU: ${{ steps.qemu.outcome }}
               Setup buildx: ${{ steps.buildx.outcome }}
-              Authenticate against DockerHub: ${{ steps.login.outcome }}
+              Login to DockerHub: ${{ steps.docker-hub-login.outcome }}
+              Login to GHCR: ${{ steps.ghcr-login.outcome }}
               Build and publish images: ${{ steps.build.outcome }}
           SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
         if: >-
diff --git a/packaging/docker/Dockerfile b/packaging/docker/Dockerfile
index ebd59ca5cd..ce5a0b9326 100644
--- a/packaging/docker/Dockerfile
+++ b/packaging/docker/Dockerfile
@@ -119,3 +119,11 @@ ENTRYPOINT ["/usr/sbin/run.sh"]
 HEALTHCHECK --interval=60s --timeout=10s --retries=3 CMD /usr/sbin/health.sh
 
 ONBUILD ENV NETDATA_OFFICIAL_IMAGE=false
+
+LABEL org.opencontainers.image.authors="Netdatabot <bot@netdata.cloud>"
+LABEL org.opencontainers.image.url="https://netdata.cloud"
+LABEL org.opencontainers.image.documentation="https://learn.netdata.cloud"
+LABEL org.opencontainers.image.source="https://github.com/netdata/netdata"
+LABEL org.opencontainers.image.title="Netdata Agent"
+LABEL org.opencontainers.image.description="Official Netdata Agent Docker Image"
+LABEL org.opencontainers.image.vendor="Netdata Inc."