-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #10 from blackmoonfank:workflows
Add Github Workflows
- Loading branch information
Showing
3 changed files
with
362 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,82 @@ | ||
| name: Build Vote | ||
| # template source: https://github.com/dockersamples/.github/blob/main/templates/call-docker-build.yaml | ||
|
|
||
| on: | ||
| # we want pull requests so we can build(test) but not push to image registry | ||
| push: | ||
| branches: | ||
| - 'main' | ||
| # only build when important files change | ||
| paths: | ||
| - 'vote/**' | ||
| - '.github/workflows/call-docker-build-vote.yaml' | ||
| pull_request: | ||
| branches: | ||
| - 'main' | ||
| # only build when important files change | ||
| paths: | ||
| - 'vote/**' | ||
| - '.github/workflows/call-docker-build-vote.yaml' | ||
|
|
||
| jobs: | ||
| call-docker-build: | ||
|
|
||
| name: Vote Call Docker Build | ||
|
|
||
| uses: ./.github/workflows/reusable-docker-build.yaml@main | ||
|
|
||
| permissions: | ||
| contents: read | ||
| packages: write # needed to push docker image to ghcr.io | ||
| pull-requests: write # needed to create and update comments in PRs | ||
|
|
||
| secrets: | ||
|
|
||
| # Only needed if with:dockerhub-enable is true below | ||
| dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
|
|
||
| # Only needed if with:dockerhub-enable is true below | ||
| dockerhub-token: ${{ secrets.DOCKERHUB_TOKEN }} | ||
|
|
||
| with: | ||
|
|
||
| ### REQUIRED | ||
| ### ENABLE ONE OR BOTH REGISTRIES | ||
| ### tell docker where to push. | ||
| ### NOTE if Docker Hub is set to true, you must set secrets above and also add account/repo/tags below | ||
| dockerhub-enable: true | ||
| ghcr-enable: true | ||
|
|
||
| ### REQUIRED | ||
| ### A list of the account/repo names for docker build. List should match what's enabled above | ||
| ### defaults to: | ||
| image-names: | | ||
| ghcr.io/blackmoonfank/vote-app | ||
| furqon/voteapp_vote | ||
| ### REQUIRED set rules for tagging images, based on special action syntax: | ||
| ### https://github.com/docker/metadata-action#tags-input | ||
| ### defaults to: | ||
| tag-rules: | | ||
| type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }} | ||
| type=raw,value=before,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }} | ||
| type=raw,value=after,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }} | ||
| type=ref,event=pr | ||
| ### path to where docker should copy files into image | ||
| ### defaults to root of repository (.) | ||
| context: vote | ||
|
|
||
| ### Dockerfile alternate name. Default is Dockerfile (relative to context path) | ||
| # file: Containerfile | ||
|
|
||
| ### build stage to target, defaults to empty, which builds to last stage in Dockerfile | ||
| # target: | ||
|
|
||
| ### platforms to build for, defaults to linux/amd64 | ||
| ### other options: linux/amd64,linux/arm64,linux/arm/v7 | ||
| platforms: linux/amd64,linux/arm64,linux/arm/v7 | ||
|
|
||
| ### Create a PR comment with image tags and labels | ||
| ### defaults to false | ||
| # comment-enable: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,82 @@ | ||
| name: Build Worker | ||
| # template source: https://github.com/dockersamples/.github/blob/main/templates/call-docker-build.yaml | ||
|
|
||
| on: | ||
| # we want pull requests so we can build(test) but not push to image registry | ||
| push: | ||
| branches: | ||
| - 'main' | ||
| # only build when important files change | ||
| paths: | ||
| - 'worker/**' | ||
| - '.github/workflows/call-docker-build-worker.yaml' | ||
| pull_request: | ||
| branches: | ||
| - 'main' | ||
| # only build when important files change | ||
| paths: | ||
| - 'worker/**' | ||
| - '.github/workflows/call-docker-build-worker.yaml' | ||
|
|
||
| jobs: | ||
| call-docker-build: | ||
|
|
||
| name: Worker Call Docker Build | ||
|
|
||
| uses: ./.github/workflows/reusable-docker-build.yaml@main | ||
|
|
||
| permissions: | ||
| contents: read | ||
| packages: write # needed to push docker image to ghcr.io | ||
| pull-requests: write # needed to create and update comments in PRs | ||
|
|
||
| secrets: | ||
|
|
||
| # Only needed if with:dockerhub-enable is true below | ||
| dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
|
|
||
| # Only needed if with:dockerhub-enable is true below | ||
| dockerhub-token: ${{ secrets.DOCKERHUB_TOKEN }} | ||
|
|
||
| with: | ||
|
|
||
| ### REQUIRED | ||
| ### ENABLE ONE OR BOTH REGISTRIES | ||
| ### tell docker where to push. | ||
| ### NOTE if Docker Hub is set to true, you must set secrets above and also add account/repo/tags below | ||
| dockerhub-enable: true | ||
| ghcr-enable: true | ||
|
|
||
| ### REQUIRED | ||
| ### A list of the account/repo names for docker build. List should match what's enabled above | ||
| ### defaults to: | ||
| image-names: | | ||
| ghcr.io/blackmoonfank/vote-app-worker | ||
| furqon/voteapp_worker | ||
| ### REQUIRED set rules for tagging images, based on special action syntax: | ||
| ### https://github.com/docker/metadata-action#tags-input | ||
| ### defaults to: | ||
| tag-rules: | | ||
| type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }} | ||
| type=ref,event=pr | ||
| ### path to where docker should copy files into image | ||
| ### defaults to root of repository (.) | ||
| context: worker | ||
|
|
||
| ### Dockerfile alternate name. Default is Dockerfile (relative to context path) | ||
| # file: Containerfile | ||
|
|
||
| ### build stage to target, defaults to empty, which builds to last stage in Dockerfile | ||
| # target: | ||
|
|
||
| ### platforms to build for, defaults to linux/amd64 | ||
| ### other options: linux/amd64,linux/arm64,linux/arm/v7 | ||
| # FIXME worker arm/v7 support doesn't build in .net core 3.1 with QEMU | ||
| # a fix would likely run the .net build on amd64 but with a target of arm/v7 | ||
| platforms: linux/amd64,linux/arm64,linux/arm/v7 | ||
|
|
||
| ### Create a PR comment with image tags and labels | ||
| ### defaults to false | ||
| # comment-enable: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,198 @@ | ||
| --- | ||
| name: Docker Build and Push | ||
| # based on https://github.com/BretFisher/docker-build-workflow | ||
|
|
||
| on: | ||
|
|
||
| # REUSABLE WORKFLOW with INPUTS | ||
| # to keep this workflow simple, assumptions are made: | ||
| # - only able to push to Docker Hub and/or GHCR (GHCR by default) | ||
| # - Builds on PR with tag of `prNUMBER` (same tag each PR push) | ||
| # - Builds on push to main branch with tag of `latest` | ||
| # - Builds on tag push with semver | ||
|
|
||
| workflow_call: | ||
| #allow reuse of this workflow in other repos | ||
| inputs: | ||
| dockerhub-enable: | ||
| description: Log into Docker Hub | ||
| required: false | ||
| default: false | ||
| type: boolean | ||
| ghcr-enable: | ||
| description: Log into GHCR | ||
| required: false | ||
| default: true | ||
| type: boolean | ||
| comment-enable: | ||
| description: Create a PR comment with image tags and labels | ||
| required: false | ||
| default: true | ||
| type: boolean | ||
| context: | ||
| description: Docker context (path) to start build from | ||
| required: false | ||
| type: string | ||
| default: . | ||
| file: | ||
| description: Dockerfile to build, relative to context path | ||
| required: false | ||
| type: string | ||
| target: | ||
| description: Build stage to target | ||
| required: false | ||
| type: string | ||
| platforms: | ||
| description: Platforms to build for | ||
| required: false | ||
| type: string | ||
| # common ones: linux/amd64,linux/arm64,linux/arm/v7 | ||
| default: linux/amd64 | ||
| image-names: | ||
| description: A list of the account/repo names for docker build | ||
| required: false | ||
| type: string | ||
| default: | | ||
| ${{ github.repository }} | ||
| ghcr.io/${{ github.repository }} | ||
| tag-rules: | ||
| # https://github.com/marketplace/actions/docker-metadata-action#tags-input | ||
| description: Use docker-metadata action to create tags from a key-value pair list in CSV format | ||
| required: false | ||
| type: string | ||
| default: | | ||
| type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }} | ||
| type=raw,value=stable-{{date 'YYYYMMDDHHmmss'}},enable=${{ endsWith(github.ref, github.event.repository.default_branch) }} | ||
| type=ref,event=pr | ||
| type=raw,value=gha-${{ github.run_id }} | ||
| flavor-rules: | ||
| # https://github.com/marketplace/actions/docker-metadata-action#flavor-input | ||
| description: Three rules to (optionally) set for tag-rules, latest, prefix, and suffix | ||
| required: false | ||
| type: string | ||
| default: | | ||
| latest=false | ||
| secrets: | ||
| dockerhub-username: | ||
| description: Docker Hub username | ||
| required: false | ||
| dockerhub-token: | ||
| description: Docker Hub token | ||
| required: false | ||
|
|
||
| outputs: | ||
| ghcr-tag: | ||
| description: "single-use tag for ghcr.io" | ||
| value: ${{ jobs.build-image.outputs.ghcr-tag }} | ||
|
|
||
| permissions: | ||
| contents: read | ||
| packages: write # needed to push docker image to ghcr.io | ||
| pull-requests: write # needed to create and update comments in PRs | ||
|
|
||
| jobs: | ||
| build-image: | ||
|
|
||
| name: Build+Push | ||
|
|
||
| runs-on: ubuntu-latest | ||
|
|
||
| outputs: | ||
| # only outputs the unique gha- image tag that's unique to each build | ||
| ghcr-tag: ${{ steps.ghcr-tag.outputs.tag }} | ||
|
|
||
| steps: | ||
| - | ||
| name: Checkout | ||
| uses: actions/checkout@v3 | ||
| - | ||
| # we need qemu and buildx so we can build multiple platforms later | ||
| name: Set up QEMU | ||
| id: qemu | ||
| uses: docker/setup-qemu-action@v2 | ||
| - | ||
| # BuildKit (used with `docker buildx`) is the best way to build images | ||
| name: Set up Docker Buildx | ||
| id: buildx | ||
| uses: docker/setup-buildx-action@v2 | ||
| - | ||
| name: Login to DockerHub | ||
| if: inputs.dockerhub-enable | ||
| uses: docker/login-action@v2 | ||
| with: | ||
| username: ${{ secrets.dockerhub-username }} | ||
| password: ${{ secrets.dockerhub-token }} | ||
| - | ||
| name: Login to GHCR | ||
| if: inputs.ghcr-enable | ||
| uses: docker/login-action@v2 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - | ||
| name: Docker meta | ||
| id: docker_meta | ||
| uses: docker/metadata-action@v4 | ||
| with: | ||
| # list of Docker images to use as base name for tags | ||
| images: ${{ inputs.image-names }} | ||
| flavor: ${{ inputs.flavor-rules }} | ||
| tags: ${{ inputs.tag-rules }} | ||
| - | ||
| # this will build the images, once per platform, | ||
| # then push to one or more registries (based on image list above in docker_meta) | ||
| name: Docker Build and Push | ||
| id: build_image | ||
| uses: docker/build-push-action@v3 | ||
| with: | ||
| platforms: ${{ inputs.platforms }} | ||
| context: ${{ inputs.context }} | ||
| file: ${{ inputs.file }} | ||
| target: ${{ inputs.target }} | ||
| builder: ${{ steps.buildx.outputs.name }} | ||
| # it uses github cache API for faster builds: | ||
| # https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#cache-backend-api | ||
| cache-from: type=gha | ||
| cache-to: type=gha,mode=max | ||
| push: true | ||
| tags: ${{ steps.docker_meta.outputs.tags }} | ||
| labels: ${{ steps.docker_meta.outputs.labels }} | ||
| - | ||
| # If PR, put image tags in the PR comments | ||
| # from https://github.com/marketplace/actions/create-or-update-comment | ||
| name: Find comment for image tags | ||
| uses: peter-evans/find-comment@v2 | ||
| if: github.event_name == 'pull_request' && inputs.comment-enable | ||
| id: fc | ||
| with: | ||
| issue-number: ${{ github.event.pull_request.number }} | ||
| comment-author: 'github-actions[bot]' | ||
| body-includes: Docker image tag(s) pushed | ||
|
|
||
| # If PR, put image tags in the PR comments | ||
| - name: Create or update comment for image tags | ||
| uses: peter-evans/create-or-update-comment@v2 | ||
| if: github.event_name == 'pull_request' && inputs.comment-enable | ||
| with: | ||
| comment-id: ${{ steps.fc.outputs.comment-id }} | ||
| issue-number: ${{ github.event.pull_request.number }} | ||
| body: | | ||
| Docker image tag(s) pushed: | ||
| ```text | ||
| ${{ steps.docker_meta.outputs.tags }} | ||
| ``` | ||
| Labels added to images: | ||
| ```text | ||
| ${{ steps.docker_meta.outputs.labels }} | ||
| ``` | ||
| edit-mode: replace | ||
|
|
||
| - name: Find the gha-run-based image tag we just pushed to ghcr.io | ||
| id: ghcr-tag | ||
| run: | | ||
| echo '::echo::on' | ||
| # shellcheck disable=SC2086 | ||
| echo "tag=gha-${{ github.run_id }}" >> $GITHUB_OUTPUT |