Skip to content

chore(ci): extract version from dockerfile #60

chore(ci): extract version from dockerfile

chore(ci): extract version from dockerfile #60

# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Build & Publish Containers
on:
workflow_dispatch:
push:
branches:
- main
pull_request:
env:
REGISTRY: ghcr.io
USER: alwatr
jobs:
build:
if: github.repository_owner == 'Alwatr'
name: Build & Publish Containers
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- name: traefik
path: traefik/1
- name: traefik
path: traefik/3
- name: alpine
path: alpine
- name: nocodb
path: nocodb
- name: php
path: php/7.4-apache
- name: php
path: php/7.4-fpm
- name: php
path: php/8.2-fpm
- name: adminer
path: adminer
- name: mariadb
path: mariadb/11
- name: mariadb
path: mariadb/10
- name: wordpress
path: wordpress/php7.4
- name: wordpress
path: wordpress/php8.2
- name: tdlib
path: tdlib
permissions:
contents: read
packages: write
id-token: write
steps:
- name: ⤵️ Checkout repository
uses: actions/[email protected]
- name: ❔ Check Container files changed
id: file_change
uses: dorny/[email protected]
with:
filters: |
container_folder:
./${{ matrix.path }}/*
- name: 🏗 Extract version from dockerfile
if: ${{ steps.file_change.outputs.container_folder == 'true' }}
id: version
run: |
version_full=$(grep 'ir.alwatr.image.version.full' ./${{ matrix.path }}/Dockerfile | cut -d'"' -f2)
version_short=$(grep 'ir.alwatr.image.version.short' ./${{ matrix.path }}/Dockerfile | cut -d'"' -f2)
echo "version_full=$version_full" >> $GITHUB_OUTPUT
echo "version_short=$version_short" >> $GITHUB_OUTPUT
- name: 🏗 Install cosign
if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder == 'true' }}
uses: sigstore/[email protected]
- name: 🏗 Setup Docker Buildx
if: ${{ steps.file_change.outputs.container_folder == 'true' }}
uses: docker/[email protected]
- name: 🏗 Cache Docker Layers
if: ${{ steps.file_change.outputs.container_folder == 'true' }}
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: container-${{ matrix.name }}
- name: 🏗 Log into registry ${{env.REGISTRY}}
if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder == 'true' }}
uses: docker/[email protected]
with:
registry: ${{env.REGISTRY}}
username: ${{github.repository_owner}}
password: ${{secrets.GITHUB_TOKEN}}
- name: 🚀 Build and push container image
if: ${{ steps.file_change.outputs.container_folder == 'true' }}
id: build_and_push
uses: docker/[email protected]
with:
context: ./${{matrix.path}}
push: ${{github.event_name != 'pull_request'}}
tags: |
${{env.REGISTRY}}/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_full}}
${{env.REGISTRY}}/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_short}}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
build-args: |
BUILD_DATE=${{github.event.repository.updated_at}}
BUILD_REV=${{github.sha}}
- name: 🏗 Sign the image with GitHub OIDC Token
if: ${{ github.event_name != 'pull_request' && steps.file_change.outputs.container_folder == 'true' }}
env:
COSIGN_EXPERIMENTAL: 'true'
run: |
cosign sign --yes "${{env.REGISTRY}}/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_full}}@${{steps.build_and_push.outputs.digest}}"
cosign sign --yes "${{env.REGISTRY}}/${{env.USER}}/${{matrix.name}}:${{steps.version.outputs.version_short}}@${{steps.build_and_push.outputs.digest}}"