Image Build for tag 100/merge #32
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Image Build" | |
on: | |
workflow_dispatch: | |
inputs: | |
tag: | |
required: true | |
type: string | |
workflow_call: | |
inputs: | |
tag: | |
required: true | |
type: string | |
pull_request: | |
types: | |
- opened | |
- synchronize | |
- reopened | |
run-name: "Image Build for tag ${{ github.ref_name }}" | |
permissions: | |
packages: write | |
contents: write | |
pull-requests: write | |
issues: write | |
jobs: | |
build-and-push: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
- name: Create safe tag for image | |
id: safe_tag | |
run: | | |
if [ "${{ inputs.tag }}" != "" ]; then | |
echo "Tag input exists: ${{ inputs.tag }}" | |
echo "SAFE_TAG=$(echo ${{ inputs.tag }} | sed 's/[^a-zA-Z0-9.]/-/g')" >> $GITHUB_OUTPUT | |
else | |
if [ "${{ github.event_name }}" == "pull_request" ] && [ "${{ github.event.pull_request.head.ref }}" != "main" ]; then | |
echo "SAFE_TAG=$(echo ${{ github.event.pull_request.head.ref }} | sed 's/[^a-zA-Z0-9.]/-/g')-${{ github.run_id }}-${{ github.run_number }}" >> $GITHUB_OUTPUT | |
else | |
echo "SAFE_TAG=$(echo ${{ inputs.tag }} | sed 's/[^a-zA-Z0-9.]/-/g')" >> $GITHUB_OUTPUT | |
fi | |
fi | |
- name: Set up Docker Buildx | |
id: setup_buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Log into ghcr | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push to ghcr | |
id: build_publish | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
platforms: linux/amd64, linux/arm64 | |
push: true | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
tags: ghcr.io/ministryofjustice/hmpps-ldap-automation:${{ steps.safe_tag.outputs.SAFE_TAG }} | |
- name: Comment image tag on PR | |
env: | |
GH_TOKEN: ${{ github.token }} | |
if: github.event_name == 'pull_request' | |
run: | | |
gh pr comment ${{ github.event.pull_request.number }} --body 'Image built and pushed to `ghcr.io/ministryofjustice/hmpps-ldap-automation:${{ steps.safe_tag.outputs.SAFE_TAG }}`' | |
- name: Slack failure notification | |
if: ${{ failure() }} | |
uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 | |
with: | |
payload: | | |
{"blocks":[{"type": "section","text": {"type": "mrkdwn","text": ":no_entry: Failed GitHub Action:"}},{"type": "section","fields":[{"type": "mrkdwn","text": "*Workflow:*\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ github.workflow }}>"},{"type": "mrkdwn","text": "*Job:*\n${{ github.job }}"},{"type": "mrkdwn","text": "*Repo:*\n${{ github.repository }}"}]}]} | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.PWO_PUBLIC_SLACK_WEBHOOK_URL }} | |
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK |