Skip to content

container-build

container-build #30

Workflow file for this run

---
name: Build container image
on:
workflow_call:
workflow_dispatch:
inputs:
penumbra_version:
description: 'Git ref (e.g. branch or tag) of Penumbra repo for building'
default: "main"
required: true
# Support triggering builds from penumbra-zone/penumbra CI.
repository_dispatch:
types:
- container-build
inputs:
penumbra_version:
description: 'Git ref (e.g. branch or tag) of Penumbra repo for building'
default: "main"
required: true
push:
branches:
- main
tags:
- '**'
jobs:
hermes:
runs-on: buildjet-16vcpu-ubuntu-2004
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Log in to the Docker Hub container registry (for pulls)
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log in to the GitHub container registry (for pushes)
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v4
with:
images: ghcr.io/penumbra-zone/hermes
- name: Build and push Docker image
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64
file: ci/release/Containerfile
push: true
# We include a tag with the associated Penumbra, e.g. `penumbra-v0.61.0`.
# This is important to maintain compatibility with a long-running testnet.
tags: ${{ steps.meta.outputs.tags }},ghcr.io/penumbra-zone/hermes:penumbra-${{ github.event.inputs.penumbra_version || 'main' }}
build-args: |
PENUMBRA_VERSION=${{ github.event.inputs.penumbra_version || 'main' }}
# We disable layer caching to ensure that the most recent penumbra repo is used.
# Otherwise, the static git url for the repo will always result in a cache hit.
# TODO: update with dynamic build-args using e.g. current date to bust cache.
no-cache: true
labels: ${{ steps.meta.outputs.labels }}