-
Notifications
You must be signed in to change notification settings - Fork 2
153 lines (140 loc) · 4.77 KB
/
image-template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
# for Privoxy
name: Build and Push Docker Image
on:
workflow_dispatch:
inputs:
distro:
description: "One of alpine or ubuntu"
required: true
type: string
default: alpine
release:
description: "One of stable or edge"
required: true
type: string
default: stable
latest:
description: "Set 'latest' tag"
required: false
type: boolean
default: false
workflow_call:
inputs:
distro:
description: "One of alpine or ubuntu"
required: true
type: string
release:
description: "One of stable or edge"
required: true
type: string
latest:
description: "Set 'latest' tag"
required: false
type: boolean
default: false
env:
# name of image
IMAGE: privoxy
# gh or docker registry
REGISTRY: ghcr.io
# build context
CONTEXT: .
# image distro
DISTRO: ${{ inputs.distro }}
# image release
RELEASE: ${{ inputs.release }}
# build arguments to be created in first step
BUILD_ARGS: ''
IMAGE_PATHS: ''
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: "Set build arguments"
id: "set-buildargs"
env:
ALPINE_VER: ${{ vars.ALPINE_VER }}
UBUNTU_VER: ${{ vars.UBUNTU_VER }}
PRIVOXY_STABLE: ${{ vars.PRIVOXY_STABLE }}
shell: "bash"
run: |
{
echo 'BUILD_ARGS<<EOF'
[ "${DISTRO}" == alpine ] && echo \"ALPINE_VER=${ALPINE_VER}\" || echo \"UBUNTU_VER=${UBUNTU_VER}\"
[ "${RELEASE}" == stable ] && echo \"PRIVOXY_VER=${PRIVOXY_STABLE}\" || echo \"PRIVOXY_VER=edge\"
echo EOF
} >> $GITHUB_ENV
- name: "Set image paths to publish"
id: "set-image-paths"
env:
BRANCH: ${{ github.ref_name }}
shell: "bash"
run: |
{
echo 'IMAGE_PATHS<<EOF'
[ "${BRANCH}" == main ] && echo tmknight88/${IMAGE}
echo ${REGISTRY}/tmknight/${IMAGE}
echo EOF
} >> $GITHUB_ENV
- name: Checkout repository
uses: actions/checkout@v4
# Setup QEMU for multi-arch
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: amd64,arm64
# Workaround: https://github.com/docker/build-push-action/issues/461
- name: Setup Docker buildx
uses: docker/setup-buildx-action@v3
# Login against a Docker registry
# https://github.com/docker/login-action
## Github Registry
- name: Log into registry ${{env.REGISTRY}}
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
## Docker Hub Registry
- name: Log into Docker Hub registry
if: ${{ github.ref_name == 'main' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.IMAGE_PATHS }}
tags: |
type=ref,event=branch,enable=${{ github.event_name != 'schedule' && github.ref_name != 'main' }}
type=ref,event=tag
type=schedule,pattern=nightly,enable=${{ env.DISTRO == 'alpine' && env.RELEASE == 'edge' }}
type=raw,enable=${{ inputs.latest }},value=latest
type=raw,enable=true,value=${{ env.DISTRO }}-${{ env.RELEASE }}
type=raw,enable=${{ env.RELEASE == 'stable' }},value=${{ env.DISTRO }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v5
with:
context: ${{ env.CONTEXT }}
platforms: linux/amd64,linux/arm64
file: docker/${{ env.DISTRO }}/${{ env.IMAGE }}.dockerfile
build-args: ${{ env.BUILD_ARGS }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max