forked from alphagov/paas-docker-cloudfoundry-tools
-
Notifications
You must be signed in to change notification settings - Fork 3
167 lines (155 loc) · 6.64 KB
/
build-image-base.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
---
name: Deploy
on:
workflow_call:
inputs:
image:
required: true
type: string
description: "Image to build"
dockerfile:
default: Dockerfile
type: string
description: "Dockerfile name"
tag_suffix:
type: string
description: "Optional suffix for all tags"
push:
default: true
type: boolean
description: "Push to registries"
platforms:
default: linux/amd64
type: string
description: "Platforms to build for"
secrets:
DOCKERHUB_USERNAME:
required: true
description: Username for logging into dockerhub
DOCKERHUB_PASSWORD:
required: true
description: Password for logging into dockerhub
env:
TEST_TAG: paas-tool:latest
#DOCKERHUB_ORG: orangecloudfoundry
DOCKERHUB_ORG: elpaasoci
BASE_IMAGES: cf-cli curl-ssl git-ssh k8s-tools terraform bosh-cli-v2 spruce spiff
IMAGES_WITH_DEPENDENCIES: awscli bosh-cli-v2-cf-cli
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Cancel Previous Runs
uses: styfle/[email protected]
with:
access_token: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout
uses: actions/checkout@v4
with:
submodules: true
- name: Log in to ghcr.io Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for ghcr
id: meta-ghcr
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}/${{ inputs.image }}
tags: |
type=sha,format=long,prefix=,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=ref,event=branch,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=ref,event=pr,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }},suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
labels: |
org.opencontainers.image.url=https://github.com/${{ github.repository }}/tree/${{ github.sha }}/${{ inputs.image }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}/tree/${{ github.sha }}/${{ inputs.image }}
org.opencontainers.image.documentation=https://raw.githubusercontent.com/${{ github.repository }}/${{ github.sha }}/${{ inputs.image }}/README.md
org.opencontainers.image.title=Orange ${{ inputs.image }} (GOV.UK PaaS fork)
- name: Extract metadata (tags, labels) for docker hub
id: meta-dockerhub
uses: docker/metadata-action@v5
with:
images: ${{ env.DOCKERHUB_ORG }}/${{ inputs.image }}
tags: |
type=sha,format=long,prefix=,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=ref,event=branch,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=ref,event=pr,suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }},suffix=${{ inputs.tag_suffix && format('-{0}', inputs.tag_suffix) }}
labels: |
org.opencontainers.image.url=https://github.com/${{ github.repository }}/tree/${{ github.sha }}/${{ inputs.image }}
org.opencontainers.image.source=https://github.com/${{ github.repository }}/tree/${{ github.sha }}/${{ inputs.image }}
org.opencontainers.image.documentation=https://raw.githubusercontent.com/${{ github.repository }}/${{ github.sha }}/${{ inputs.image }}/README.md
org.opencontainers.image.title=Orange ${{ inputs.image }} (GOV.UK PaaS fork)
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: ${{ inputs.platforms }}
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Check if there are acceptance tests
id: check_for_tests
uses: andstor/file-existence-action@v3
with:
files: "./${{ inputs.image }}/${{ inputs.image }}_spec.rb"
- name: Build for acceptance test
if: steps.check_for_tests.outputs.files_exist == 'true'
uses: docker/[email protected]
with:
context: ./${{ inputs.image }}
file: ./${{ inputs.image }}/${{inputs.dockerfile}}
load: true
tags: ${{ env.TEST_TAG }}
labels: ${{ steps.meta-ghcr.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
platforms: ${{ inputs.platforms }}
- name: Set up ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
if: steps.check_for_tests.outputs.files_exist == 'true'
- name: Acceptance Tests
env:
DOCKER_IMAGE: "${{ env.TEST_TAG }}"
run: bundle exec rspec ./${{ inputs.image }}/${{ inputs.image }}_spec.rb
if: steps.check_for_tests.outputs.files_exist == 'true'
- name: Build and push to ghcr
uses: docker/[email protected]
with:
context: ./${{ inputs.image }}
platforms: ${{ inputs.platforms }}
file: ./${{ inputs.image }}/${{inputs.dockerfile}}
push: ${{ inputs.push }}
tags: ${{ steps.meta-ghcr.outputs.tags }}
labels: ${{ steps.meta-ghcr.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Log in to docker hub Container registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Build and push to docker hub
uses: docker/[email protected]
with:
context: ./${{ inputs.image }}
platforms: ${{ inputs.platforms }}
file: ./${{ inputs.image }}/${{inputs.dockerfile}}
push: ${{ inputs.push }}
tags: ${{ steps.meta-dockerhub.outputs.tags }}
labels: ${{ steps.meta-dockerhub.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Create the tag
uses: julbme/gh-action-manage-tag@v1
with:
name: ${{ github.sha }}
state: present
from: ${{ github.ref }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: ${{ github.ref == 'refs/heads/main' }}