Skip to content

Update workflow dependencies #225

Update workflow dependencies

Update workflow dependencies #225

name: Build Docker Image
on:
workflow_dispatch:
push:
branches:
- 'main'
- 'develop'
paths-ignore:
- '.github/**'
- '**.md'
tags:
- 'prod@*'
jobs:
docker:
runs-on: ubuntu-latest
permissions:
packages: write
outputs:
environment: ${{ steps.prepare-build.outputs.environment }}
shorthash: ${{ steps.prepare-build.outputs.short }}
strategy:
matrix:
service: [nginx, php-fpm, php-cli]
include:
- service: nginx
target: nginx
dockerfile: nginx.Dockerfile
- service: php-fpm
target: fpm
dockerfile: php.Dockerfile
- service: php-cli
target: cli
dockerfile: php.Dockerfile
steps:
- name: Prepare build variables
id: prepare-build
run: |
echo "short=${GITHUB_SHA:0:7}" >> $GITHUB_OUTPUT
if [[ "${{ github.ref_type }}" == "tag" ]]; then
echo "environment=prod" >> $GITHUB_OUTPUT
else
echo "environment=dev" >> $GITHUB_OUTPUT
fi
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
- name: Login to GitHub container registry
uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# About the cache:
# https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#cache-backend-api
- name: Build ${{ matrix.service }} Docker Image
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
with:
push: true
build-args:
"VERSION=${{ steps.prepare-build.outputs.environment }}-${{ steps.prepare-build.outputs.short }}"
tags: ghcr.io/package-health/${{ matrix.service }}:${{ steps.prepare-build.outputs.environment }}-${{ steps.prepare-build.outputs.short }}
file: ./docker/${{ matrix.dockerfile }}
target: ${{ matrix.target }}
cache-from: type=gha
cache-to: type=gha,mode=max
release-deploy:
needs: docker
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Create release
if: ${{ github.ref_type == 'tag' }}
uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.4
with:
name: "php.package.health ${{ needs.docker.outputs.environment }}-${{ needs.docker.outputs.shorthash }}"
generate_release_notes: true
- name: Send update to infrastructure repository
if: ${{ github.ref_type == 'tag' || github.ref_name != 'main' }}
uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
with:
# personal access token with "repo" scope
token: ${{ secrets.INFRA_REPO_ACCESS_TOKEN }}
repository: ${{ secrets.INFRA_REPO }}
event-type: deploy-php-package-health
client-payload: '{"sha": "${{ github.sha }}", "environment": "${{ needs.docker.outputs.environment }}"}'