├── tests └── Dockerfile ├── .github ├── configs │ └── labeler.yml ├── workflows │ ├── glueops-basics.yml │ └── test-action-on-pr-and-schedule.yml └── release.yml ├── Dockerfile ├── README.md └── action.yml /tests/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM debian:bullseye-slim 2 | 3 | CMD echo "\e[42m\e[30m github-actions-build-push-containers works from \e[1m$REGISTRY \e[0m" 4 | -------------------------------------------------------------------------------- /.github/configs/labeler.yml: -------------------------------------------------------------------------------- 1 | #### 2 | ## This is managed via https://github.com/internal-GlueOps/github-shared-files-sync . Any changes to this file may be overridden by our automation 3 | #### 4 | 5 | include-in-release-notes: 6 | - changed-files: 7 | - any-glob-to-any-file: '**' -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # This file is used by CI pipeline when testing this action 2 | FROM alpine:latest@sha256:0a4eaa0eecf5f8c050e5bba433f58c052be7587ee8af3e8b3910ef9ab5fbe9f5 3 | 4 | RUN apk update \ 5 | && apk -a info curl \ 6 | && apk add curl 7 | 8 | # these two are passed as build arguments 9 | ARG BUILD_DATE 10 | ARG GITHUB_SHA 11 | 12 | ENV GITHUB_SHA=$GITHUB_SHA 13 | 14 | RUN env | sort -------------------------------------------------------------------------------- /.github/workflows/glueops-basics.yml: -------------------------------------------------------------------------------- 1 | #### 2 | ## This is managed via https://github.com/internal-GlueOps/github-shared-files-sync . Any changes to this file may be overridden by our automation 3 | #### 4 | 5 | name: "GlueOps Standard Checks" 6 | 7 | on: 8 | pull_request: 9 | types: [opened, synchronize, reopened] 10 | 11 | jobs: 12 | PR_CHECKS_AND_LABELS: 13 | uses: GlueOps/github-workflows/.github/workflows/glueops-basic-pr-checks.yml@main 14 | secrets: inherit -------------------------------------------------------------------------------- /.github/release.yml: -------------------------------------------------------------------------------- 1 | #### 2 | ## This is managed via https://github.com/internal-GlueOps/github-shared-files-sync . Any changes to this file may be overridden by our automation 3 | #### 4 | 5 | changelog: 6 | exclude: 7 | labels: 8 | - 'ignore' 9 | # authors: 10 | # - 'glueops-terraform-svc-account' 11 | # - 'glueops-svc-account' 12 | # - 'glueops-renovatebot' 13 | categories: 14 | - title: Breaking Changes 🛠 15 | labels: 16 | - 'major' 17 | - 'breaking-change' 18 | - title: Enhancements 🎉 19 | labels: 20 | - 'minor' 21 | - 'enhancement' 22 | - 'new-feature' 23 | - title: Other 🐛 24 | labels: 25 | - 'auto-update' 26 | - 'patch' 27 | - 'fix' 28 | - 'bugfix' 29 | - 'bug' 30 | - 'hotfix' 31 | - 'dependencies' 32 | - 'include-in-release-notes' 33 | -------------------------------------------------------------------------------- /.github/workflows/test-action-on-pr-and-schedule.yml: -------------------------------------------------------------------------------- 1 | name: Test github-actions-build-push-containers on PR and schedule 2 | 3 | on: 4 | pull_request: 5 | types: [opened, synchronize, reopened] 6 | schedule: 7 | - cron: '45 12 * * 4' 8 | 9 | permissions: 10 | id-token: write 11 | packages: write 12 | 13 | jobs: 14 | test_action: 15 | runs-on: ubuntu-22.04 16 | 17 | steps: 18 | - name: set variables 19 | run: | 20 | # set image name, GITHUB_ENV is not available until after step completes 21 | TEST_IMAGE_NAME=glueops/github-actions-build-push-containers/test-github-actions-build-push-containers 