Add GitHub Actions CI/CD pipeline for Docker builds #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Build and Push | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - 'claude/**' | |
| paths: | |
| - 'services/hrms-tools/**' | |
| - '.github/workflows/docker-build.yml' | |
| pull_request: | |
| branches: | |
| - main | |
| paths: | |
| - 'services/hrms-tools/**' | |
| - '.github/workflows/docker-build.yml' | |
| workflow_dispatch: | |
| inputs: | |
| push_image: | |
| description: 'Push image to registry' | |
| required: false | |
| default: 'false' | |
| type: choice | |
| options: | |
| - 'true' | |
| - 'false' | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }}/cv-analysis-service | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Container Registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Extract metadata (tags, labels) | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=sha,prefix={{branch}}- | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| - name: Build Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./services/hrms-tools | |
| file: ./services/hrms-tools/Dockerfile | |
| push: false | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| load: true | |
| - name: Test Docker image | |
| run: | | |
| # Get the first tag from metadata | |
| IMAGE_TAG=$(echo "${{ steps.meta.outputs.tags }}" | head -n1) | |
| echo "Testing image: $IMAGE_TAG" | |
| # Run container | |
| docker run -d --name test-container \ | |
| -e DEFAULT_LLM_PROVIDER=auto \ | |
| -p 8000:8000 \ | |
| $IMAGE_TAG | |
| # Wait for service to start | |
| echo "Waiting for service to start..." | |
| for i in {1..30}; do | |
| if curl -f http://localhost:8000/api/v1/health 2>/dev/null; then | |
| echo "Service is healthy!" | |
| break | |
| fi | |
| echo "Attempt $i: Service not ready yet..." | |
| sleep 2 | |
| done | |
| # Test health endpoint | |
| echo "Testing health endpoint..." | |
| curl -f http://localhost:8000/api/v1/health || exit 1 | |
| # Check API info | |
| echo "Testing API info endpoint..." | |
| curl -f http://localhost:8000/api/v1/ || exit 1 | |
| # Stop and remove container | |
| docker stop test-container | |
| docker rm test-container | |
| echo "✓ Docker image tests passed!" | |
| - name: Push Docker image to registry | |
| if: github.event_name != 'pull_request' && (github.ref == 'refs/heads/main' || github.event.inputs.push_image == 'true') | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: ./services/hrms-tools | |
| file: ./services/hrms-tools/Dockerfile | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Generate build summary | |
| run: | | |
| echo "## Docker Build Summary :rocket:" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "**Status:** ✅ Success" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "**Image Tags:**" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| echo "${{ steps.meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| if [ "${{ github.event_name }}" != "pull_request" ] && ([ "${{ github.ref }}" == "refs/heads/main" ] || [ "${{ github.event.inputs.push_image }}" == "true" ]); then | |
| echo "**Registry:** ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "**Pull command:**" >> $GITHUB_STEP_SUMMARY | |
| echo '```bash' >> $GITHUB_STEP_SUMMARY | |
| echo "docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| else | |
| echo "**Note:** Image was built but not pushed to registry (PR or non-main branch)" >> $GITHUB_STEP_SUMMARY | |
| fi | |
| - name: Output image digest | |
| if: github.event_name != 'pull_request' && (github.ref == 'refs/heads/main' || github.event.inputs.push_image == 'true') | |
| run: | | |
| echo "Image pushed successfully!" | |
| echo "Registry: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}" | |
| echo "Tags: ${{ steps.meta.outputs.tags }}" |