-
Notifications
You must be signed in to change notification settings - Fork 1
106 lines (88 loc) · 3.21 KB
/
docker-acr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# Login to Azure Container Registry using OpenID Connect (OIDC), then build and push Docker image.
name: ♻ docker-acr
on:
workflow_call:
inputs:
runs_on:
description: The label of the runner (GitHub- or self-hosted) to run this workflow on. Defaults to `ubuntu-24.04`.
type: string
required: false
default: ubuntu-24.04
environment:
description: The name of the GitHub environment that this job references.
type: string
required: false
working_directory:
description: The path of the working directory containing the Dockerfile to build an image from.
type: string
default: "."
required: false
registry_name:
description: The name of the Azure Container Registry to push the Docker image to.
type: string
required: true
repository:
description: The repository in the Azure Container Registry to push the Docker image to.
type: string
required: false
default: ${{ github.repository }}
tag:
description: A tag for the image.
type: string
required: false
default: ${{ github.run_number }}
secrets:
AZURE_CLIENT_ID:
description: The client ID of the service principal to use for authenticating to Azure.
required: true
AZURE_SUBSCRIPTION_ID:
description: The ID of the Azure subscription to authenticate to.
required: true
AZURE_TENANT_ID:
description: The ID of the Microsoft Entra tenant to authenticate to.
required: true
outputs:
image:
description: The Docker image that was built.
value: ${{ jobs.docker.outputs.image }}
permissions: {}
env:
AZURE_CORE_OUTPUT: none
jobs:
docker:
name: Docker
runs-on: ${{ inputs.runs_on }}
if: github.actor != 'dependabot[bot]'
environment: ${{ inputs.environment }}
permissions:
contents: read # Required to checkout the repository
id-token: write # Required to login to Azure using OIDC
env:
IMAGE: ${{ inputs.registry_name }}.azurecr.io/${{ inputs.repository }}:${{ inputs.tag }}
IMAGE_LATEST: ${{ inputs.registry_name }}.azurecr.io/${{ inputs.repository }}:latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Azure
uses: azure/login@a65d910e8af852a8061c627c456678983e180302
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
- name: Login to ACR
env:
REGISTRY_NAME: ${{ inputs.registry_name }}
run: az acr login --name "$REGISTRY_NAME"
- name: Build and push
uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4
env:
DOCKER_BUILD_SUMMARY: true
with:
context: ${{ inputs.working_directory }}
tags: ${{ env.IMAGE }},${{ env.IMAGE_LATEST }}
push: true
outputs:
image: ${{ env.IMAGE }}
image_latest: ${{ env.IMAGE_LATEST }}