test a matrix strategy.. #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Publish | ||
|
Check failure on line 1 in .github/workflows/docker-publish.yml
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| tag: | ||
| description: "The tag for the Docker image, e.g., 'latest' or 'main'" | ||
| required: true | ||
| type: string | ||
| platforms: | ||
| description: "The platforms for Docker image build, e.g., 'linux/amd64,linux/arm64'" | ||
| required: true | ||
| type: string | ||
| registry: | ||
| description: "The registry to publish to: 'both', 'dockerhub', or 'github'" | ||
| required: false | ||
| default: 'both' | ||
| type: string | ||
| secrets: | ||
| DOCKERHUB_USERNAME: | ||
| required: false | ||
| DOCKERHUB_TOKEN: | ||
| required: false | ||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }} | ||
| cancel-in-progress: true | ||
| jobs: | ||
| publish: | ||
| environment: release-docker | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| platform: ${{ fromJSON(env.PLATFORMS_MATRIX) }} | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@main | ||
| with: | ||
| show-progress: false | ||
| submodules: recursive | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@master | ||
| - name: Prepare matrix | ||
| run: | | ||
| IFS=',' read -ra PLATFORMS <<< "${{ inputs.platforms }}" | ||
| matrix="[" | ||
| for p in "${PLATFORMS[@]}"; do | ||
| matrix+="\"$p\"," | ||
| done | ||
| matrix="${matrix%,}]" | ||
| echo "PLATFORMS_MATRIX=$matrix" >> $GITHUB_ENV | ||
| - name: Login to ghcr.io | ||
| if: ${{ inputs.registry == 'both' || inputs.registry == 'github' }} | ||
| uses: docker/login-action@master | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Login to DockerHub | ||
| if: ${{ inputs.registry == 'both' || inputs.registry == 'dockerhub' }} | ||
| uses: docker/login-action@master | ||
| with: | ||
| username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
| password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
| - name: Prepare environment outputs | ||
| shell: sh | ||
| run: | | ||
| set -eu | ||
| DATE_ISO8601=$(date --iso-8601=seconds --utc) | ||
| GHCR_REPOSITORY=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') | ||
| if [ "${{ inputs.registry }}" = "both" ] || [ "${{ inputs.registry }}" = "dockerhub" ]; then | ||
| DH_REPOSITORY=$(echo ${{ secrets.DOCKERHUB_USERNAME }}/${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]') | ||
| fi | ||
| if [ "${{ inputs.tag }}" != "main" ]; then | ||
| FIXED_TAG=$(echo ${{ github.ref }} | cut -d '/' -f 3) | ||
| fi | ||
| tags="" | ||
| if [ "${{ inputs.registry }}" = "both" ] || [ "${{ inputs.registry }}" = "github" ]; then | ||
| tags="${tags}ghcr.io/${GHCR_REPOSITORY}:${{ inputs.tag }}" | ||
| if [ "${{ inputs.tag }}" != "main" ]; then | ||
| tags="${tags} ghcr.io/${GHCR_REPOSITORY}:${FIXED_TAG}" | ||
| fi | ||
| fi | ||
| if [ "${{ inputs.registry }}" = "both" ] || [ "${{ inputs.registry }}" = "dockerhub" ]; then | ||
| tags="${tags} ${DH_REPOSITORY}:${{ inputs.tag }}" | ||
| if [ "${{ inputs.tag }}" != "main" ]; then | ||
| tags="${tags} ${DH_REPOSITORY}:${FIXED_TAG}" | ||
| fi | ||
| fi | ||
| echo "DATE_ISO8601=$DATE_ISO8601" >> "$GITHUB_ENV" | ||
| echo "GHCR_REPOSITORY=$GHCR_REPOSITORY" >> "$GITHUB_ENV" | ||
| if [ "${{ inputs.registry }}" = "both" ] || [ "${{ inputs.registry }}" = "dockerhub" ]; then | ||
| echo "DH_REPOSITORY=$DH_REPOSITORY" >> "$GITHUB_ENV" | ||
| fi | ||
| if [ "${{ inputs.tag }}" != "main" ]; then | ||
| echo "FIXED_TAG=$FIXED_TAG" >> "$GITHUB_ENV" | ||
| fi | ||
| echo "TAGS<<EOF" >> "$GITHUB_ENV" | ||
| printf '%s\n' $tags >> "$GITHUB_ENV" | ||
| echo "EOF" >> "$GITHUB_ENV" | ||
| - name: Build and publish Docker image from Dockerfile | ||
| uses: docker/build-push-action@master | ||
| with: | ||
| context: . | ||
| platforms: ${{ matrix.platform }} | ||
| provenance: true | ||
| sbom: true | ||
| push: true | ||
| cache-from: type=gha | ||
| cache-to: type=gha,mode=max | ||
| labels: | | ||
| org.opencontainers.image.created=${{ env.DATE_ISO8601 }} | ||
| org.opencontainers.image.version=${{ inputs.tag == 'main' && github.sha || env.FIXED_TAG }} | ||
| org.opencontainers.image.revision=${{ github.sha }} | ||
| tags: ${{ env.TAGS }} | ||
| - name: Update DockerHub repository description | ||
| if: ${{ (inputs.registry == 'both' || inputs.registry == 'dockerhub') && inputs.tag == 'main' }} | ||
| uses: peter-evans/dockerhub-description@main | ||
| with: | ||
| username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
| password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
| repository: ${{ env.DH_REPOSITORY }} | ||
| short-description: ${{ github.event.repository.description }} | ||
| - name: Set lowercase repository name | ||
| id: repo-name | ||
| run: | | ||
| echo "IMAGE_NAME_LC=$(echo ${{ github.event.repository.name }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV | ||
| - name: Delete Untagged Packages | ||
| if: ${{ inputs.registry == 'both' || inputs.registry == 'github' }} | ||
| uses: dataaxiom/ghcr-cleanup-action@v1 | ||
| continue-on-error: true | ||
| with: | ||
| delete-untagged: true | ||
| delete-ghost-images: true | ||
| delete-orphaned-images: true | ||
| validate: true | ||
| package: ${{ env.IMAGE_NAME_LC }} | ||
