Merge pull request #289 from razeware/upgrades #339
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and publish docker images | |
| on: | |
| push: | |
| # Publish `master` as Docker `latest` image. | |
| branches: | |
| - master | |
| - development | |
| # Publish `v1.2.3` tags as releases. | |
| tags: | |
| - v* | |
| env: | |
| IMAGE_NAME: robles | |
| REGISTRY_IMAGE: razeware/robles | |
| jobs: | |
| determine_environment: | |
| name: Determine environment | |
| runs-on: ubuntu-latest | |
| outputs: | |
| environment: ${{ steps.set_environment.outputs.environment }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set environment | |
| id: set_environment | |
| run: | | |
| if [[ $GITHUB_REF == 'refs/heads/development' ]]; then | |
| echo "environment=staging" >> $GITHUB_OUTPUT | |
| # Else if tag starts with v, then it's a release | |
| elif [[ $GITHUB_REF == 'refs/tags/v'* ]]; then | |
| echo "environment=production" >> $GITHUB_OUTPUT | |
| else | |
| echo "environment=na" >> $GITHUB_OUTPUT | |
| fi | |
| # Run tests. | |
| # See also https://docs.docker.com/docker-hub/builds/automated-testing/ | |
| test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run tests | |
| run: | | |
| if [ -f docker-compose.test.yml ]; then | |
| docker-compose --file docker-compose.test.yml build | |
| docker-compose --file docker-compose.test.yml run sut | |
| else | |
| docker build . --file Dockerfile | |
| fi | |
| - name: Notify slack - test results | |
| uses: voxmedia/github-action-slack-notify-build@v1 | |
| if: failure() | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} | |
| with: | |
| channel: circleci | |
| status: FAILED | |
| color: danger | |
| # Push image to DockerHub. | |
| build: | |
| # Ensure test job passes before pushing image. | |
| needs: | |
| - determine_environment | |
| - test | |
| if: github.event_name == 'push' | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - runner: ubuntu-latest | |
| platform: linux/amd64 | |
| - runner: public-arm-4core | |
| platform: linux/arm64 | |
| runs-on: ${{ matrix.runner }} | |
| outputs: | |
| slack_message_id: ${{ steps.slack.outputs.message_id }} | |
| steps: | |
| - name: Notify slack - build starting | |
| uses: voxmedia/github-action-slack-notify-build@v1 | |
| if: success() | |
| id: slack | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} | |
| with: | |
| channel: build | |
| status: STARTING | |
| color: warning | |
| - name: Prepare | |
| run: | | |
| platform=${{ matrix.platform }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ env.REGISTRY_IMAGE }} | |
| tags: | | |
| type=ref,event=tag,prefix=release- | |
| type=raw,value=latest,enable=${{ github.ref_name == 'master' }} | |
| type=raw,value=staging,enable=${{ needs.determine_environment.outputs.environment == 'staging' }} | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| buildkitd-flags: --debug | |
| - name: Log in to DockerHub registry | |
| run: echo "${{ secrets.DOCKERHUB_PASSWORD }}" | docker login -u razewareci --password-stdin | |
| - name: Build and push | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| platforms: ${{ matrix.platform }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| - name: Export digest | |
| run: | | |
| mkdir -p /tmp/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "/tmp/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digests-${{ env.PLATFORM_PAIR }} | |
| path: /tmp/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| - name: Logout of DockerHub Registry | |
| if: ${{ always() }} | |
| run: docker logout | |
| - name: Notify slack - build result failed | |
| uses: voxmedia/github-action-slack-notify-build@v1 | |
| if: failure() | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} | |
| with: | |
| message_id: ${{ steps.slack.outputs.message_id }} | |
| channel: build | |
| status: FAILED | |
| color: danger | |
| merge: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - determine_environment | |
| - build | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: /tmp/digests | |
| pattern: digests-* | |
| merge-multiple: true | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ env.REGISTRY_IMAGE }} | |
| tags: | | |
| type=ref,event=tag,prefix=release- | |
| type=raw,value=latest,enable=${{ github.ref_name == 'master' }} | |
| type=raw,value=staging,enable=${{ needs.determine_environment.outputs.environment == 'staging' }} | |
| - name: Log in to DockerHub registry | |
| run: echo "${{ secrets.DOCKERHUB_PASSWORD }}" | docker login -u razewareci --password-stdin | |
| - name: Create manifest list and push | |
| working-directory: /tmp/digests | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) | |
| - name: Inspect image | |
| run: | | |
| docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} | |
| - name: Logout of DockerHub Registry | |
| if: ${{ always() }} | |
| run: docker logout | |
| - name: Notify slack - build result successful | |
| uses: voxmedia/github-action-slack-notify-build@v1 | |
| if: success() | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} | |
| with: | |
| message_id: ${{ needs.build.outputs.slack_message_id }} | |
| channel: build | |
| status: SUCCESS | |
| color: good | |
| - name: Notify slack - build result failed | |
| uses: voxmedia/github-action-slack-notify-build@v1 | |
| if: failure() | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} | |
| with: | |
| message_id: ${{ needs.build.outputs.slack_message_id }} | |
| channel: build | |
| status: FAILED | |
| color: danger |