Skip to content

ci: Add Dependabot update config #519

ci: Add Dependabot update config

ci: Add Dependabot update config #519

Workflow file for this run

name: Docker Images
on:
push:
branches:
- main
tags:
- v*
pull_request:
branches:
- main
schedule:
- cron: '1 0 * * *'
release:
types: [published]
workflow_dispatch:
jobs:
docker:
name: Build, test, and publish Docker images to Docker Hub
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Prepare
id: prep
run: |
DOCKER_IMAGE=recast/recastatlas
VERSION=latest
if [[ $GITHUB_REF == refs/tags/* ]]; then
VERSION=${GITHUB_REF#refs/tags/}
elif [[ $GITHUB_REF == refs/pull/* ]]; then
VERSION=pr-${{ github.event.number }}
fi
TAGS="${DOCKER_IMAGE}:${VERSION}"
TAGS="$TAGS,${DOCKER_IMAGE}:latest,${DOCKER_IMAGE}:sha-${GITHUB_SHA::10}"
# Releases also have GITHUB_REFs that are tags, so reuse VERSION
if [ "${{ github.event_name }}" = "release" ]; then
TAGS="$TAGS,${DOCKER_IMAGE}:latest-stable"
fi
echo ::set-output name=version::${VERSION}
echo ::set-output name=tags::${TAGS}
echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# Use login as access tokens are now part of paid 'pro' Docker Hub plan
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USER }}
password: ${{ secrets.DOCKERHUB_PASS }}
- name: Test build
id: docker_build_test
uses: docker/build-push-action@v5
with:
context: .
file: docker/Dockerfile
tags: ${{ steps.prep.outputs.tags }}
labels: |
org.opencontainers.image.source=${{ github.event.repository.html_url }}
org.opencontainers.image.created=${{ steps.prep.outputs.created }}
org.opencontainers.image.revision=${{ github.sha }}
load: true
push: false
- name: Image digest
run: echo ${{ steps.docker_build_test.outputs.digest }}
- name: List built images
run: docker images
- name: Check recast CLI functional
run: >-
docker run --rm
recast/recastatlas:sha-${GITHUB_SHA::10}
sh -c 'recast --help'
- name: Build and publish to registry
# every PR will trigger a push event on main, so check the push event is actually coming from main
if: github.event_name == 'push' && github.ref == 'refs/heads/main' && github.repository == 'recast-hep/recast-atlas'
id: docker_build_latest
uses: docker/build-push-action@v5
with:
context: .
file: docker/Dockerfile
tags: recast/recastatlas:latest
labels: |
org.opencontainers.image.source=${{ github.event.repository.html_url }}
org.opencontainers.image.created=${{ steps.prep.outputs.created }}
org.opencontainers.image.revision=${{ github.sha }}
push: true
- name: Build and publish to registry with release tag
if: github.event_name == 'release' && github.event.action == 'published' && github.repository == 'recast-hep/recast-atlas'
id: docker_build_release
uses: docker/build-push-action@v5
with:
context: .
file: docker/Dockerfile
tags: ${{ steps.prep.outputs.tags }}
labels: |
org.opencontainers.image.source=${{ github.event.repository.html_url }}
org.opencontainers.image.created=${{ steps.prep.outputs.created }}
org.opencontainers.image.revision=${{ github.sha }}
push: true