Skip to content
Build and Push Docker Image

Add Docker build workflow #21

Sign in to view logs

Add Docker build workflow

Add Docker build workflow #21

Workflow file for this run

.github/workflows/docker-build-secretvm.yml at bc35dce
name: Build and Push Docker Image
on:
push:
branches:
- master
tags: "v[0-9]+.[0-9]+.[0-9]+"
permissions:
contents: write
packages: write
jobs:
build-and-push:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Get the version
id: get_version
run: echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
- name: Set lowercase repository name
id: set_repo
run: echo "REPO_NAME=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
- name: Log in to GitHub Container Registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Build Docker image
id: build
run: |
docker build -t ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:latest -f Dockerfile .
- name: Push Docker image
id: push
run: |
# Push latest first
docker push ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:latest
# Tag with version and push
docker tag ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:latest ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:${{ steps.get_version.outputs.VERSION }}
docker push ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:${{ steps.get_version.outputs.VERSION }}
# Get the manifest digest after pushing
MANIFEST_DIGEST=$(docker inspect ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:latest --format='{{index .RepoDigests 0}}' | cut -d'@' -f2 | cut -d':' -f2)
echo "IMAGE_HASH=${MANIFEST_DIGEST}" >> $GITHUB_OUTPUT
- name: Generate docker-compose-secretvm.yaml
run: |
# Determine the directory where the Dockerfile is located
DOCKERFILE_DIR="."
# Create the docker-compose file in the same directory as the Dockerfile
cat > $DOCKERFILE_DIR/docker-compose-secretvm.yaml << EOL
# Release: https://github.com/${{ github.repository }}/releases/tag/${{ steps.get_version.outputs.VERSION }}
# Workflow URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
# Commit: https://github.com/${{ github.repository }}/commit/${{ github.sha }}
# Dockerfile Path: Dockerfile
# Docker Compose Location: $DOCKERFILE_DIR/docker-compose-secretvm.yaml
version: '3'
services:
app:
image: ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}@sha256:${{ steps.push.outputs.IMAGE_HASH }}
ports:
- '8000:8000'
EOL
- name: Commit docker-compose-secretvm.yaml
run: |
# Fetch all branches
git fetch origin
# Get the branch where the tag was created from
# This is the branch that should receive the docker-compose file
BRANCH_NAME="master"
# Checkout the branch
git checkout $BRANCH_NAME
# Configure git
git config user.name github-actions
git config user.email [email protected]
# Determine the directory where the Dockerfile is located
DOCKERFILE_DIR="."
# Add and commit changes
git add $DOCKERFILE_DIR/docker-compose-secretvm.yaml
if git diff --staged --quiet; then
echo "No changes to commit"
else
git commit -m "Update docker-compose-secretvm.yaml for version ${{ steps.get_version.outputs.VERSION }}"
git push origin $BRANCH_NAME
fi
- name: Output Image URL
run: |
echo "IMAGE_URL=ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:${{ steps.get_version.outputs.VERSION }}" >> $GITHUB_OUTPUT
echo "WORKFLOW_ID=${{ github.run_id }}" >> $GITHUB_OUTPUT
- name: Notify Workflow Status
if: always()
run: |
echo "Workflow Status: ${{ job.status }}"
echo "Image URL: ghcr.io/${{ steps.set_repo.outputs.REPO_NAME }}:${{ steps.get_version.outputs.VERSION }}"
echo "Workflow ID: ${{ github.run_id }}"