Add Github Actions to build and push to Docker hub

[Ilyes512]

Add Github Actions to build and push to Docker hub automatically:

• latest tags for any changes in the master-branch
• git tags for any specific Caddy versions (ie git tag v2.0.0 will build and tag a image caddy:v2.0.0-alpine

Question: Should we use the v prefix for versions?

[hairyhenderson]

We spoke about this on Slack, but just to record this here - I think the strategy should be GitHub Actions to build & test the images, and DockerHub Automated Builds to build the caddy/caddy images.

Note that if/when we get an official image accepted (i.e. caddy), the build process is a bit different, and handled by Docker's infrastructure.

As for latest - there's a couple different ways this could work - we could have it track master, or we could have it track tagged releases only, and add another master tag to track GitHub's master. I'm open to either.

I suggest 2.0.0 (without the v) as the version tags, simply because that's the convention used in the official images.

[mholt]

@hairyhenderson

As for latest - there's a couple different ways this could work - we could have it track master, or we could have it track tagged releases only, and add another master tag to track GitHub's master. I'm open to either.

I can see why this might be useful like with local development and testing, but is there any way we can put a big "DO NOT DEPLOY OR AUTOMATE THIS IMAGE BECAUSE IT CAN BREAK YOU AT ANY TIME" warning sticker on it? Ideally, I'd like to not have one at all, just because there's no guarantee that we won't release a v3 someday (it's not at all on the radar, but I've seen this happen with other similar projects -- recently -- and it's kinda scary).

Not against it, but also trying to limit footgunning. Just my $0.02.

[hairyhenderson]

I'd like to not have one at all, just because there's no guarantee that we won't release a v3 someday

@mholt yeah, and that's what we'd use caddy/caddy:2 to protect against. Most of the container-savvy world understands now that latest is not for use in production, though I'm sure there are lots of folks who still haven't gotten that message 😉

I've come across a few images that simply don't publish a latest, and that's totally a possibility. Another possibility would be (once we have the official caddy image) to have a caddy/caddy:latest, but not have a caddy:latest.

Anyway, none of this is set in stone so we can change as we learn how people want to consume the caddy images!

[mholt]

I like either of those ideas -- just not publish any latest for starters, and if we do, only do it with caddy/caddy. Anyway, thanks for entertaining the possibility!

[hairyhenderson]

@mholt ok I'll modify #8 to reflect that decision!

[Ilyes512]

I am not sure about not using latest. I believe all official images use and have a image tagged as latest. Not sure if it's mandatory.

I would always tag a latest tag, because it's so common. Usually latest is used for demo's or examples. Someone using docker should know that they should not use latest in production.

[hairyhenderson]

I believe all official images use and have a image tagged as latest. Not sure if it's mandatory.

They mostly do, but it's not mandatory. I've run across at least one instance where latest wasn't used (though it was replaced with a different tag known to that community): docker-library/official-images#5855 (comment)

Personally I could go either way on this one. It certainly is a common convention... 🤷‍♂

[timwis]

For what it's worth, I tried using caddy/caddy in my docker-compose file, because the docs say docker pull caddy/caddy but I get the error ERROR: manifest for caddy/caddy:latest not found: manifest unknown: manifest unknown. I got around it by using caddy/caddy:alpine. I couldn't find any version numbers on the docker hub page to pin to.

[hairyhenderson]

Thanks @timwis - that's a good data point. I'd say that constitutes a docs bug 😉.

You're right that there aren't any version numbers, too - we haven't gotten around to that in the Docker images yet (though it's high time!).

There's at least a few other instances where users tried caddy/caddy and it failed surprisingly - I'd call that at least some data points in favour of publishing latest...

[hairyhenderson]

@timwis just FYI we're going to publish latest soon 😉

Either way, the original intent of this issue has long since been achieved, so I'm closing this.