add secrets to docker push #199
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'dotnet build' | |
on: | |
push: | |
branches: | |
- '**' | |
pull_request: | |
types: [ closed ] | |
env: | |
PRERELEASE_BRANCHES: experimental,alpha,beta,rc | |
DOCKER_IMAGE_REGISTRY_PATH: ${{ secrets.RAAEDGE_LOGIN_SERVER }}/connectors-opcua | |
COVERAGE_FOLDER: Coverage | |
jobs: | |
ci: | |
name: 'build' | |
runs-on: ubuntu-latest | |
env: | |
RELEASE: ${{ github.event_name == 'push' && contains('main,master', github.ref_name) }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: docker/setup-qemu-action@v3 | |
- uses: docker/setup-buildx-action@v3 | |
- name: Add private Nuget feed | |
run: dotnet nuget add source --username ${{ secrets.NUGET_GITHUB_PACKAGES_USERNAME }} --password ${{ secrets.NUGET_GITHUB_PACKAGES_TOKEN }} --store-password-in-clear-text --name "githubpackagesnuget" "https://nuget.pkg.github.com/RaaLabs/index.json" | |
- name: Install dependencies | |
run: dotnet restore --no-cache --verbosity normal | |
- name: Build | |
run: dotnet build --no-restore --configuration Release | |
- name: Test and report coverage | |
run: dotnet test --configuration Release --no-build /p:CollectCoverage=true /p:CoverletOutput=${{ github.workspace }}/${{ env.COVERAGE_FOLDER }}/ /p:MergeWith=${{ github.workspace }}/${{ env.COVERAGE_FOLDER }}/coverage/ /p:CoverletOutputFormat=opencover | |
- uses: mathieudutour/[email protected] | |
name: Calculate next version and create tag on GitHub | |
id: tag | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
tag_prefix: ${{ inputs.component && format('{0}/v',inputs.component) || 'v' }} | |
fetch_all_tags: true | |
release_branches: ${{ inputs.branches }} | |
dry_run: ${{ env.RELEASE != 'true' }} | |
- name: Build Docker image | |
uses: docker/build-push-action@v6 | |
with: | |
push: false | |
no-cache: true | |
context: . | |
file: 'Source/Dockerfile' | |
secrets: | | |
NUGET_GITHUB_PACKAGES_USERNAME=${{ secrets.NUGET_GITHUB_PACKAGES_USERNAME }} | |
NUGET_GITHUB_PACKAGES_TOKEN=${{ secrets.NUGET_GITHUB_PACKAGES_TOKEN }} | |
load: true | |
platforms: linux/amd64 | |
tags: image:local | |
build-args: | | |
BUILD_VERSION=${{ steps.tag.outputs.new_version }} | |
- name: Apply version tag to Docker images | |
id: references | |
run: | | |
echo ${{ github.event_name }} | |
IMAGES=$(tr "," "\n" <<<"${{ env.DOCKER_IMAGE_REGISTRY_PATH }}" | sed "s/^[[:space:]]*//;s/[[:space:]]*$//") | |
echo -e "Images to tag:\n$IMAGES" | |
REFS=$(sed "s/$/:v${{ steps.tag.outputs.new_version }}/" <<<"$IMAGES" | paste -sd "," -) | |
echo -e "References: $REFS" | |
echo "tags=$REFS" >> $GITHUB_OUTPUT | |
- name: 'ACR login' | |
uses: azure/docker-login@v2 | |
with: | |
login-server: ${{ secrets.RAAEDGE_LOGIN_SERVER }} | |
username: ${{ secrets.RAAEDGE_ACR_USERNAME }} | |
password: ${{ secrets.RAAEDGE_ACR_PASSWORD }} | |
- name: Docker push | |
uses: docker/build-push-action@v6 | |
if: ${{ env.RELEASE == 'true' }} | |
with: | |
push: true | |
context: . | |
file: 'Source/Dockerfile' | |
secrets: | | |
NUGET_GITHUB_PACKAGES_USERNAME=${{ secrets.NUGET_GITHUB_PACKAGES_USERNAME }} | |
NUGET_GITHUB_PACKAGES_TOKEN=${{ secrets.NUGET_GITHUB_PACKAGES_TOKEN }} | |
platforms: linux/amd64 | |
tags: ${{ steps.references.outputs.tags }} | |
build-args: | | |
BUILD_VERSION=${{ steps.tag.outputs.new_version }} | |
- name: Docker logout | |
if: always() | |
run: | | |
docker logout ${{ secrets.RAAEDGE_LOGIN_SERVER }} | |
docker logout ${{ secrets.RAAEDGE_LOGIN_SERVER_2 }} | |
- name: Create GitHub Release | |
if: ${{ env.RELEASE == 'true' }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
gh release create ${{ steps.tag.outputs.new_tag }} --target=${{ github.sha }} --title="v${{ steps.tag.outputs.new_version }}" --notes="${{ steps.tag.outputs.changelog }}" |