Docker Images #809
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker Images | |
on: | |
push: | |
branches: | |
- main | |
tags: | |
- v* | |
pull_request: | |
branches: | |
- main | |
schedule: | |
- cron: '1 0 * * *' | |
release: | |
types: [published] | |
workflow_dispatch: | |
jobs: | |
docker: | |
name: Build, test, and publish Docker images to Docker Hub | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Prepare | |
id: prep | |
run: | | |
DOCKER_IMAGE=recast/recastatlas | |
VERSION=latest | |
if [[ $GITHUB_REF == refs/tags/* ]]; then | |
VERSION=${GITHUB_REF#refs/tags/} | |
elif [[ $GITHUB_REF == refs/pull/* ]]; then | |
VERSION=pr-${{ github.event.number }} | |
fi | |
TAGS="${DOCKER_IMAGE}:${VERSION}" | |
TAGS="$TAGS,${DOCKER_IMAGE}:latest,${DOCKER_IMAGE}:sha-${GITHUB_SHA::10}" | |
# Releases also have GITHUB_REFs that are tags, so reuse VERSION | |
if [ "${{ github.event_name }}" = "release" ]; then | |
TAGS="$TAGS,${DOCKER_IMAGE}:latest-stable" | |
fi | |
echo ::set-output name=version::${VERSION} | |
echo ::set-output name=tags::${TAGS} | |
echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ') | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
# Use login as access tokens are now part of paid 'pro' Docker Hub plan | |
- name: Login to DockerHub | |
if: github.event_name != 'pull_request' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_USER }} | |
password: ${{ secrets.DOCKERHUB_PASS }} | |
- name: Test build | |
id: docker_build_test | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
file: docker/Dockerfile | |
tags: ${{ steps.prep.outputs.tags }} | |
labels: | | |
org.opencontainers.image.source=${{ github.event.repository.html_url }} | |
org.opencontainers.image.created=${{ steps.prep.outputs.created }} | |
org.opencontainers.image.revision=${{ github.sha }} | |
load: true | |
push: false | |
- name: Image digest | |
run: echo ${{ steps.docker_build_test.outputs.digest }} | |
- name: List built images | |
run: docker images | |
- name: Check recast CLI functional | |
run: >- | |
docker run --rm | |
recast/recastatlas:sha-${GITHUB_SHA::10} | |
sh -c 'recast --help' | |
- name: Build and publish to registry | |
# every PR will trigger a push event on main, so check the push event is actually coming from main | |
if: github.event_name == 'push' && github.ref == 'refs/heads/main' && github.repository == 'recast-hep/recast-atlas' | |
id: docker_build_latest | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
file: docker/Dockerfile | |
tags: recast/recastatlas:latest | |
labels: | | |
org.opencontainers.image.source=${{ github.event.repository.html_url }} | |
org.opencontainers.image.created=${{ steps.prep.outputs.created }} | |
org.opencontainers.image.revision=${{ github.sha }} | |
push: true | |
platforms: linux/amd64,linux/arm64 | |
- name: Build and publish to registry with release tag | |
if: github.event_name == 'release' && github.event.action == 'published' && github.repository == 'recast-hep/recast-atlas' | |
id: docker_build_release | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
file: docker/Dockerfile | |
tags: ${{ steps.prep.outputs.tags }} | |
labels: | | |
org.opencontainers.image.source=${{ github.event.repository.html_url }} | |
org.opencontainers.image.created=${{ steps.prep.outputs.created }} | |
org.opencontainers.image.revision=${{ github.sha }} | |
push: true | |
platforms: linux/amd64,linux/arm64 |