From dd0170767a5c87f12cd20d4c6e1ba10bda201d1e Mon Sep 17 00:00:00 2001 From: jordi Date: Fri, 31 May 2024 12:53:05 +0100 Subject: [PATCH] Use Github Actions to build and publish the docker image This commit reverts https://github.com/thought-machine/generic-k8s-webhook/pull/21 so we use Github Actions again to build and publish the docker images, now that some of the actions related to building docker images have been whitelisted in the ThoughtMachine org. The docker images built as part of a release are published to ghcr. --- .github/workflows/publish-artifacts.yaml | 61 ++++++++++++++++++++++++ .github/workflows/test-pr.yaml | 18 +++++++ 2 files changed, 79 insertions(+) create mode 100644 .github/workflows/publish-artifacts.yaml diff --git a/.github/workflows/publish-artifacts.yaml b/.github/workflows/publish-artifacts.yaml new file mode 100644 index 0000000..a1ba73a --- /dev/null +++ b/.github/workflows/publish-artifacts.yaml @@ -0,0 +1,61 @@ +name: Publish Docker 🐳 images 📦 to GitHub Container Registry + +on: + push: + tags: + - '**' + +jobs: + build-and-publish-to-ghcr: + # Explicitly grant the `secrets.GITHUB_TOKEN` permissions. + permissions: + # Grant the ability to write to GitHub Packages (push Docker images to + # GitHub Container Registry). + packages: write + name: Build and publish Docker 🐳 images 📦 to GitHub Container Registry + runs-on: ubuntu-latest + steps: + - name: Checkout main + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }} + + - name: Write version + run: ./scripts/insert-version-pyproject.sh ${{github.ref_name}} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + # This is the user that triggered the Workflow. In this case, it will + # either be the user whom created the Release or manually triggered + # the workflow_dispatch. + username: ${{ github.actor }} + # `secrets.GITHUB_TOKEN` is a secret that's automatically generated by + # GitHub Actions at the start of a workflow run to identify the job. + # This is used to authenticate against GitHub Container Registry. + # See https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret + # for more detailed information. + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push image + uses: docker/build-push-action@v5 + with: + push: true # push the image to ghcr + tags: > + ghcr.io/thought-machine/generic-k8s-webhook:${{github.sha}}, + ghcr.io/thought-machine/generic-k8s-webhook:${{github.ref_name}} + labels: ${{ steps.meta.outputs.labels }} + platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/test-pr.yaml b/.github/workflows/test-pr.yaml index 1eb14bb..2f60ccc 100644 --- a/.github/workflows/test-pr.yaml +++ b/.github/workflows/test-pr.yaml @@ -34,3 +34,21 @@ jobs: - name: Run unittests run: make unittests + + build-docker-image: + name: Build docker image + runs-on: ubuntu-latest + steps: + - name: Setup Action + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build image + uses: docker/build-push-action@v5