Merge pull request #28 from umccr/update/update-docker-login-action #86
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build_docker_container_and_push_to_ghcrio | |
on: | |
push: | |
branches: | |
- "main" | |
concurrency: image_builds | |
jobs: | |
get_images_to_build: | |
runs-on: ubuntu-latest | |
steps: | |
# Standard checkout step | |
- name: Checkout code | |
id: checkout_code | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
# Log in to GitHub Container registry | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# Determine images that need work | |
- id: get_images_to_build | |
run: | | |
python3 .github/scripts/get-images-to-build.py | |
env: | |
REPO_NAME: ${{ github.repository_owner }} | |
# Output value for images to build | |
outputs: | |
image_tags_to_build: ${{ steps.get_images_to_build.outputs.image_tags_to_build }} | |
scatter_image_builds: | |
needs: get_images_to_build | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
image_tag: ${{ fromJSON(needs.get_images_to_build.outputs.image_tags_to_build) }} | |
fail-fast: false # Don't fail if one image fails to run | |
steps: | |
# Standard checkout step | |
- name: Checkout code | |
id: git_checkout | |
uses: actions/checkout@v3 | |
with: | |
lfs: true | |
# Tag to path | |
- name: Strip tag as path | |
id: tag_to_path | |
run: echo "image_path=$( echo ${{ matrix.image_tag }} | tr ':' '/' )" >> "${GITHUB_OUTPUT}" | |
# Check if platforms.yaml is present | |
- name: Get platforms to build | |
id: get_platforms | |
shell: bash | |
run: | | |
# FIXME eventually place conditional if platforms exist | |
# Get platforms | |
DEFAULT_PLATFORMS_STR="linux/amd64,linux/arm64" | |
# Config path | |
config_path="repositories/${{ steps.tag_to_path.outputs.image_path }}/config.yaml" | |
# Initialise | |
platforms_str="" | |
# Get config.yaml to determine output | |
if [[ -f "${config_path}" ]]; then | |
# Docker ception - run yq container | |
platforms_str="$(docker run --rm \ | |
--volume "$PWD:$PWD" \ | |
--workdir "$PWD" \ | |
docker.io/mikefarah/yq:4.23.1 \ | |
'.platforms | join(",")' \ | |
"${config_path}")" | |
fi | |
# If string is empty, set default platforms | |
if [[ -z "${platforms_str}" ]]; then | |
platforms_str="${DEFAULT_PLATFORMS_STR}" | |
fi | |
# Set output | |
echo "platforms_as_str=${platforms_str}" >> "${GITHUB_OUTPUT}" | |
# Use qemu to perform multiplatform builds | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
# Use docker buildx to build multi-platform containers | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
with: | |
use: true | |
install: true | |
config-inline: | | |
[worker.oci] | |
max-parallelism = 2 | |
# Log in to GitHub Container registry | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# Build and push docker images | |
- name: Build and Push Docker Image | |
uses: docker/build-push-action@v3 | |
with: | |
context: repositories/${{ steps.tag_to_path.outputs.image_path }} | |
platforms: ${{ steps.get_platforms.outputs.platforms_as_str }} | |
push: true | |
tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.image_tag }} | |
# Ensure if image is latest, push latest tag with skopeo | |
# Determine images that need work | |
- name: Push latest tag | |
id: push_latest_tag | |
shell: bash | |
run: | | |
# Push latest tag | |
# Install semantic version | |
pip install semantic-version | |
# Run latest tag python script | |
python3 .github/scripts/push-latest-tag.py | |
env: | |
REGISTRY: ghcr.io | |
ORG_NAME: ${{ github.repository_owner }} | |
REPO_TAG: ${{ matrix.image_tag }} | |
USERNAME: ${{ github.actor }} | |
PASSWORD: ${{ secrets.GITHUB_TOKEN }} |