Skip to content

add secrets to docker build #192

add secrets to docker build

add secrets to docker build #192

Workflow file for this run

name: 'dotnet build'
on:
push:
branches:
- '**'
pull_request:
types: [ closed ]
env:
PRERELEASE_BRANCHES: experimental,alpha,beta,rc
DOCKER_IMAGE_REGISTRY_PATH: ${{ secrets.RAAEDGE_LOGIN_SERVER }}/connectors-opcua
COVERAGE_FOLDER: Coverage
jobs:
ci:
name: 'build'
runs-on: ubuntu-latest
env:
RELEASE: ${{ github.event_name == 'push' && contains(inputs.branches || 'main,master', github.ref_name) }}
steps:
- uses: actions/checkout@v4
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- name: Add private Nuget feed
run: dotnet nuget add source --username ${{ secrets.NUGET_GITHUB_PACKAGES_USERNAME }} --password ${{ secrets.NUGET_GITHUB_PACKAGES_TOKEN }} --store-password-in-clear-text --name "githubpackagesnuget" "https://nuget.pkg.github.com/RaaLabs/index.json"
- name: Install dependencies
run: dotnet restore --no-cache --verbosity normal
- name: Build
run: dotnet build --no-restore --configuration Release
- name: Test and report coverage
run: dotnet test --configuration Release --no-build /p:CollectCoverage=true /p:CoverletOutput=${{ github.workspace }}/${{ env.COVERAGE_FOLDER }}/ /p:MergeWith=${{ github.workspace }}/${{ env.COVERAGE_FOLDER }}/coverage/ /p:CoverletOutputFormat=opencover
- uses: mathieudutour/[email protected]
name: Calculate next version and create tag on GitHub
id: tag
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
tag_prefix: ${{ inputs.component && format('{0}/v',inputs.component) || 'v' }}
fetch_all_tags: true
release_branches: ${{ inputs.branches }}
dry_run: ${{ env.RELEASE != 'true' }}
- name: Build Docker image
uses: docker/build-push-action@v6
with:
push: false
no-cache: true
context: .
file: ${{ inputs.dockerfile || 'Source/Dockerfile' }}
secrets: |
NUGET_GITHUB_PACKAGES_USERNAME=${{ secrets.NUGET_GITHUB_PACKAGES_USERNAME }}
NUGET_GITHUB_PACKAGES_TOKEN=${{ secrets.NUGET_GITHUB_PACKAGES_TOKEN }}
load: true
platforms: linux/amd64
tags: image:local
build-args: |
BUILD_VERSION=${{ steps.tag.outputs.new_version }}
- name: Apply version tag to Docker images
id: references
run: |
echo ${{ github.event_name }}
IMAGES=$(tr "," "\n" <<<"${{ inputs.images }}" | sed "s/^[[:space:]]*//;s/[[:space:]]*$//")
echo -e "Images to tag:\n$IMAGES"
REFS=$(sed "s/$/:v${{ steps.tag.outputs.new_version }}/" <<<"$IMAGES" | paste -sd "," -)
echo -e "References: $REFS"
echo "tags=$REFS" >> $GITHUB_OUTPUT
- name: 'ACR login'
uses: azure/docker-login@v2
with:
login-server: ${{ secrets.RAAEDGE_LOGIN_SERVER }}
username: ${{ secrets.RAAEDGE_ACR_USERNAME }}
password: ${{ secrets.RAAEDGE_ACR_PASSWORD }}
- name: Docker push
uses: docker/build-push-action@v6
if: ${{ env.RELEASE == 'true' }}
with:
push: true
context: .
file: ${{ inputs.dockerfile || 'Source/Dockerfile' }}
platforms: linux/amd64
tags: ${{ steps.references.outputs.tags }}
build-args: |
BUILD_VERSION=${{ steps.tag.outputs.new_version }}
- name: Docker logout
if: always()
run: |
docker logout ${{ secrets.RAAEDGE_LOGIN_SERVER }}
docker logout ${{ secrets.RAAEDGE_LOGIN_SERVER_2 }}
- name: Create GitHub Release
if: ${{ env.RELEASE == 'true' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release create ${{ steps.tag.outputs.new_tag }} --target=${{ github.sha }} --title="${{ inputs.component && format('{0} - ',inputs.component) || '' }}v${{ steps.tag.outputs.new_version }}" --notes="${{ steps.tag.outputs.changelog }}"