-
Notifications
You must be signed in to change notification settings - Fork 1
151 lines (139 loc) · 5.4 KB
/
docker-build-and-publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
name: Docker build and publish
# Reusable workflow to build and push an image from a Dockerfile to any container registry
on:
workflow_call:
inputs:
docker-context:
description: "The docker context."
required: false
default: "."
type: string
dockerfile-path:
description: "Path to the Dockerfile."
required: false
default: "./Dockerfile"
type: string
docker-build-args:
description: "List of build-time variables (see https://github.com/docker/build-push-action?tab=readme-ov-file#inputs)"
required: false
default: ""
type: string
docker-registry:
description: "Host where the image should be pushed to."
required: false
default: "docker.io"
type: string
image-namespace:
description: "Namespace of Docker image."
required: false
default: "bakdata"
type: string
image-name:
description: "Name of Docker image."
required: false
default: "${{ github.event.repository.name }}"
type: string
image-tag:
description: "Tag of Docker image."
required: false
default: "pipeline-${{ github.run_id }}-git-{{ sha }}"
type: string
image-tag-flavor:
description: "Flavor of Docker image tags. See [docs of metadata-action](https://github.com/docker/metadata-action/blob/v5.6.1/README.md#flavor-input)"
required: false
default: ""
type: string
ref:
description: "Ref name to checkout"
required: false
default: ""
type: string
checkout-submodules:
description: "Whether to checkout submodules: `true` to checkout submodules or `recursive` to recursively checkout submodules."
required: false
default: "false"
type: string
checkout-lfs-files:
description: "Whether the Git checkout action should resolve LFS files or not. (Default is false)"
required: false
type: boolean
default: false
secrets:
docker-user:
description: "Username for the Docker registry login."
required: true
docker-password:
description: "Password for the Docker registry login."
required: true
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}-docker-${{ inputs.image-name }}-${{ inputs.image-tag-flavor }}
cancel-in-progress: ${{ github.ref_name != github.event.repository.default_branch }}
jobs:
build-and-publish:
name: Build and Publish
runs-on: ubuntu-22.04
steps:
- name: Check out repository
uses: bakdata/ci-templates/actions/[email protected]
with:
ref: ${{ inputs.ref }}
lfs: ${{ inputs.checkout-lfs-files }}
submodules: ${{ inputs.checkout-submodules }}
- name: Login to the Registry
uses: "docker/login-action@v3"
with:
registry: "${{ inputs.docker-registry }}"
username: "${{ secrets.docker-user }}"
password: "${{ secrets.docker-password }}"
- uses: ./.github/actions/extra-step/docker-build-and-publish
# Add your extra step in your repo under .github/actions/extra-step/docker-build-and-publish/action.yaml ,
# e.g. to free up runner disk space or to install system packages
if: ${{ hashFiles('.github/actions/extra-step/docker-build-and-publish/action.yaml') != '' }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Set image name
run: |
fullImageName="${{ inputs.image-name }}"
if [[ -n "${{ inputs.image-namespace }}" ]]; then
fullImageName="${{ inputs.image-namespace }}/${fullImageName}"
fi
if [[ -n "${{ inputs.docker-registry }}" ]]; then
fullImageName="${{ inputs.docker-registry }}/${fullImageName}"
fi
echo "IMAGE_NAME=${fullImageName}" >> "$GITHUB_ENV"
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE_NAME }}
# on push/PR: dynamically set the CI run id and Git SHA as a custom tag
# on tag: release as latest and semver tag
tags: |
event=push,type=raw,value=${{ inputs.image-tag }}
event=pr,type=raw,value=${{ inputs.image-tag }}
event=pr,type=ref
event=branch,type=ref,enable=${{ github.ref != 'refs/heads/master' && github.ref != 'refs/heads/main' }}
event=tag,type=semver,pattern={{ version }}
flavor: ${{ inputs.image-tag-flavor }}
env:
DOCKER_METADATA_PR_HEAD_SHA: true # set correct sha for PRs
- name: Prepare build args
id: args
run: |
{
echo "build-args<<EOF"
echo "IMAGE_TAGS=${{ join(fromJSON(steps.meta.outputs.json).tags) }}"
echo "${{ inputs.docker-build-args }}"
echo "EOF"
} >> "$GITHUB_OUTPUT"
- name: Build and push
uses: docker/build-push-action@v5
with:
context: ${{ inputs.docker-context }}
file: ${{ inputs.dockerfile-path }}
build-args: ${{ steps.args.outputs.build-args }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max