Build Docker Image - dispatch #178
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create Ckan Deployment image | |
| on: | |
| repository_dispatch: | |
| types: [ Build Docker Image - dispatch ] | |
| workflow_dispatch: | |
| workflow_run: | |
| # only runs additional steps if [ Create Ckan Base image ] was successful | |
| workflows: [ Create Ckan Base image ] | |
| types: [ completed ] | |
| jobs: | |
| build-deployment-image: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Validate prerequisites | |
| uses: ahmadnassri/action-workflow-run-wait@v1 | |
| with: | |
| timeout: 15000 # we stop trying to check altogether after 15 secs because there is no delay set up; this prevents hanging if the workflow is cancelled | |
| # delay: 60000 # we try to check the status of the prerequisite workflows after 1 min | |
| - name: Checkout repo | |
| uses: actions/checkout@v3 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: ${{ secrets.ROLE_OIDC }} | |
| aws-region: eu-west-2 | |
| role-session-name: CKANDockerDeployment | |
| - name: Login into the Container Registry | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| # TODO: use Docker Metadata action in the future to manage the semantic versioning of images | |
| - name: Set sha output | |
| id: tags | |
| run: | | |
| if [ ${{ github.event_name }} == "repository_dispatch" ]; then | |
| echo "::set-output name=tag::${{ github.event.client_payload.satellite_repo}}-${{ github.event.client_payload.merge_commit_sha}}" | |
| else | |
| echo "::set-output name=tag::$(git rev-parse --short HEAD)" | |
| fi | |
| - name: Build and push | |
| id: docker_build | |
| uses: docker/build-push-action@v3 | |
| with: | |
| file: ./contrib/docker-ckan/prod/Dockerfile | |
| context: . | |
| platforms: linux/amd64 | |
| builder: ${{ steps.buildx.outputs.name }} | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache | |
| # don't push the image if it's a pull request, only build it which is a way of testing if the image can be successfully built | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: | | |
| ${{ secrets.CONTAINER_REGISTRY_URL }}/mdepckan/ckan-deploy:${{ steps.tags.outputs.tag }} | |
| ${{ secrets.CONTAINER_REGISTRY_URL }}/mdepckan/ckan-deploy:latest | |
| # labels: ${{ steps.docker_meta.outputs.labels }} | |
| build-args: | | |
| INTERNAL_REG=${{ secrets.CONTAINER_REGISTRY_URL }} |