Skip to content

Commit

Permalink
Add Github Actions to build Docker images (#94)
Browse files Browse the repository at this point in the history 
* Add Github Actions to build Docker images

* Split into separate workflows

* Fix path filters
  • Loading branch information
@mmwinther
mmwinther authored Nov 9, 2023
1 parent 5be14ab commit c7a33c2
Show file tree
Hide file tree
Showing 3 changed files with 154 additions and 1 deletion.
75 changes: 75 additions & 0 deletions .github/workflows/jupyterhub-docker-build-and-deploy.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
name: Jupyterhub Docker Build and Deploy

on:
release:
types: [published]
push:
branches:
- "main"
paths:
- 'docker/jupyterhub/**'
- '.github/workflows/jupyterhub-docker-build-and-deploy.yml'
pull_request:
paths:
- 'docker/jupyterhub/**'
- '.github/workflows/jupyterhub-docker-build-and-deploy.yml'

env:
REGISTRY: europe-north1-docker.pkg.dev/artifact-registry-5n/dapla-stat-docker/jupyter
TAG: ${{ github.ref_name }}-${{ github.sha }}
IMAGE_PREFIX: on-prem-
NAME: jupyterhub

jobs:
docker:
permissions:
contents: "read"
id-token: "write"
runs-on: ubuntu-latest
steps:
- name: "Check out repo"
uses: actions/checkout@v3
- name: "Authenticate to Google Cloud"
id: "auth"
uses: "google-github-actions/[email protected]"
with:
workload_identity_provider: "projects/848539402404/locations/global/workloadIdentityPools/gh-actions/providers/gh-actions"
service_account: "gh-actions-dapla-stat@artifact-registry-5n.iam.gserviceaccount.com"
token_format: "access_token"
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Login to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: "oauth2accesstoken"
password: "${{ steps.auth.outputs.access_token }}"
- name: Docker meta
id: metadata
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}${{ env.NAME }}
# Docker tags based on the following events/attributes
tags: |
type=ref,event=branch
type=ref,event=pr
type=raw,value=latest,enable={{is_default_branch}}
type=semver,pattern=v{{version}}
type=semver,pattern=v{{major}}.{{minor}}
type=semver,pattern=v{{major}}
type=raw,value=${{ env.TAG }}, enable=true
- name: Build and push image
id: docker_build
uses: docker/build-push-action@v4
with:
context: docker/${{ env.NAME }}
file: docker/${{ env.NAME }}/Dockerfile
push: true
tags: |
${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}${{ env.NAME }}:buildcache
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}${{ env.NAME }}:buildcache,mode=max
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
77 changes: 77 additions & 0 deletions .github/workflows/jupyterlab-docker-build-and-deploy.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
name: Jupyterlab Docker Build and Deploy

on:
release:
types: [published]
push:
branches:
- "main"
paths:
- 'docker/jupyterlab/**'
- '.github/workflows/jupyterlab-docker-build-and-deploy.yml'
pull_request:
paths:
- 'docker/jupyterlab/**'
- '.github/workflows/jupyterlab-docker-build-and-deploy.yml'

env:
REGISTRY: europe-north1-docker.pkg.dev/artifact-registry-5n/dapla-stat-docker/jupyter
TAG: ${{ github.ref_name }}-${{ github.sha }}
IMAGE_PREFIX: on-prem-
BASE_IMAGE: jupyterlab-common:latest
NAME: jupyterlab

jobs:
docker:
permissions:
contents: "read"
id-token: "write"
runs-on: ubuntu-latest
steps:
- name: "Check out repo"
uses: actions/checkout@v3
- name: "Authenticate to Google Cloud"
id: "auth"
uses: "google-github-actions/[email protected]"
with:
workload_identity_provider: "projects/848539402404/locations/global/workloadIdentityPools/gh-actions/providers/gh-actions"
service_account: "gh-actions-dapla-stat@artifact-registry-5n.iam.gserviceaccount.com"
token_format: "access_token"
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Login to registry
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: "oauth2accesstoken"
password: "${{ steps.auth.outputs.access_token }}"
- name: Docker meta
id: metadata
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}${{ env.NAME }}
# Docker tags based on the following events/attributes
tags: |
type=ref,event=branch
type=ref,event=pr
type=raw,value=latest,enable={{is_default_branch}}
type=semver,pattern=v{{version}}
type=semver,pattern=v{{major}}.{{minor}}
type=semver,pattern=v{{major}}
type=raw,value=${{ env.TAG }}, enable=true
- name: Build and push image
id: docker_build
uses: docker/build-push-action@v4
with:
context: docker/${{ env.NAME }}
file: docker/${{ env.NAME }}/Dockerfile
push: true
build-args: base_image=${{ env.REGISTRY }}/${{ env.BASE_IMAGE }}
tags: |
${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}${{ env.NAME }}:buildcache
cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}${{ env.NAME }}:buildcache,mode=max
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
3 changes: 2 additions & 1 deletion docker/jupyterlab/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
FROM eu.gcr.io/prod-bip/ssb/statistikktjenester/jupyterlab-common:latest
ARG base_image="eu.gcr.io/prod-bip/ssb/statistikktjenester/jupyterlab-common:latest"
FROM ${base_image}

USER root

Expand Down

0 comments on commit c7a33c2

Please sign in to comment.