Skip to content

Commit

Permalink
GitHub Action for DockerHub build and publish #19
Browse files Browse the repository at this point in the history
  • Loading branch information
jsanchez556 committed Oct 2, 2024
1 parent 407e241 commit 89a6b58
Show file tree
Hide file tree
Showing 3 changed files with 116 additions and 0 deletions.
83 changes: 83 additions & 0 deletions .github/workflows/docker-publish.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
name: Build and Publish image to Docker Hub
on:
push:
branches:
- 'master'
tags:
- 'v*.*.*'

jobs:
build_and_push:
env:
DOCKER_HUB: ${{ secrets.DOCKER_LOGIN }}
DOCKER_TAGS: latest
runs-on: ubuntu-22.04
permissions:
id-token: write
attestations: write
contents: read
packages: write

strategy:
matrix:
target:
- name: stone-prover
dockerfile: Dockerfile
- name: cpu_air_prover
dockerfile: air_prover/Dockerfile
- name: cpu_air_verifier
dockerfile: air_verifier/Dockerfile
continue-on-error: true

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_LOGIN }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Determine Docker Tags
id: set-tag
run: |
if [[ "${GITHUB_REF}" == refs/tags/* ]]; then
TAG_NAME=$(echo ${GITHUB_REF} | sed 's/refs\/tags\///')
echo "DOCKER_TAGS=${TAG_NAME}" >> $GITHUB_ENV
elif [[ "${GITHUB_REF}" == "refs/heads/master" ]]; then
echo "Latest version tags..."
else
echo "No valid ref for tagging. Exiting..."
exit 1
fi
shell: bash

- name: Set image tags & labels
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.DOCKER_HUB }}/${{ matrix.target.name }}
tags: ${{ env.DOCKER_TAGS }}

- name: Build And Push Image
id: push
uses: docker/build-push-action@v6
with:
context: .
file: ${{ matrix.target.dockerfile }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

- name: Generate artifact attestation
if: github.event.repository.fork == false
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ secrets.DOCKER_LOGIN }}/${{ matrix.target.name }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true

33 changes: 33 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -149,4 +149,37 @@ Run the verifier to confirm the proof:
cpu_air_verifier --in_file=fibonacci_proof.json && echo "Successfully verified example proof."
```

## Docker Image Publishing

This repository contains a GitHub Actions workflow that automatically builds and publishes Docker images to Docker Hub.

- **Workflow file:** `.github/workflows/docker-publish.yml`

### Usage

1. Set up the following GitHub repository secrets under **Settings** > **Secrets and variables** > **Actions**:
- `DOCKER_LOGIN`: Your Docker Hub username.
- `DOCKERHUB_TOKEN`: Your Docker Hub access token.
2. The workflow is triggered by any push or pull request to the `master` branch. It builds the Docker image and publishes it to Docker Hub.

### Workflow Overview

The workflow performs the following actions:
- Checks out the repository code.
- Sets up Docker Buildx for cross-platform builds.
- Logs in to Docker Hub using the credentials stored in GitHub Secrets.
- Builds the Docker image based on the repository content.
- Pushes the image to Docker Hub with the specified tag.
- Generates an attestation for the image artifact (not applicable to forked repositories).
- Logs out of Docker Hub after the process is complete.

### Tests

1. Forked the original repository.
2. To use the local Docker Hub, update the workflow file by setting `env.DOCKER_HUB` to `127.0.0.1:5000`.
3. Temporarily updated the workflow trigger branch for testing purposes.
4. Pushed a small change to trigger the workflow.
5. Monitored the workflow in the **Actions** tab.
6. Verified the Docker image was pushed to local Docker Hub.

This project is supported by Nethermind and Starknet Foundation via [OnlyDust platform](https://app.onlydust.com/p/stone-packaging-)
Empty file modified build.sh
100644 → 100755
Empty file.

0 comments on commit 89a6b58

Please sign in to comment.