Docker Image Build and Publish #12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker Image Build and Publish | |
on: | |
push: | |
branches: | |
- main | |
schedule: | |
# At 20:00 UTC everyday (roughly 06:00 AEST) | |
- cron: '0 20 * * *' | |
workflow_dispatch: | |
inputs: | |
dockerfile_dir: | |
type: choice | |
description: Docker Image to Build | |
options: | |
- debug-image | |
- ruby-image | |
defaults: | |
run: | |
shell: bash | |
env: | |
DOCKER_REPOSITORY: ${{ github.repository }} | |
DOCKER_REGISTRY: 'ghcr.io' | |
jobs: | |
matrix_prep: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.set_matrix.outputs.matrix }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Matrix Setup | |
id: set_matrix | |
run: | | |
ruby .pipeline/generate_matrix.rb -e "${{ github.event_name }}" -d "${{ github.event.inputs.dockerfile_dir }}" | |
build: | |
runs-on: ubuntu-latest | |
needs: matrix_prep | |
permissions: | |
contents: read | |
packages: write | |
id-token: write | |
strategy: | |
matrix: ${{fromJson(needs.matrix_prep.outputs.matrix)}} | |
fail-fast: false | |
env: | |
DOCKERFILE_DIR: ${{ matrix.dockerfile_dir }} | |
BUILD_ARGS: ${{ matrix.build_args }} | |
NO_CACHE: false | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Set build cache | |
run: | | |
# Never use cache if debug image to force patching. | |
if [[ "${{ env.DOCKERFILE_DIR }}" == "debug-image" ]]; then | |
echo "Setting NO_CACHE to true" | |
echo "NO_CACHE=true" >> $GITHUB_ENV | |
else | |
echo "Setting NO_CACHE to false" | |
echo "NO_CACHE=false" >> $GITHUB_ENV | |
fi | |
- name: Log into registry ${{ env.DOCKER_REGISTRY }} | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.DOCKER_REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# Set build arg tag version | |
- name: Set image tags based on build args. | |
run: | | |
export BUILD_ARGS="${{ env.BUILD_ARGS }}" | |
if [[ -z ${BUILD_ARGS} ]]; then | |
echo "BUILD_ARGS is empty" | |
APP_NAME="${{ matrix.dockerfile_dir }}" | |
export APP_NAME | |
APP_VERSION="${{ matrix.dockerfile_dir }}" | |
export APP_VERSION | |
else | |
export APP_VERSION="${BUILD_ARGS#*=}" | |
APP_NAME=${BUILD_ARGS%%=*} | |
fi | |
echo "The APP_VERSION is '${APP_VERSION}'" | |
echo "APP_VERSION=${APP_VERSION}" >> $GITHUB_ENV | |
echo "The APP_NAME is '${APP_NAME}'" | |
echo "APP_NAME=${APP_NAME}" >> $GITHUB_ENV | |
# Extract metadata (tags, labels) for Docker | |
# https://github.com/docker/metadata-action | |
- name: Extract Docker metadata | |
id: meta | |
# uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 | |
uses: docker/[email protected] | |
with: | |
# list of Docker images to use as base name for tags | |
images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REPOSITORY }}/${{ env.DOCKERFILE_DIR }} | |
# generate Docker tags based on the following events/attributes | |
tags: | | |
type=raw,value={{date 'YYYY.MM.DD.hhmm' tz='Australia/Brisbane'}} | |
type=ref,event=branch | |
type=sha,priority=100,prefix=sha-,suffix=-shrt,format=short | |
type=sha,format=long,prefix=,priority=9999 | |
type=raw,value=${{ env.APP_NAME }}-${{ env.APP_VERSION }} | |
type=raw,value=${{ github.ref_name }}-${{ env.APP_VERSION }} | |
type=raw,value=${{ env.APP_VERSION }} | |
# Build and push Docker image with Buildx (don't push on PR) | |
# https://github.com/docker/build-push-action | |
- name: Build and push ${{ env.APP_NAME }} Docker image 🐳 | |
id: build-and-push | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ./${{ env.DOCKERFILE_DIR }}/Dockerfile | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
build-args: ${{ env.BUILD_ARGS }} | |
no-cache: ${{ env.NO_CACHE }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Annotate job with docker pull commands | |
run: | | |
tags=$(echo $DOCKER_METADATA_OUTPUT_JSON| jq -r '.tags[]') | |
for tag in $tags | |
do | |
echo "docker pull $tag" >> $GITHUB_STEP_SUMMARY | |
done |