Docker release pipeline#86
Conversation
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a new GitHub Actions workflow to automate building and releasing the Fabric-X committer Docker image whenever a v* tag is pushed.
- Triggers a release pipeline on new tag pushes.
- Sets up QEMU and Docker Buildx for multi-architecture builds.
- Extracts version from tag, builds binaries, and pushes multi-platform Docker images using Docker Hub credentials.
Comments suppressed due to low confidence (2)
.github/workflows/docker-release.yml:34
- The secret name
DOCKERHUB_TOKENis inconsistent withDOCKER_HUB_USERNAME. Consider renaming it toDOCKER_HUB_TOKENfor consistency across secrets.
password: ${{ secrets.DOCKERHUB_TOKEN }}
.github/workflows/docker-release.yml:38
- [nitpick] Add a validation step to ensure
GITHUB_REFmatches the expectedrefs/tags/v*format and fail early ifVERSIONis empty, preventing downstream steps from using an invalid version.
run: echo "VERSION=${GITHUB_REF#refs/tags/v}" >> $GITHUB_ENV
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
|
I have resolved all the review comments from @cendhu and @Copilot |
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
Signed-off-by: Anushka <anush159@in.ibm.com>
liran-funaro
left a comment
There was a problem hiding this comment.
LGTM. Just some minor comment.
@cendhu Can we remove scripts/build-release-image.sh?
| if [ "$GITHUB_REPOSITORY_OWNER" == "hyperledger" ]; then | ||
| echo "IMAGE_PREFIX=hyperledger" >> $GITHUB_ENV | ||
| else | ||
| echo "IMAGE_PREFIX=${{ secrets.DOCKERHUB_USERNAME }}" >> $GITHUB_ENV |
There was a problem hiding this comment.
Why do we need this part? We would only push images from the main "hyperledger" repository.
There was a problem hiding this comment.
It permits for forks to push in their dockerhubs. That was the idea
There was a problem hiding this comment.
Is there a way to disable this? I prefer not to have this capability in my fork to avoid mistakes.
| ARCHBIN_PATH=archbin | ||
| PORTS=4001 2114 9001 2119 5001 2115 6001 2116 7001 2117 | ||
| cache-from: type=registry,ref=docker.io/${{ env.IMAGE_PREFIX }}/fabric-x-committer:buildcache | ||
| cache-to: type=registry,ref=docker.io/${{ env.IMAGE_PREFIX }}/fabric-x-committer:buildcache,mode=max No newline at end of file |
There was a problem hiding this comment.
nit: missing line break
A docker-release-pipeline.yml is added that triggers github actions workflow on the push of a new tag.