Docker Build and Push #103
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker Build and Push | |
on: | |
schedule: | |
- cron: '0 10 * * 0' # Every Sunday at 10AM | |
push: | |
branches: | |
- master | |
- develop | |
- feature/* | |
tags: | |
- 'v*.*.*' | |
workflow_dispatch: # Allow manually triggering a build | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
build-test-push: | |
name: Build, Test, Push | |
runs-on: ubuntu-22.04 | |
env: | |
IMAGE: docksal/ci-agent | |
steps: | |
- | |
name: Install prerequisites for tests | |
run: | | |
set -xeuo pipefail | |
# Install bats for tests | |
git clone https://github.com/bats-core/bats-core.git | |
cd bats-core | |
sudo ./install.sh /usr/local | |
bats -v | |
- | |
name: Checkout | |
uses: actions/checkout@v4 | |
#- | |
# name: Set up QEMU | |
# uses: docker/setup-qemu-action@v3 | |
# buildx has some glitches with local upstream (FROM) images. Disabled. | |
#- | |
# name: Set up Docker Buildx | |
# uses: docker/setup-buildx-action@v3 | |
- | |
name: Check Docker | |
run: | | |
docker version | |
docker info | |
- | |
name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- | |
name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ secrets.GHCR_USERNAME }} | |
password: ${{ secrets.GHCR_TOKEN }} | |
- | |
# Calculates docker image tags for the given build context | |
# The output is used in build and push step as `tags: ${{ steps.docker_meta.outputs.tags }}` | |
name: Docker meta | |
id: docker_meta | |
uses: docker/metadata-action@v5 | |
with: | |
# List of Docker images to use as base name for tags | |
images: | | |
${{ env.IMAGE }} | |
ghcr.io/${{ env.IMAGE }} | |
# Add git short SHA as Docker tag | |
tags: | | |
type=sha | |
- | |
# Build for local use | |
name: Build image (base) | |
run: make build FLAVOR=base | |
- | |
# Build for local use | |
name: Build image (php) | |
run: make build FLAVOR=php | |
- | |
# Print image info | |
name: Docker image info | |
run: | | |
set -xeuo pipefail | |
docker image ls | grep "${{ env.IMAGE }}" | |
docker image inspect "${{ env.IMAGE }}:base-build" | |
docker image inspect "${{ env.IMAGE }}:php-build" | |
# Cache image layers in the registry | |
- | |
name: Push image cache (base) | |
uses: docker/build-push-action@v5 | |
env: | |
IMAGE_CACHE: ghcr.io/${{ env.IMAGE }}:base-build | |
with: | |
context: base | |
file: base/Dockerfile | |
#platforms: linux/amd64,linux/arm64 | |
tags: ${{ env.IMAGE_CACHE }} # Build cache tag in ghcr.io | |
push: ${{ github.event_name != 'pull_request' }} # Don't push for PRs | |
cache-to: type=inline # Write the cache metadata into the image configuration | |
- | |
name: Push image cache (php) | |
uses: docker/build-push-action@v5 | |
env: | |
IMAGE_CACHE: ghcr.io/${{ env.IMAGE }}:php-build | |
with: | |
context: php | |
file: php/Dockerfile | |
#platforms: linux/amd64,linux/arm64 | |
tags: ${{ env.IMAGE_CACHE }} # Build cache tag in ghcr.io | |
push: ${{ github.event_name != 'pull_request' }} # Don't push for PRs | |
cache-to: type=inline # Write the cache metadata into the image configuration | |
# Tests | |
- | |
name: Test image (base) | |
run: make test FLAVOR=base | |
- | |
name: Test image (php) | |
run: make test FLAVOR=php | |
- | |
# Generate image meta information | |
name: Docker image tags (base) | |
id: docker_tags_base | |
run: make tags FLAVOR=base | |
- | |
# Generate image meta information | |
name: Docker image tags (php) | |
id: docker_tags_php | |
run: make tags FLAVOR=php | |
- | |
# Push final image to the registry | |
# This will pick-up the build cache from the local build step | |
name: Push image (base) | |
# Don't run if the list of tags is empty | |
# Note: using tags from docker_tags (custom) | |
if: ${{ steps.docker_tags_base.outputs.tags != '' }} | |
uses: docker/build-push-action@v5 | |
with: | |
context: base | |
file: base/Dockerfile | |
#platforms: linux/amd64,linux/arm64 | |
tags: ${{ steps.docker_tags_base.outputs.tags }} # Note: using tags from docker_tags (custom script) | |
labels: ${{ steps.docker_meta.outputs.labels }} # Note: using lables from docker_meta | |
push: ${{ github.event_name != 'pull_request' }} # Don't push for PRs | |
cache-to: type=inline # Write the cache metadata into the image configuration | |
- | |
# Push final image to the registry | |
# This will pick-up the build cache from the local build step | |
name: Push image (php) | |
# Don't run if the list of tags is empty | |
# Note: using tags from docker_tags (custom) | |
if: ${{ steps.docker_tags_php.outputs.tags != '' }} | |
uses: docker/build-push-action@v5 | |
with: | |
context: php | |
file: php/Dockerfile | |
#platforms: linux/amd64,linux/arm64 | |
tags: ${{ steps.docker_tags_php.outputs.tags }} # Note: using tags from docker_tags (custom script) | |
labels: ${{ steps.docker_meta.outputs.labels }} # Note: using lables from docker_meta | |
push: ${{ github.event_name != 'pull_request' }} # Don't push for PRs | |
cache-to: type=inline # Write the cache metadata into the image configuration |