From d94636610a92144620eb32c9c9e9278fc6898884 Mon Sep 17 00:00:00 2001
From: pthmas <9058370+pthmas@users.noreply.github.com>
Date: Wed, 4 Mar 2026 16:15:55 +0100
Subject: [PATCH 1/2] ci: automate docker image builds to GHCR

Add a reusable GitHub Actions workflow to build and push Docker images for the indexer, API, and frontend services to GitHub Container Registry (GHCR) on every push to main. Images are built for both linux/amd64 and linux/arm64 platforms.
---
 .github/workflows/ci.yml                | 17 ++++++++
 .github/workflows/docker-build-push.yml | 58 +++++++++++++++++++++++++
 2 files changed, 75 insertions(+)
 create mode 100644 .github/workflows/docker-build-push.yml

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ebdb3b8..36313af 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -63,3 +63,20 @@ jobs:
 
       - name: Build
         run: bun run build
+
+  docker:
+    name: Docker (GHCR)
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    uses: ./.github/workflows/docker-build-push.yml
+    secrets: inherit
+    permissions:
+      contents: read
+      packages: write
+    with:
+      image-tag: main
+      apps: |
+        [
+          {"name": "atlas-oss-indexer", "context": "backend", "dockerfile": "backend/Dockerfile", "target": "indexer"},
+          {"name": "atlas-oss-api", "context": "backend", "dockerfile": "backend/Dockerfile", "target": "api"},
+          {"name": "atlas-oss-frontend", "context": "frontend", "dockerfile": "frontend/Dockerfile", "target": ""}
+        ]
diff --git a/.github/workflows/docker-build-push.yml b/.github/workflows/docker-build-push.yml
new file mode 100644
index 0000000..beaa871
--- /dev/null
+++ b/.github/workflows/docker-build-push.yml
@@ -0,0 +1,58 @@
+name: Build Docker Images
+
+on:
+  workflow_call:
+    inputs:
+      image-tag:
+        required: true
+        type: string
+        description: "Docker image tag (example: main)"
+      apps:
+        required: true
+        type: string
+        description: "JSON array of apps to build"
+
+jobs:
+  build-images:
+    name: Build ${{ matrix.app.name }}
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    strategy:
+      matrix:
+        app: ${{ fromJson(inputs.apps) }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push ${{ matrix.app.name }} (targeted)
+        if: matrix.app.target != ''
+        uses: docker/build-push-action@v6
+        with:
+          context: ${{ matrix.app.context }}
+          file: ${{ matrix.app.dockerfile }}
+          target: ${{ matrix.app.target }}
+          push: true
+          platforms: linux/amd64,linux/arm64
+          tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.app.name }}:${{ inputs.image-tag }}
+
+      - name: Build and push ${{ matrix.app.name }} (default target)
+        if: matrix.app.target == ''
+        uses: docker/build-push-action@v6
+        with:
+          context: ${{ matrix.app.context }}
+          file: ${{ matrix.app.dockerfile }}
+          push: true
+          platforms: linux/amd64,linux/arm64
+          tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.app.name }}:${{ inputs.image-tag }}

From dce7125026845fafd903dd2739854c38e3b38b28 Mon Sep 17 00:00:00 2001
From: pthmas <9058370+pthmas@users.noreply.github.com>
Date: Wed, 4 Mar 2026 16:23:45 +0100
Subject: [PATCH 2/2] ci: build only for amd64

---
 .github/workflows/docker-build-push.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/docker-build-push.yml b/.github/workflows/docker-build-push.yml
index beaa871..3074400 100644
--- a/.github/workflows/docker-build-push.yml
+++ b/.github/workflows/docker-build-push.yml
@@ -44,7 +44,7 @@ jobs:
           file: ${{ matrix.app.dockerfile }}
           target: ${{ matrix.app.target }}
           push: true
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64
           tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.app.name }}:${{ inputs.image-tag }}
 
       - name: Build and push ${{ matrix.app.name }} (default target)
@@ -54,5 +54,5 @@ jobs:
           context: ${{ matrix.app.context }}
           file: ${{ matrix.app.dockerfile }}
           push: true
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64
           tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.app.name }}:${{ inputs.image-tag }}