fix(ci-lease): reorder template fetch + S3 perm #318
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Build and publish FixMyStreet container image to ghcr.io | |
| # | |
| # Triggers on: | |
| # - Push to main branch affecting docker files | |
| # - All pull requests (skips build if no relevant files changed) | |
| # - Manual workflow_dispatch | |
| name: Build FixMyStreet Container | |
| on: | |
| push: | |
| branches: [main] | |
| paths: | |
| - 'cloudformation/scenarios/fixmystreet/docker/**' | |
| - '.github/workflows/docker-build-fixmystreet.yml' | |
| pull_request: | |
| workflow_dispatch: | |
| inputs: | |
| push_image: | |
| description: 'Push image to registry' | |
| required: false | |
| default: true | |
| type: boolean | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: co-cddo/ndx_try_aws_scenarios-fixmystreet | |
| jobs: | |
| changes: | |
| name: Check for Docker changes | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request' | |
| outputs: | |
| docker: ${{ steps.filter.outputs.docker }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: dorny/paths-filter@v4 | |
| id: filter | |
| with: | |
| filters: | | |
| docker: | |
| - 'cloudformation/scenarios/fixmystreet/docker/**' | |
| - '.github/workflows/docker-build-fixmystreet.yml' | |
| build: | |
| name: Build and Push Container | |
| runs-on: ubuntu-latest | |
| needs: [changes] | |
| # Run if: push/dispatch (changes job skipped), OR PR with docker changes | |
| if: | | |
| always() && | |
| (needs.changes.result == 'skipped' || needs.changes.outputs.docker == 'true') | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v4 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v4 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata for Docker | |
| id: meta | |
| uses: docker/metadata-action@v6 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=sha,prefix=sha- | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| type=ref,event=branch,enable=${{ github.ref != 'refs/heads/main' }} | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v7 | |
| with: | |
| context: cloudformation/scenarios/fixmystreet/docker | |
| file: cloudformation/scenarios/fixmystreet/docker/Dockerfile | |
| push: ${{ (github.ref == 'refs/heads/main' || (github.event_name == 'workflow_dispatch' && github.event.inputs.push_image != 'false')) }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| platforms: linux/amd64 | |
| - name: Output image details | |
| run: | | |
| echo "## Docker Image Built" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "**Registry:** ${{ env.REGISTRY }}" >> $GITHUB_STEP_SUMMARY | |
| echo "**Image:** ${{ env.IMAGE_NAME }}" >> $GITHUB_STEP_SUMMARY | |
| echo "**Tags:**" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| echo "${{ steps.meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY |