generated from CDCgov/template
-
Notifications
You must be signed in to change notification settings - Fork 41
163 lines (143 loc) · 5.47 KB
/
publish_docker.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
name: Publish Images to GitHub
on:
workflow_dispatch:
push:
branches:
- main
schedule:
- cron: "0 0 1 * *"
env:
REGISTRY: ghcr.io
SFTP_IMAGE_NAME: cdcgov/prime-reportstream_sftp
jobs:
pre_job:
name: Pre Job
runs-on: ubuntu-latest
outputs:
has_tfcli_change: ${{ steps.skip_check.outputs.tfcli && github.event_name != 'schedule'}}
has_dnsmasq_change: ${{ steps.skip_check.outputs.dnsmasq || github.event_name == 'schedule'}}
run_publish_sftp: ${{ steps.check_sftp_image.outputs.run_job }}
run_publish_sftp_alpine: ${{ steps.check_sftp_alpine_image.outputs.run_job }}
steps:
- name: "Check out changes"
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36
id: skip_check
with:
list-files: csv
filters: |
dnsmasq:
- 'operations/dnsmasq/**'
- name: Log In to the Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Check sftp image
id: check_sftp_image
run: |
docker pull atmoz/sftp
docker pull ${{ env.REGISTRY }}/${{ env.SFTP_IMAGE_NAME }}
LATEST_IMAGE_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' atmoz/sftp)
REPO_IMAGE_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' ${{ env.REGISTRY }}/${{ env.SFTP_IMAGE_NAME }} 2> /dev/null || true)
if [ "$LATEST_IMAGE_DIGEST" != "$REPO_IMAGE_DIGEST" ]; then
echo "image outdated"
echo "run_job=true" >> $GITHUB_OUTPUT
else
echo "image current"
echo "run_job=false" >> $GITHUB_OUTPUT
fi
- name: Check sftp alpine image
id: check_sftp_alpine_image
run: |
docker pull atmoz/sftp:alpine
docker pull ${{ env.REGISTRY }}/${{ env.SFTP_IMAGE_NAME }}:alpine
LATEST_IMAGE_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' atmoz/sftp:alpine)
REPO_IMAGE_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' ${{ env.REGISTRY }}/${{ env.SFTP_IMAGE_NAME }}:alpine 2> /dev/null || true)
if [ "$LATEST_IMAGE_DIGEST" != "$REPO_IMAGE_DIGEST" ]; then
echo "image outdated"
echo "run_job=true" >> $GITHUB_OUTPUT
else
echo "image current"
echo "run_job=false" >> $GITHUB_OUTPUT
fi
publish_dnsmasq:
name: Publish dnsmasq
needs: pre_job
if: ${{ needs.pre_job.outputs.has_dnsmasq_change == 'true' }}
runs-on: ubuntu-latest
defaults:
run:
working-directory: operations/dnsmasq
env:
IMAGE_NAME: cdcgov/prime-reportstream_dnsmasq
permissions:
contents: read
packages: write
strategy:
matrix:
AZ_ENV: [ demo1, demo2, demo3, test, staging, prod ]
steps:
- name: Check Out Changes
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- name: Log In to the Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build Docker Terraform CLI
run: |
docker build --build-arg AZ_ENV=${{ matrix.AZ_ENV }} -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.AZ_ENV }} .
- name: Push to the Container Registry
run: |
docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} --all-tags
publish_sftp:
name: Publish SFTP
needs: pre_job
if: ${{ needs.pre_job.outputs.run_publish_sftp == 'true' }}
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Check Out Changes
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- name: Log In to the Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Tag Image
run: |
docker pull atmoz/sftp
docker tag atmoz/sftp ${{ env.REGISTRY }}/${{ env.SFTP_IMAGE_NAME }}
- name: Push to the Container Registry
run: |
docker push ${{ env.REGISTRY }}/${{ env.SFTP_IMAGE_NAME }} --all-tags
publish_sftp_alpine:
name: Publish SFTP Alpine
needs: pre_job
if: ${{ needs.pre_job.outputs.run_publish_sftp_alpine == 'true' }}
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Check Out Changes
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- name: Log In to the Container Registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Tag Image
run: |
docker pull atmoz/sftp:alpine
docker tag atmoz/sftp:alpine ${{ env.REGISTRY }}/${{ env.SFTP_IMAGE_NAME }}:alpine
- name: Push to the Container Registry
run: |
docker push ${{ env.REGISTRY }}/${{ env.SFTP_IMAGE_NAME }}:alpine