Docker Hub Workflow #2753

Workflow file for this run

.github/workflows/docker-hub.yml at 5d8d012

	name: Docker Hub Workflow
	run-name: Docker Hub Workflow

	on:
	workflow_dispatch:
	push:
	branches:
	- 'main'
	tags:
	- 'v*'
	pull_request:
	branches:
	- 'main'

	env:
	DOCKER_USER: 1001:127

	jobs:
	build-and-push-backend:
	runs-on: ubuntu-latest
	steps:
	-
	name: Checkout repository
	uses: actions/checkout@v4
	-
	name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: lasuite/impress-backend
	-
	name: Login to DockerHub
	if: github.event_name != 'pull_request'
	run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" \| docker login -u "${{ secrets.DOCKER_HUB_USER }}" --password-stdin
	-
	name: Run trivy scan
	uses: numerique-gouv/action-trivy-cache@main
	with:
	docker-build-args: '--target backend-production -f Dockerfile'
	docker-image-name: 'docker.io/lasuite/impress-backend:${{ github.sha }}'
	continue-on-error: true
	-
	name: Build and push
	uses: docker/build-push-action@v6
	with:
	context: .
	target: backend-production
	build-args: DOCKER_USER=${{ env.DOCKER_USER }}:-1000
	push: ${{ github.event_name != 'pull_request' }}
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}

	build-and-push-frontend:
	runs-on: ubuntu-latest
	steps:
	-
	name: Checkout repository
	uses: actions/checkout@v4
	-
	name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: lasuite/impress-frontend
	-
	name: Login to DockerHub
	if: github.event_name != 'pull_request'
	run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" \| docker login -u "${{ secrets.DOCKER_HUB_USER }}" --password-stdin
	-
	name: Run trivy scan
	uses: numerique-gouv/action-trivy-cache@main
	with:
	docker-build-args: '-f src/frontend/Dockerfile --target frontend-production'
	docker-image-name: 'docker.io/lasuite/impress-frontend:${{ github.sha }}'
	continue-on-error: true
	-
	name: Build and push
	uses: docker/build-push-action@v6
	with:
	context: .
	file: ./src/frontend/Dockerfile
	target: frontend-production
	build-args: DOCKER_USER=${{ env.DOCKER_USER }}:-1000
	push: ${{ github.event_name != 'pull_request' }}
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}

	build-and-push-y-provider:
	runs-on: ubuntu-latest
	steps:
	-
	name: Checkout repository
	uses: actions/checkout@v4
	-
	name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: lasuite/impress-y-provider
	-
	name: Login to DockerHub
	if: github.event_name != 'pull_request'
	run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" \| docker login -u "${{ secrets.DOCKER_HUB_USER }}" --password-stdin
	-
	name: Run trivy scan
	uses: numerique-gouv/action-trivy-cache@main
	with:
	docker-build-args: '-f src/frontend/servers/y-provider/Dockerfile --target y-provider'
	docker-image-name: 'docker.io/lasuite/impress-frontend:${{ github.sha }}'
	continue-on-error: true
	-
	name: Build and push
	uses: docker/build-push-action@v6
	with:
	context: .
	file: ./src/frontend/servers/y-provider/Dockerfile
	target: y-provider
	build-args: DOCKER_USER=${{ env.DOCKER_USER }}:-1000
	push: ${{ github.event_name != 'pull_request' }}
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}

	notify-argocd:
	needs:
	- build-and-push-frontend
	- build-and-push-backend
	runs-on: ubuntu-latest
	if: \|
	github.event_name != 'pull_request'
	steps:
	-
	name: Checkout repository
	uses: actions/checkout@v4
	-
	name: Call argocd github webhook
	run: \|
	data='{"ref": "'$GITHUB_REF'","repository": {"html_url":"'$GITHUB_SERVER_URL'/'$GITHUB_REPOSITORY'"}}'
	sig=$(echo -n ${data} \| openssl dgst -sha1 -hmac ''${{ secrets.ARGOCD_PREPROD_WEBHOOK_SECRET}}'' \| awk '{print "X-Hub-Signature: sha1="$2}')
	curl -X POST -H 'X-GitHub-Event:push' -H "Content-Type: application/json" -H "${sig}" --data "${data}" ${{ vars.ARGOCD_PREPROD_WEBHOOK_URL }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Docker Hub Workflow #2753

Workflow file

Docker Hub Workflow #2753

Jobs

Run details

Workflow file for this run