1+ name : Build and Push Docker Image
2+
3+ on :
4+ push :
5+ tags : " v[0-9]+.[0-9]+.[0-9]+"
6+
7+ jobs :
8+ build-and-push :
9+ runs-on : ubuntu-latest
10+
11+ steps :
12+ - name : Checkout repo
13+ uses : actions/checkout@v3
14+ with :
15+ fetch-depth : 0
16+
17+ - name : Get the version
18+ id : get_version
19+ run : echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
20+
21+ - name : Set lowercase repository name
22+ id : set_repo
23+ run : echo "REPO_NAME=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
24+
25+ - name : Log in to GitHub Container Registry
26+ run : echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
27+
28+ - name : Build Docker image
29+ id : build
30+ run : |
31+ docker build -t ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:latest -f Dockerfile .
32+
33+
34+ name : Push Docker image
35+ id : push
36+ run : |
37+ # Push latest first
38+ docker push ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:latest
39+ # Tag with version and push
40+ docker tag ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:latest ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:${{ steps.get_version.outputs.VERSION }}
41+ docker push ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:${{ steps.get_version.outputs.VERSION }}
42+
43+ # Get the manifest digest after pushing
44+ MANIFEST_DIGEST=$(docker inspect ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:latest --format='{{index .RepoDigests 0}}' | cut -d'@' -f2 | cut -d':' -f2)
45+ echo "IMAGE_HASH=${MANIFEST_DIGEST}" >> $GITHUB_OUTPUT
46+
47+ name : Generate docker-compose-secretvm.yaml
48+ run : |
49+ # Determine the directory where the Dockerfile is located
50+ DOCKERFILE_DIR="."
51+
52+ # Create the docker-compose file in the same directory as the Dockerfile
53+ cat > $DOCKERFILE_DIR/docker-compose-secretvm.yaml << EOL
54+ # Release: https://github.com/${{ github.repository }}/releases/tag/${{ steps.get_version.outputs.VERSION }}
55+ # Workflow URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
56+ # Commit: https://github.com/${{ github.repository }}/commit/${{ github.sha }}
57+ # Dockerfile Path: Dockerfile
58+ # Docker Compose Location: $DOCKERFILE_DIR/docker-compose-secretvm.yaml
59+ version: '3'
60+ services:
61+ app:
62+ image: ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}@sha256:${{ steps.push.outputs.IMAGE_HASH }}
63+ ports:
64+ - '8080:80'
65+ EOL
66+
67+ name : Commit docker-compose-secretvm.yaml
68+ run : |
69+ # Fetch all branches
70+ git fetch origin
71+
72+ # Get the branch where the tag was created from
73+ # This is the branch that should receive the docker-compose file
74+ BRANCH_NAME="master"
75+
76+ # Checkout the branch
77+ git checkout $BRANCH_NAME
78+
79+ # Configure git
80+ git config user.name github-actions
81+ git config user.email [email protected] 82+
83+ # Determine the directory where the Dockerfile is located
84+ DOCKERFILE_DIR="."
85+
86+ # Add and commit changes
87+ git add $DOCKERFILE_DIR/docker-compose-secretvm.yaml
88+ if git diff --staged --quiet; then
89+ echo "No changes to commit"
90+ else
91+ git commit -m "Update docker-compose-secretvm.yaml for version ${{ steps.get_version.outputs.VERSION }}"
92+ git push origin $BRANCH_NAME
93+ fi
94+
95+ name : Output Image URL
96+ run : |
97+ echo "IMAGE_URL=ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:${{ steps.get_version.outputs.VERSION }}" >> $GITHUB_OUTPUT
98+ echo "WORKFLOW_ID=${{ github.run_id }}" >> $GITHUB_OUTPUT
99+
100+ name : Notify Workflow Status
101+ if : always()
102+ run : |
103+ echo "Workflow Status: ${{ job.status }}"
104+ echo "Image URL: ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:${{ steps.get_version.outputs.VERSION }}"
105+ echo "Workflow ID: ${{ github.run_id }}"
0 commit comments