bld_docker #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: bld_docker | |
| permissions: | |
| checks: write | |
| contents: read | |
| issues: read | |
| pull-requests: write | |
| on: | |
| workflow_call: | |
| inputs: | |
| docker_name: | |
| description: 'Name of the docker image to build' | |
| required: false | |
| default: "orcid/version-bumping-test" | |
| type: string | |
| context: | |
| description: 'Name of the context in the repo' | |
| required: false | |
| default: "." | |
| type: string | |
| build_args: | |
| description: 'build_args e.g wibble=blar' | |
| required: false | |
| default: "" | |
| type: string | |
| file: | |
| description: 'specify a custom dockerfile' | |
| required: false | |
| default: "" | |
| type: string | |
| version_tag: | |
| description: 'Name of the tag to build' | |
| required: false | |
| default: 'latest' | |
| type: string | |
| bump: | |
| description: 'whether to bump the version number by a major minor patch amount or none' | |
| required: false | |
| default: 'patch' | |
| type: string | |
| ref: | |
| description: 'git reference to use with the checkout use default_branch to have that calculated' | |
| required: false | |
| default: "default" | |
| type: string | |
| push: | |
| description: 'Select to push to docker registry' | |
| required: false | |
| default: true | |
| type: boolean | |
| workflow_dispatch: | |
| inputs: | |
| docker_name: | |
| description: 'Name of the docker image to build' | |
| required: false | |
| default: "orcid/version-bumping-test" | |
| type: string | |
| context: | |
| description: 'Name of the context in the repo' | |
| required: false | |
| default: "." | |
| type: string | |
| build_args: | |
| description: 'build_args e.g wibble=blar' | |
| required: false | |
| default: "" | |
| type: string | |
| file: | |
| description: 'specify a custom dockerfile' | |
| required: false | |
| default: "" | |
| type: string | |
| version_tag: | |
| description: 'Name of the tag to build' | |
| required: false | |
| default: 'latest' | |
| type: string | |
| bump: | |
| description: 'whether to bump the version number by a major minor patch amount or none' | |
| required: false | |
| default: 'patch' | |
| type: string | |
| ref: | |
| description: 'git reference to use with the checkout use default_branch to have that calculated' | |
| required: false | |
| default: "default" | |
| type: string | |
| push: | |
| description: 'Select to push to docker registry' | |
| required: false | |
| default: true | |
| type: boolean | |
| jobs: | |
| bld_docker: | |
| strategy: | |
| matrix: | |
| include: | |
| - artifact_name: prod | |
| docker_name: orcid/registry/orcid-web-frontend-prod | |
| build_args: "build_env=prod" | |
| file: Dockerfile.build.yarn | |
| - artifact_name: sandbox | |
| docker_name: orcid/registry/orcid-web-frontend-sandbox | |
| build_args: "build_env=sandbox" | |
| file: Dockerfile.build.yarn | |
| - artifact_name: qa | |
| docker_name: orcid/registry/orcid-web-frontend-qa | |
| build_args: "build_env=qa" | |
| file: Dockerfile.build.yarn | |
| - artifact_name: int | |
| docker_name: orcid/registry/orcid-web-frontend-int | |
| build_args: "build_env=int" | |
| file: Dockerfile.build.yarn | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: git-checkout-ref-action | |
| id: ref | |
| uses: ORCID/git-checkout-ref-action@main | |
| with: | |
| default_branch: ${{ github.event.repository.default_branch }} | |
| ref: ${{ inputs.ref }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ steps.ref.outputs.ref }} | |
| # checkout some history so we can scan commits for bump messages | |
| # NOTE: history does not include tags! | |
| fetch-depth: 100 | |
| - name: find next version | |
| id: version | |
| uses: ORCID/version-bump-action@main | |
| with: | |
| version_tag: ${{ inputs.version_tag }} | |
| bump: ${{ inputs.bump }} | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: actions/cache@v4 | |
| with: | |
| path: /tmp/.buildx-cache | |
| # each cache needs a unique key for the job | |
| key: ${{ runner.os }}-buildx-${{ hashFiles(inputs.context) }} | |
| # Alternative restore keys if no exact match is found | |
| # I /think/ this means that other docker buildx jobs could help out here | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Login to private registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.DOCKER_REG_PRIVATE }} | |
| username: ${{ secrets.DOCKER_USER }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: nasty hack to allow dynamic defaults | |
| id: dynamic_defaults | |
| run: | | |
| FILE="${{ matrix.file }}" | |
| echo "default_file=${FILE:-${{ inputs.context }}/Dockerfile}" >> "$GITHUB_OUTPUT" | |
| - name: show the dynamic defaults | |
| run: | | |
| echo ${{ steps.dynamic_defaults.outputs.default_file }} | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| push: ${{ inputs.push }} | |
| tags: ${{ secrets.DOCKER_REG_PRIVATE }}/${{ matrix.docker_name}}:${{ steps.version.outputs.version_tag_numeric }} | |
| context: ${{ inputs.context }} | |
| cache-from: type=registry,ref=${{ secrets.DOCKER_REG_PRIVATE }}/${{ matrix.docker_name }}:cache | |
| cache-to: type=registry,mode=max,image-manifest=true,oci-mediatypes=true,ref=${{ secrets.DOCKER_REG_PRIVATE }}/${{ matrix.docker_name }}:cache | |
| build-args: ${{ matrix.build_args }} | |
| file: ${{ steps.dynamic_defaults.outputs.default_file }} | |