22 | echo "TEST_IMAGE_NAME=$TEST_IMAGE_NAME" >> $GITHUB_ENV 23 | 24 | # Configure AWS Variables 25 | echo "ECR_REGISTRY=616531474007.dkr.ecr.us-west-2.amazonaws.com" >> $GITHUB_ENV 26 | echo "AWS_REGION=us-west-2" >> $GITHUB_ENV 27 | # Use a different ecr repository to test iam path 28 | echo "ECR_IAM_ROLE_TEST_IMAGE_NAME=${TEST_IMAGE_NAME}-iam-role" >> $GITHUB_ENV 29 | 30 | # Docker Hub has a unique naming convention 31 | echo "DOCKERHUB_TEST_IMAGE_NAME=glueopsrocksv2/github-actions-build-push-containers_test-github-actions-build-push-containers" >> $GITHUB_ENV 32 | 33 | 34 | - name: Checkout code 35 | uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 36 | 37 | 38 | - name: run ghcr.io 39 | uses: ./ 40 | with: 41 | image_name: ${{ env.TEST_IMAGE_NAME }} 42 | registry: "ghcr.io" 43 | context: "./test-directory/tests/" 44 | target_directory: test-directory 45 | 46 | - name: test ghcr.io 47 | run: | 48 | echo "::group::pull from ghcr.io" 49 | echo "pulling ghcr.io/$TEST_IMAGE_NAME:${{ github.sha }}" 50 | docker pull ghcr.io/$TEST_IMAGE_NAME:${{ github.sha }} 51 | echo "::endgroup::" 52 | docker run -e REGISTRY=ghcr.io ghcr.io/$TEST_IMAGE_NAME:${{ github.sha }} 53 | 54 | 55 | - name: run ecr with access keys 56 | uses: ./ 57 | with: 58 | aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} 59 | aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} 60 | aws_default_region: ${{ env.AWS_REGION }} 61 | image_name: ${{ env.TEST_IMAGE_NAME }} 62 | registry: ${{ env.ECR_REGISTRY }} 63 | context: "./test-directory/tests/" 64 | target_directory: test-directory 65 | 66 | - name: test ecr with access keys 67 | run: | 68 | echo "::group::log in to ecr and pull" 69 | echo $(aws ecr get-login-password --region $AWS_REGION) \ 70 | | docker login --username AWS --password-stdin $ECR_REGISTRY 71 | docker pull $ECR_REGISTRY/$TEST_IMAGE_NAME:${{ github.sha }} 72 | echo "::endgroup::" 73 | docker run -e "REGISTRY=dkr.ecr with Access Keys" $ECR_REGISTRY/$TEST_IMAGE_NAME:${{ github.sha }} 74 | 75 | - name: run ecr with iam role 76 | uses: ./ 77 | with: 78 | aws_role_to_assume: ${{ secrets.AWS_ROLE_ARN }} 79 | aws_default_region: ${{ env.AWS_REGION }} 80 | image_name: ${{ env.ECR_IAM_ROLE_TEST_IMAGE_NAME }} 81 | registry: ${{ env.ECR_REGISTRY }} 82 | context: "./test-directory/tests/" 83 | target_directory: test-directory 84 | 85 | - name: test ecr with iam role 86 | run: | 87 | echo "::group::log in to ecr and pull" 88 | echo $(aws ecr get-login-password --region $AWS_REGION) \ 89 | | docker login --username AWS --password-stdin $ECR_REGISTRY 90 | docker pull $ECR_REGISTRY/$ECR_IAM_ROLE_TEST_IMAGE_NAME:${{ github.sha }} 91 | echo "::endgroup::" 92 | docker run -e "REGISTRY=dkr.ecr with IAM Role" $ECR_REGISTRY/$ECR_IAM_ROLE_TEST_IMAGE_NAME:${{ github.sha }} 93 | 94 | - name: run docker hub 95 | uses: ./ 96 | with: 97 | dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }} 98 | dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }} 99 | image_name: ${{ env.DOCKERHUB_TEST_IMAGE_NAME }} 100 | registry: "docker.io" 101 | context: "./test-directory/tests/" 102 | target_directory: test-directory 103 | 104 | - name: test docker hub 105 | run: | 106 | echo "::group::log in to docker.io and pull" 107 | echo "${{ secrets.DOCKERHUB_PASSWORD }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin 108 | docker pull $DOCKERHUB_TEST_IMAGE_NAME:${{ github.sha }} 109 | echo "::endgroup::" 110 | docker run -e REGISTRY=docker.io $DOCKERHUB_TEST_IMAGE_NAME:${{ github.sha }} 111 | 112 | - name: generate epoch time string for custom tag 113 | id: epoch-tag 114 | run: echo "EPOCH_TAG=$(date +%s)" >> $GITHUB_ENV 115 | 116 | - name: run ghcr.io with custom tag 117 | uses: ./ 118 | with: 119 | image_name: ${{ env.TEST_IMAGE_NAME }} 120 | registry: "ghcr.io" 121 | tags: ${{ env.EPOCH_TAG }} 122 | context: "./test-directory/tests/" 123 | target_directory: test-directory 124 | 125 | - name: test ghcr.io with custom tag 126 | run: | 127 | echo "::group::pull from ghcr.io" 128 | echo "pulling ghcr.io/$TEST_IMAGE_NAME:${{ env.EPOCH_TAG }}" 129 | docker pull ghcr.io/$TEST_IMAGE_NAME:${{ env.EPOCH_TAG }} 130 | echo "::endgroup::" 131 | docker run -e REGISTRY="ghcr.io with custom tag" ghcr.io/$TEST_IMAGE_NAME:${{ env.EPOCH_TAG }} 132 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # **NOTICE: This repo/action is no longer being maintained.** 2 | 3 | 4 | At GlueOps we have migrated towards using this manifest (see below) so that we can maintain flexibility per repository/image. If you are using GHCR.io as your registry this yaml should provide a drop in replacement: 5 | 6 | 7 | ``` 8 | name: Publish to GHCR.io 9 | 10 | on: [push] 11 | 12 | env: 13 | REGISTRY: ghcr.io 14 | IMAGE_NAME: ${{ github.repository }} 15 | 16 | jobs: 17 | build_tag_push_to_ghcr: 18 | runs-on: ubuntu-latest 19 | permissions: 20 | contents: read 21 | packages: write 22 | 23 | steps: 24 | - name: Checkout repository 25 | uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 26 | 27 | 28 | - name: Set up QEMU 29 | uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3 30 | 31 | - name: Setup Docker buildx 32 | uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 33 | 34 | - name: Log into registry ${{ env.REGISTRY }} 35 | uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 36 | with: 37 | registry: ${{ env.REGISTRY }} 38 | username: ${{ github.actor }} 39 | password: ${{ secrets.GITHUB_TOKEN }} 40 | 41 | - name: Extract Docker metadata 42 | id: meta 43 | uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1 44 | with: 45 | github-token: ${{ secrets.GITHUB_TOKEN }} 46 | images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} 47 | tags: | 48 | type=ref,event=branch,prefix= 49 | type=ref,event=tag,prefix= 50 | type=sha,format=short,prefix= 51 | type=sha,format=long,prefix= 52 | 53 | - name: Build and push Docker image 54 | id: build-and-push 55 | uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 56 | with: 57 | context: . 58 | push: ${{ github.event_name != 'pull_request' }} 59 | tags: ${{ steps.meta.outputs.tags }} 60 | labels: ${{ steps.meta.outputs.labels }} 61 | provenance: false 62 | cache-from: type=gha 63 | cache-to: type=gha,mode=max 64 | 65 | 66 | 67 | 68 | ``` 69 | 70 | 71 | 72 | 73 | 74 | ** END OF NOTICE ** 75 | 76 | 77 | 78 | # Custom Action to build and push Docker images to GitHub Container Registry (ghcr.io), Docker Hub (docker.io), and AWS ECR 79 | 80 | Automate your Docker image deployments effortlessly with this custom GitHub Action! 🚀💪 81 | Configure the event using the GitHub Actions `on:` clause to determine what triggers builds. 82 | This Action supports both public and private repositories for ghcr, docker, and ecr. 83 | The default registry is ghcr.io. 84 | 85 | ## 💡 Benefits 86 | 87 | ✅ Streamlined workflow: Say goodbye to tedious configuration and manual image deployments. 88 | 89 | ✅ Increased efficiency: Focus on developing and let the CI/CD pipeline handle image distribution. 90 | 91 | ✅ Seamless integration: simplifies container image management. 