-
Notifications
You must be signed in to change notification settings - Fork 19
163 lines (152 loc) · 6.94 KB
/
build-image-base.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
---
name: Deploy
on:
workflow_call:
inputs:
image:
required: true
type: string
description: "Image to build"
dockerfile:
default: Dockerfile
type: string
description: "Dockerfile name"
tag_suffix:
type: string
description: "Optional suffix for all tags"
push:
default: true
type: boolean
description: "Push to registries"
platforms:
default: linux/amd64
type: string
description: "Platforms to build for"
test_platform:
default: linux/amd64
type: string
description: "Platform to use for acceptance tests"
secrets:
CI_USER_USERNAME:
required: true
description: Username for logging into ghcr.io
CI_USER_CONTAINER_REGISTRY_TOKEN:
required: true
description: Token for logging into ghcr.io
DOCKERHUB_USERNAME:
required: true
description: Username for logging into dockerhub
DOCKERHUB_PASSWORD:
required: true
description: Password for logging into dockerhub
env:
TEST_TAG: paas-tool:latest
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Cancel Previous Runs
uses: styfle/cancel-workflow-action@01ce38bf961b4e243a6342cbade0dbc8ba3f0432
with:
access_token: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608
with:
submodules: true
- name: Log in to ghcr.io Container registry
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
with:
registry: ghcr.io
username: ${{ secrets.CI_USER_USERNAME }}
password: ${{ secrets.CI_USER_CONTAINER_REGISTRY_TOKEN }}
- name: Extract metadata (tags, labels) for ghcr
id: meta-ghcr
uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934
with:
images: ghcr.io/alphagov/paas/${{ inputs.image }}
tags: |
type=sha,format=long,prefix=,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=ref,event=branch,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=ref,event=pr,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }},suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
labels: |
org.opencontainers.image.url=https://github.com/${{ github.repository }}/tree/${{ github.sha }}/${{ inputs.image }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}/tree/${{ github.sha }}/${{ inputs.image }}
org.opencontainers.image.documentation=https://raw.githubusercontent.com/${{ github.repository }}/${{ github.sha }}/${{ inputs.image }}/README.md
org.opencontainers.image.title=GOV.UK PaaS ${{ inputs.image }}
- name: Extract metadata (tags, labels) for docker hub
id: meta-dockerhub
uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934
with:
images: governmentpaas/${{ inputs.image }}
tags: |
type=sha,format=long,prefix=,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=ref,event=branch,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=ref,event=pr,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }},suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
labels: |
org.opencontainers.image.url=https://github.com/${{ github.repository }}/tree/${{ github.sha }}/${{ inputs.image }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}/tree/${{ github.sha }}/${{ inputs.image }}
org.opencontainers.image.documentation=https://raw.githubusercontent.com/${{ github.repository }}/${{ github.sha }}/${{ inputs.image }}/README.md
org.opencontainers.image.title=GOV.UK PaaS ${{ inputs.image }}
- name: Set up QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3
with:
platforms: ${{ inputs.platforms }}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226
- name: Check if there are acceptance tests
id: check_for_tests
uses: andstor/file-existence-action@20b4d2e596410855db8f9ca21e96fbe18e12930b
with:
files: "./${{ inputs.image }}/${{ inputs.image }}_spec.rb"
- name: Build for acceptance test
if: steps.check_for_tests.outputs.files_exists == 'true'
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09
with:
context: ./${{ inputs.image }}
file: ./${{ inputs.image }}/${{inputs.dockerfile}}
load: true
tags: ${{ env.TEST_TAG }}
labels: ${{ steps.meta-ghcr.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: ${{ inputs.test_platform }}
- name: Set up ruby
uses: ruby/setup-ruby@5cfe23c062c0aac352e765b1b7cc12ea5255ccc4
with:
bundler-cache: true
if: steps.check_for_tests.outputs.files_exists == 'true'
- name: Acceptance Tests
env:
DOCKER_IMAGE: "${{ env.TEST_TAG }}"
run: bundle exec rspec ./${{ inputs.image }}/${{ inputs.image }}_spec.rb
if: steps.check_for_tests.outputs.files_exists == 'true'
- name: Build and push to ghcr
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09
with:
context: ./${{ inputs.image }}
platforms: ${{ inputs.platforms }}
file: ./${{ inputs.image }}/${{inputs.dockerfile}}
push: ${{ inputs.push }}
tags: ${{ steps.meta-ghcr.outputs.tags }}
labels: ${{ steps.meta-ghcr.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Log in to docker hub Container registry
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Build and push to docker hub
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09
with:
context: ./${{ inputs.image }}
platforms: ${{ inputs.platforms }}
file: ./${{ inputs.image }}/${{inputs.dockerfile}}
push: ${{ inputs.push }}
tags: ${{ steps.meta-dockerhub.outputs.tags }}
labels: ${{ steps.meta-dockerhub.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max