Simplify docker build and push workflow #76
Conversation
Signed-off-by: Aleksei Khudiakov <[email protected]>
Signed-off-by: Aleksei Khudiakov <[email protected]>
| if: ${{ github.event_name == 'pull_request' && ! env.DOCKER_USER }} | ||
| images: ghcr.io/laminas/laminas-continuous-integration | ||
| tags: | | ||
| type=semver,pattern={{version}} |
There was a problem hiding this comment.
{{version}} is shorthand for {{major}}.{{minor}}.{{patch}}
It uses tag ref associated with release to extract version info.
There was a problem hiding this comment.
Checking the docs, type=semver seems wrong, as it expects the tag to be v1.2.3, while we tag 1.2.3: https://github.com/docker/metadata-action#typesemver
https://github.com/docker/metadata-action#typepep440 seems to be more connected
There was a problem hiding this comment.
semver is correct. v prefix is dropped and ignored
| - name: Login to GitHub Container Registry | ||
| if: ${{ env.DOCKER_USER }} | ||
| if: ${{ github.event_name == 'release' }} | ||
| uses: docker/login-action@v1 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ env.DOCKER_USER }} | ||
| password: ${{ secrets.CONTAINER_PAT }} | ||
|
|
||
| - name: Build and push for release | ||
| if: ${{ github.event_name == 'release' }} | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| context: . | ||
| file: ./Dockerfile | ||
| platforms: linux/amd64 | ||
| pull: true | ||
| push: true | ||
| tags: ${{ join(fromJSON(steps.tags.outputs.tags), ',') }} | ||
| cache-from: type=registry,ref=ghcr.io/laminas/laminas-continuous-integration-action:build-cache | ||
| cache-to: type=registry,ref=ghcr.io/laminas/laminas-continuous-integration-action:build-cache,mode=max | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} |
There was a problem hiding this comment.
Actions token works for GHCR because package has this repository added with write access for actions.
Link for reference for TSC members: https://github.com/orgs/laminas/packages/container/laminas-continuous-integration/settings
| if: ${{ github.event_name == 'pull_request' && ! env.DOCKER_USER }} | ||
| images: ghcr.io/laminas/laminas-continuous-integration | ||
| tags: | | ||
| type=semver,pattern={{version}} |
There was a problem hiding this comment.
Checking the docs, type=semver seems wrong, as it expects the tag to be v1.2.3, while we tag 1.2.3: https://github.com/docker/metadata-action#typesemver
https://github.com/docker/metadata-action#typepep440 seems to be more connected
| uses: docker/build-push-action@v2 | ||
| - name: Docker meta | ||
| id: docker_meta | ||
| uses: docker/metadata-action@v3 |
There was a problem hiding this comment.
Given that for us, git tag === image tag, why not skip this action completely, and just get the tag from github.ref_name + github.ref_type === 'tag' ?
That would remove he need for this third-party to be involved.
There was a problem hiding this comment.
why not skip this action completely
It have sanity checks and validations in place. Action that was used here failed immediately when used with ref for PR.
| push: ${{ github.event_name == 'release' }} | ||
| tags: | | ||
| ${{ steps.docker_meta.outputs.tags }} | ||
| labels: ${{ steps.docker_meta.outputs.labels }} |
There was a problem hiding this comment.
Is this fetched from the LABEL blocks in Dockerfile? If so, I can totally see the value in using the docker/metadata-action, although it's weird that these aren't simply fetched from the LABEL blocks in this step directly 🤔
There was a problem hiding this comment.
No, those are populated from action context, you can see output in log for metadata step:
Docker tags
ghcr.io/laminas/laminas-continuous-integration:pr-76
Docker labels
org.opencontainers.image.title=laminas-continuous-integration-action
org.opencontainers.image.description=GitHub Action for running a QA check
org.opencontainers.image.url=https://github.com/laminas/laminas-continuous-integration-action
org.opencontainers.image.source=https://github.com/laminas/laminas-continuous-integration-action
org.opencontainers.image.version=pr-76
org.opencontainers.image.created=2022-01-25T00:22:31.500Z
org.opencontainers.image.revision=2b0bbcc594923f10ac377486321ba0e1fd8cc366
org.opencontainers.image.licenses=BSD-3-Clause
There was a problem hiding this comment.
LABEL in dockerfile are already applied and those don't need to be specified at runtime
Signed-off-by: Aleksei Khudiakov <[email protected]>
|
docker meta step for the release: |
Description
Workflow is updated and simplified to use single step to build container also using github actions cache for build cache export.
Same step also pushes the image when triggered from release event.