Build And Push #73
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build And Push | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
paths: | |
- "VERSION" | |
- ".github/workflows/build-push.yaml" | |
permissions: | |
contents: "read" | |
id-token: "write" | |
security-events: "write" | |
actions: "read" | |
packages: "write" | |
env: | |
IMAGE: codecollection-devtools | |
DEFAULT_BRANCH: "origin/${{ github.event.repository.default_branch }}" | |
SHARED_ARTIFACT_REPOSITORY_PATH: "us-docker.pkg.dev/runwhen-nonprod-shared/public-images" | |
GHCR_ORG: "runwhen-contrib" | |
jobs: | |
build-and-push: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- id: 'auth-runwhen' | |
name: 'Authenticate to Google Cloud' | |
uses: 'google-github-actions/[email protected]' | |
with: | |
workload_identity_provider: ${{ secrets.RUNWHEN_NONPROD_SHARED_WI_PROVIDER }} | |
service_account: ${{ secrets.RUNWHEN_NONPROD_SHARED_WI_SA }} | |
- name: Set tag and version | |
run: |- | |
if [[ -s VERSION ]]; then | |
VERSION=$(cat VERSION) | |
echo "VERSION=$VERSION" >> $GITHUB_ENV | |
echo "VERSION extracted: $VERSION" | |
else | |
echo "VERSION file is missing or empty" >&2 | |
exit 1 | |
fi | |
echo "TAG=$(echo $GITHUB_REF_NAME | sed 's/[^a-zA-Z0-9]/-/g')-${GITHUB_SHA::8}" >> $GITHUB_ENV | |
- name: Configure docker for GCP | |
run: gcloud --quiet auth configure-docker us-docker.pkg.dev | |
- name: Login to GHCR | |
run: |- | |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login --username ${{ github.actor }} --password-stdin ghcr.io | |
- name: Build | |
run: |- | |
docker buildx create --use --name=mybuilder | |
docker buildx inspect --bootstrap | |
docker buildx build \ | |
--push \ | |
--platform linux/amd64 \ | |
--tag "${{ env.SHARED_ARTIFACT_REPOSITORY_PATH }}/$IMAGE:$VERSION" \ | |
--tag "${{env.SHARED_ARTIFACT_REPOSITORY_PATH }}/$IMAGE:latest" \ | |
--tag ghcr.io/$GHCR_ORG/$IMAGE:$VERSION \ | |
--tag ghcr.io/$GHCR_ORG/$IMAGE:latest \ | |
--build-arg GITHUB_SHA="$GITHUB_SHA" \ | |
--build-arg GITHUB_REF="$GITHUB_REF" \ | |
-f Dockerfile . | |
- name: Notify Slack of Container Build | |
id: slack-publish-nonprod-shared-artifact-repo | |
uses: slackapi/[email protected] | |
with: | |
channel-id: "#notifications" # Slack channel id or name to post message. https://api.slack.com/methods/chat.postMessage#channels | |
slack-message: "Just Pushed to ${{env.SHARED_ARTIFACT_REPOSITORY_PATH }}/${{ env.IMAGE }}:${{ env.VERSION }}" | |
env: | |
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} | |
- name: Notify Slack of GHCR Push | |
id: slack-deploy-to-ghcr | |
uses: slackapi/[email protected] | |
with: | |
channel-id: "#codecollections" # Slack channel id or name to post message. https://api.slack.com/methods/chat.postMessage#channels | |
slack-message: "Just deployed latest version of codecollection-devtools to https://github.com/orgs/runwhen-contrib/packages/container/package/codecollection-devtools" | |
env: | |
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} |