Push Docker Image to GitHub Container Registry

Update build-and-push.yml #17

Workflow file for this run

.github/workflows/build-and-push.yml at 638a464

	name: Push Docker Image to GitHub Container Registry

	on:
	push:
	branches:
	- main
	tags:
	- v*
	workflow_dispatch:
	inputs:
	tag:
	description: 'Tag'
	required: true
	default: 'develop'

	env:
	REGISTRY: ghcr.io
	IMAGE_NAME: ${{ github.repository }}

	jobs:
	build-and-push:
	name: Docker Build and Push
	runs-on: ubuntu-latest

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	permissions:
	contents: read
	packages: write

	steps:
	- name: lowercase the IMAGE_NAME
	run: echo IMAGE_NAME="${IMAGE_NAME,,}" >> $GITHUB_ENV

	- name: Get Tags
	run: \|
	if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
	TAG=${{ github.event.inputs.tag }}
	elif [[ $GITHUB_REF == refs/tags/* ]]; then
	TAG=${GITHUB_REF#refs/tags/}
	else
	TAG=${GITHUB_REF#refs/heads/}

	if [[ $TAG == main ]]; then
	TAG=latest
	fi
	fi
	echo "TAG=$TAG" >> "$GITHUB_ENV"

	- name: Check out the repo
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	with:
	install: true

	- name: Log in to the Container registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Tag Docker image
	run: \|
	echo "IMAGE_TAG=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG }}" >> "$GITHUB_ENV"

	if [[ ${{ env.TAG }} == v* ]]; then
	echo "LATEST_TAG=,${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest" >> "$GITHUB_ENV"
	fi

	- name: Build and push Docker image
	uses: docker/build-push-action@v6
	with:
	context: .
	push: true
	tags: ${{ env.IMAGE_TAG }}${{ env.LATEST_TAG }}

	- name: docker pull
	run: docker pull ${{ env.IMAGE_TAG }}${{ env.LATEST_TAG }}

	- name: Log in to GitHub Container Registry
	run: echo "${{ secrets.GITHUB_TOKEN }}" \| gh auth login --with-token

	- name: Get repository name
	run: \|
	REPO_NAME="$(echo ${{ github.repository }} \| awk -F/ '{ print $2 }')" >> $GITHUB_ENV
	echo "REPO_NAME=${REPO_NAME}" >> $GITHUB_ENV

	- name: Delete Untagged images
	run: \|
	# 1. タグ一覧取得
	TAGS=$(gh api -X GET /user/packages/container/${{ env.REPO_NAME }}/versions --paginate --jq '.[] \| select(.metadata.container.tags \| length > 0) \| .metadata.container.tags[]')

	# 2. 各タグのdigest収集
	TAGGED_DIGESTS=""
	for TAG in $TAGS; do
	DIGEST=$(docker manifest inspect ghcr.io/${{ env.IMAGE_NAME }}:${TAG} \| jq -r '.manifests[].digest')
	TAGGED_DIGESTS="${TAGGED_DIGESTS}\n${DIGEST}"
	done

	# 3. untaggedイメージのdigest取得と削除判定（APIからid/digest取得）
	UNTAGGED_IMAGES=$(gh api -X GET /user/packages/container/${{ env.REPO_NAME }}/versions --paginate --jq '.[] \| select(.metadata.container.tags \| length == 0)')
	for row in $UNTAGGED_IMAGES; do
	DIGEST=$(echo "$row" \| jq -r '.name')
	DIGEST=${DIGEST#sha256:}
	ID=$(echo "$row" \| jq -r '.id')
	if ! echo -e "$TAGGED_DIGESTS" \| grep -q "$DIGEST"; then
	echo "Deleting untagged image ID: $ID (digest: $DIGEST)"
	gh api -X DELETE /user/packages/container/${{ env.REPO_NAME }}/versions/$ID
	else
	echo "Skipping untagged image ID: $ID (digest: $DIGEST), referenced by a tag"
	fi
	done

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update build-and-push.yml #17

Workflow file

Update build-and-push.yml #17

Uh oh!

Workflow file for this run