Separate snapshot and release images

dmolesUC · dmolesUC · commit a34c6829eab8 · 2022-05-24T14:47:44.000-07:00
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,52 +1,68 @@
 name: Build
-on: [ push, pull_request, workflow_dispatch ]
+on: [ push, pull_request, release, workflow_dispatch ]
 env:
   REGISTRY: ghcr.io
-  BUILD_TAG: sha-${{ github.sha }}
 jobs:
-  build:
+  setup:
     runs-on: ubuntu-latest
 
-    permissions:
-      packages: write
-
     steps:
       # See https://github.com/docker/build-push-action/blob/v2.10.0/TROUBLESHOOTING.md#repository-name-must-be-lowercase
-      - name: Sanitize repo slug
+      - name: Sanitize image name
         uses: actions/github-script@v6
-        id: slug
+        id: image-name
         with:
           result-encoding: string
-          script: return '${{ github.repository }}'.toLowerCase()
+          script: return '${{ env.REGISTRY }}/${{ github.repository }}'.toLowerCase()
+
+      - name: Get short SHA
+        run: |
+          echo SHORT_SHA="${GITHUB_SHA:0:7}" >> $GITHUB_ENV
+
+    outputs:
+      base_image_name: ${{ steps.image-name.outputs.result }}
+      build_image: ${{ steps.image-name.outputs.result }}:${{ env.SHORT_SHA }}
+
+  build:
+    if: github.event_name != 'release'
+    needs: setup
+    env:
+      BUILD_IMAGE: ${{ needs.setup.outputs.build_image }}
+
+    runs-on: ubuntu-latest
+
+    permissions:
+      packages: write
 
+    steps:
       - name: Checkout repository
         uses: actions/checkout@v2
 
       - name: Log in to the Container registry
-        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
+        uses: docker/login-action@v2
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
+        uses: docker/build-push-action@v3
         with:
           context: .
           push: true
-          tags: ${{ env.REGISTRY }}/${{ steps.slug.outputs.result }}:${{ env.BUILD_TAG }}
+          tags: ${{ env.BUILD_IMAGE }}
 
     outputs:
-      # TODO: Figure out how to DRY this
-      image_path: ${{ env.REGISTRY }}/${{ steps.slug.outputs.result }}
-      tagged_image: ${{ env.REGISTRY }}/${{ steps.slug.outputs.result }}:${{ env.BUILD_TAG }}
+      build_image: ${{ env.BUILD_IMAGE }}
 
   test:
+    if: github.event_name != 'release'
     needs: build
+
     runs-on: ubuntu-latest
 
     container:
-      image: ${{ needs.build.outputs.tagged_image }}
+      image:  ${{ needs.build.outputs.build_image }}
 
     defaults:
       run:
@@ -75,26 +91,68 @@ jobs:
           name: artifacts
           path: /opt/app/artifacts/**
 
+  # TODO: DRY push and push-release
   push:
-    needs: [ build, test ]
+    if: github.event_name != 'release'
+
+    needs: [ setup, build, test ]
+    env:
+      BASE_IMAGE_NAME: ${{ needs.setup.outputs.base_image_name }}
+      BUILD_IMAGE: ${{ needs.build.outputs.build_image }}
+
     runs-on: ubuntu-latest
 
     permissions:
       packages: write
 
+    steps:
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v3
+        with:
+          images: ${{ env.BASE_IMAGE_NAME }}
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Tag and push image
+        uses: akhilerm/tag-push-action@v2.0.0
+        with:
+          src: ${{ env.BUILD_IMAGE }}
+          dst: |
+            ${{ steps.meta.outputs.tags }}
+
+  # TODO: DRY push and push-release
+  push-release:
+    if: github.event_name == 'release' && github.event.action == 'published'
+
+    needs: [setup]
     env:
-      IMAGE_PATH: ${{ needs.build.outputs.image_path }}
-      TAGGED_IMAGE: ${{ needs.build.outputs.tagged_image }}
+      BASE_IMAGE_NAME: ${{ needs.setup.outputs.base_image_name }}
+      BUILD_IMAGE: ${{ needs.setup.outputs.build_image }}
+
+    runs-on: ubuntu-latest
+
+    permissions:
+      packages: write
 
     steps:
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        uses: docker/metadata-action@v3
         with:
-          images: ${{ env.IMAGE_PATH }}
+          images: ${{ env.BASE_IMAGE_NAME }}
+          tags:
+            type=semver,pattern={{major}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{version}}
 
       - name: Log in to the Container registry
-        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
+        uses: docker/login-action@v2
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -103,6 +161,6 @@ jobs:
       - name: Tag and push image
         uses: akhilerm/tag-push-action@v2.0.0
         with:
-          src: ${{ env.TAGGED_IMAGE }}
+          src: ${{ env.BUILD_IMAGE }}
           dst: |
             ${{ steps.meta.outputs.tags }}
