Push by digest #1
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | ||
| name: Publish images to DockerHub | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| runsOn: | ||
| description: GitHub Actions Runner image | ||
| required: true | ||
| type: string | ||
| images: | ||
| description: multiarch images built in previous build step | ||
| required: false | ||
| type: string | ||
| registry: | ||
| description: Container registry to publish Docker images | ||
| required: true | ||
| type: string | ||
| secrets: | ||
| REGISTRY_USERNAME: | ||
| required: true | ||
| REGISTRY_TOKEN: | ||
| required: true | ||
| GITHUB_TOKEN: | ||
| required: true | ||
| jobs: | ||
| release: | ||
| name: ${{ inputs.registry }} release | ||
| runs-on: ${{ inputs.runsOn }} | ||
| timeout-minutes: 30 | ||
| strategy: | ||
| fail-fast: true | ||
| matrix: | ||
| target: ["base"] #, "base-with-services", "lab", "full-stack"] | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Login to GitHub Container Registry 🔑 | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Login to DockerHub 🔑 | ||
| uses: docker/login-action@v3 | ||
| if: ${{ inputs.registry != ghcr.io }} | ||
| with: | ||
| registry: ${{ inputs.registry }} | ||
| username: ${{ secrets.REGISTRY_USERNAME }} | ||
| password: ${{ secrets.REGISTRY_PASSWORD }} | ||
| - name: Read build variables | ||
| id: build_vars | ||
| run: | | ||
| vars=$(cat build.json | jq -c '[.variable | to_entries[] | {"key": .key, "value": .value.default}] | from_entries') | ||
| echo "vars=$vars" | ||
| echo "vars=$vars" >> "${GITHUB_OUTPUT}" | ||
| - name: Docker meta | ||
| id: meta | ||
| uses: docker/metadata-action@v5 | ||
| env: ${{ fromJSON(steps.build_vars.outputs.vars) }} | ||
| with: | ||
| images: ${{ inputs.registry }}/aiidalab/${{ matrix.target }} | ||
| tags: | | ||
| type=ref,event=pr | ||
| type=edge,enable={{is_default_branch}} | ||
| type=raw,value={{tag}},enable=${{ github.ref_type == 'tag' && ! startsWith(github.ref_name, 'v') }} | ||
| type=raw,value=aiida-${{ env.AIIDA_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} | ||
| type=raw,value=python-${{ env.PYTHON_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} | ||
| type=raw,value=postgresql-${{ env.PGSQL_VERSION }},enable=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }} | ||
| type=match,pattern=v(\d{4}\.\d{4}(-.+)?),group=1 | ||
| - name: Determine src image tag | ||
| id: images | ||
| if: inputs.registry == 'docker.io' | ||
| run: | | ||
| src=$(echo '${{ inputs.images }}'| jq -cr '.[("${{ matrix.target }}"|ascii_upcase|sub("-"; "_"; "g")) + "_IMAGE"]') | ||
| echo "src=$src" | ||
| echo "src=$src" >> "${GITHUB_OUTPUT}" | ||
| - name: Push image | ||
| uses: akhilerm/[email protected] | ||
| if: inputs.registry == 'docker.io' | ||
| with: | ||
| src: ${{ steps.images.outputs.src }} | ||
| dst: ${{ steps.meta.outputs.tags }} | ||
| - name: Docker Hub Description | ||
| uses: peter-evans/dockerhub-description@v4 | ||
| if: inputs.registry == 'docker.io' | ||
| with: | ||
| username: ${{ secrets.DOCKER_USERNAME }} | ||
| password: ${{ secrets.DOCKER_PASSWORD }} | ||
| repository: aiidalab/${{ matrix.target }} | ||
| short-description: ${{ github.event.repository.description }} | ||
| - uses: softprops/[email protected] | ||
| name: Create release | ||
| if: startsWith(github.ref, 'refs/tags/v') && inputs.registry == 'docker.io' | ||
| with: | ||
| generate_release_notes: true | ||