92 | 93 | ✅ Default Image Tagging: Out-of-the-box tagging with the below elements. The default tags can be overridden by passing in a comma-separated string of desired tags, e.g. "my-tag" or "my-tag-1,my-tag-2". Tags are generated with the [create-glueops-image-tags](https://github.com/marketplace/actions/create-glueops-image-tags) action. 94 | 95 | * `Target Reference:` Either Branch Name or Tag, depending upon the trigger context. 96 | * `Short SHA` 97 | * `SHA` 98 | 99 | ## 🛠️ How to Use 100 | 101 | For detailed usage instructions, refer to the [GlueOps Documentation](https://glueops.dev/docs/deploy-applications/deploy-hello-world-to-glueops#add-ci-to-publish-a-docker-image-to-github-container-registry). 102 | 103 | ### Example Configurations 104 | 105 | #### **GitHub Container Registry (ghcr.io)** 106 | 107 | ```yaml 108 | name: Build and Push Container to GitHub Container Registry 109 | 110 | on: 111 | pull_request: 112 | types: [opened, synchronize, reopened] 113 | 114 | jobs: 115 | build_and_push: 116 | runs-on: ubuntu-latest 117 | steps: 118 | - name: Build and Push Container to ghcr.io 119 | uses: GlueOps/github-actions-build-push-containers@v0.3.7 120 | ``` 121 | 122 | #### **Docker Hub (docker.io)** 123 | 124 | ```yaml 125 | name: Build and Push Container to Docker Hub 126 | 127 | on: 128 | pull_request: 129 | types: [opened, synchronize, reopened] 130 | 131 | jobs: 132 | build_and_push: 133 | runs-on: ubuntu-latest 134 | steps: 135 | - name: Build and Push Container to docker.io 136 | uses: GlueOps/github-actions-build-push-containers@v0.3.7 137 | with: 138 | registry: "docker.io" 139 | dockerhub_username: ${{ secrets.DOCKERHUB_USERNAME }} 140 | dockerhub_password: ${{ secrets.DOCKERHUB_PASSWORD }} 141 | ``` 142 | 143 | #### **AWS Elastic Container Registry (.dkr.ecr.) - with Access Keys** 144 | 145 | ```yaml 146 | name: Build and Push Container to ECR using Access Keys 147 | 148 | on: 149 | pull_request: 150 | types: [opened, synchronize, reopened] 151 | 152 | jobs: 153 | build_and_push: 154 | runs-on: ubuntu-latest 155 | steps: 156 | - name: Build and Push Container to ECR 157 | uses: GlueOps/github-actions-build-push-containers@v0.3.7 158 | with: 159 | registry: ".dkr.ecr..amazonaws.com" 160 | aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} 161 | aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} 162 | aws_default_region: ${{ env.AWS_REGION}} 163 | ``` 164 | 165 | #### **AWS Elastic Container Registry (.dkr.ecr.) - IAM Role** 166 | 167 | Note that additioanl workflow permissions are required to enable use of GitHub OIDC. Additional Documentation for configuration is available in the [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials#oidc) repository. 168 | 169 | ```yaml 170 | name: Build and Push Container to ECR using an IAM Role 171 | 172 | on: 173 | pull_request: 174 | types: [opened, synchronize, reopened] 175 | 176 | permissions: 177 | id-token: write 178 | contents: read # required because configuring permissions removes all permissions not declared 179 | 180 | jobs: 181 | build_and_push: 182 | runs-on: ubuntu-latest 183 | steps: 184 | - name: Build and Push Container to ECR 185 | uses: GlueOps/github-actions-build-push-containers@v0.3.7 186 | with: 187 | registry: ".dkr.ecr..amazonaws.com" 188 | aws_role_to_assume: ${{ secrets.AWS_ECR_ROLE_ARN }} 189 | aws_default_region: ${{ env.AWS_REGION}} 190 | ``` 191 | -------------------------------------------------------------------------------- /action.yml: -------------------------------------------------------------------------------- 1 | name: "Build Docker Image and Push to GHCR, Docker Hub, or AWS ECR" 2 | author: "@GlueOps" 3 | description: "Abstracts defining actions to push Docker images to desired registry, defaults to ghcr.io" 4 | branding: 5 | icon: 'box' 6 | color: 'yellow' 7 | 8 | 9 | 10 | inputs: 11 | # common inputs 12 | dockerfile: 13 | description: 'The Dockerfile filename' 14 | required: false 15 | default: 'Dockerfile' 16 | 17 | registry: 18 | description: 'The container registry to push the image to' 19 | required: true 20 | default: "ghcr.io" 21 | 22 | registry-username: 23 | description: 'The username for authentication to the container registry (defaults to the github.actor)' 24 | required: true 25 | default: ${{ github.actor }} 26 | 27 | image_name: 28 | description: 'Docker image is named after repository' 29 | required: true 30 | default: ${{ github.repository }} 31 | 32 | context: 33 | description: "A path to the context in which the build will happen, see https://docs.docker.com/engine/reference/commandline/build/" 34 | required: false 35 | default: "." 36 | 37 | target_directory: 38 | description: 'Directory to clone the repository into.' 39 | required: false 40 | default: "." 41 | 42 | tags: 43 | description: 'Comma-separate list of tags for built image. Defaults to GlueOps tags' 44 | required: false 45 | default: '' 46 | 47 | 48 | # ghcr 49 | github_token: 50 | description: "Personal Access Token (PAT) used to authenticate with the GitHub Container Registry." 51 | required: false 52 | default: ${{ github.token }} 53 | 54 | 55 | # ecr 56 | aws_access_key_id: 57 | description: 'AWS Access Key ID - to be used in conjunction with `aws_secret_access_key`' 58 | required: false 59 | 60 | aws_secret_access_key: 61 | description: 'AWS Secret Access Key - to be used in conjunction with `aws_access_key_id`' 62 | required: false 63 | 64 | aws_role_to_assume: 65 | description: 'AWS IAM Role to assume, when using the GitHub OIDC provider in conjunction with a configured AWS IAM Identity Provider endpoint and instead of access key / secret key pair' 66 | required: false 67 | 68 | aws_default_region: 69 | description: 'AWS Default Region' 70 | required: false 71 | default: "us-west-2" 72 | 73 | aws_cli_version: 74 | description: 'Version of AWS CLI to use' 75 | required: false 76 | default: "2.15.30" 77 | 78 | 79 | # docker hub 80 | dockerhub_username: 81 | description: 'Docker Hub Username' 82 | required: false 83 | 84 | dockerhub_password: 85 | description: 'Docker Hub Personal Access Token' 86 | required: false 87 | 88 | 89 | 90 | runs: 91 | using: "composite" 92 | steps: 93 | - name: Configure for AWS if using ECR 94 | shell: bash 95 | if: contains(inputs.registry, '.dkr.ecr.') 96 | run: | 97 | echo "::group::Installing AWS CLI..." 98 | curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-${{ inputs.aws_cli_version }}.zip" -o "awscliv2.zip" 99 | unzip -o awscliv2.zip 100 | sudo ./aws/install --update 101 | aws --version 102 | echo "::endgroup::" 103 | 104 | echo "::group::Setting AWS Credentials to Environment Variables" 105 | # set aws credentials as env vars 106 | if [[ -n "${{ inputs.aws_access_key_id }}" ]]; then 107 | echo "AWS_ACCESS_KEY_ID=${{ inputs.aws_access_key_id }}" >> $GITHUB_ENV 108 | fi 109 | if [[ -n "${{ inputs.aws_secret_access_key }}" ]]; then 110 | echo "AWS_SECRET_ACCESS_KEY=${{ inputs.aws_secret_access_key }}" >> $GITHUB_ENV 111 | fi 112 | if [[ -n "${{ inputs.aws_default_region }}" ]]; then 113 | echo "AWS_DEFAULT_REGION=${{ inputs.aws_default_region }}" >> $GITHUB_ENV 114 | fi 115 | echo "::endgroup::" 116 | 117 | - name: AWS Authentication - IAM Keys 118 | if: contains(inputs.registry, '.dkr.ecr.') && inputs.aws_access_key_id != '' && inputs.aws_secret_access_key != '' 119 | uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4 120 | with: 121 | aws-access-key-id: ${{ inputs.aws_access_key_id }} 122 | aws-secret-access-key: ${{ inputs.aws_secret_access_key }} 123 | aws-region: ${{ inputs.aws_default_region }} 124 | 125 | - name: AWS Authentication - AWS IAM Role via OIDC 126 | if: contains(inputs.registry, '.dkr.ecr.') && inputs.aws_role_to_assume != '' 127 | uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4 128 | with: 129 | role-to-assume: ${{ inputs.aws_role_to_assume }} 130 | aws-region: ${{ inputs.aws_default_region }} 131 | 132 | # https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry#authenticating-to-the-container-registry 133 | - name: Registry Authentication 134 | shell: bash 135 | run: | 136 | case "${{ inputs.registry }}" in 137 | "ghcr.io") 138 | echo "${{ inputs.github_token }}" | docker login ${{ inputs.registry }} -u ${{ github.actor }} --password-stdin 139 | ;; 140 | *".dkr.ecr."*) 141 | echo $(aws ecr get-login-password --region ${{ inputs.aws_default_region }}) \ 142 | | docker login --username AWS --password-stdin ${{ inputs.registry }} 143 | ;; 144 | "docker.io") 145 | echo "${{ inputs.dockerhub_password }}" | docker login -u "${{ inputs.dockerhub_username }}" --password-stdin 146 | ;; 147 | *) 148 | echo "Unsupported registry" 149 | exit 1 150 | ;; 151 | esac 152 | 153 | - name: Checkout 154 | uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 155 | with: 156 | ref: '' 157 | path: ${{ inputs.target_directory }} 158 | 159 | - name: Create GlueOps Tags 160 | if: inputs.tags == '' 161 | uses: Glueops/github-actions-create-container-tags@main 162 | id: create-tags 163 | 164 | - name: Build Container 165 | shell: bash 166 | env: 167 | DOCKER_BUILDKIT: '1' 168 | IMAGE_NAME: ${{ inputs.image_name }} 169 | 170 | run: | 171 | echo "::group::Set Tags" 172 | echo "Event payload: ${{ toJson(github.event_name) }}" 173 | 174 | # Get Tags 175 | TAGS="${{ inputs.tags }}" 176 | if [[ -z "$TAGS" ]]; then 177 | TAGS="${{ steps.create-tags.outputs.tags_csv }}" 178 | fi 179 | 180 | # Get Target Ref 181 | TARGET_REF="${{ steps.create-tags.outputs.clean_target_ref}}" 182 | if [[ -z "$TARGET_REF" ]]; then 183 | TARGET_REF="${TAGS%%,*}" 184 | fi 185 | 186 | echo "Using Tags: ${TAGS}" 187 | 188 | # convert the image name to lowercase 189 | export IMAGE_NAME=$(echo "${IMAGE_NAME}" | tr '[:upper:]' '[:lower:]') 190 | echo "::endgroup::" 191 | 192 | export BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") 193 | export GITHUB_URL=https://github.com/${{ github.repository }} 194 | 195 | IFS=',' read -ra ADDR <<< "$TAGS" 196 | DOCKER_TAGS="" 197 | for TAG in "${ADDR[@]}"; do 198 | DOCKER_TAGS="$DOCKER_TAGS -t ${{ inputs.registry }}/${IMAGE_NAME}:$TAG" 199 | done 200 | 201 | echo "::group::Building the Docker image as ${{ inputs.registry }}/${IMAGE_NAME}:${TARGET_REF} from ${{ inputs.dockerfile }} in ${{ inputs.context }} context ..." 202 | 203 | docker build \ 204 | --file "${{ inputs.context }}/${{ inputs.dockerfile }}" \ 205 | --cache-from "${{ inputs.registry }}/${IMAGE_NAME}:latest" \ 206 | --build-arg BUILDKIT_INLINE_CACHE=1 \ 207 | --build-arg BUILD_DATE="${BUILD_DATE}" \ 208 | --build-arg GITHUB_SHA="${GITHUB_SHA}" \ 209 | $DOCKER_TAGS \ 210 | --label "org.label-schema.build-date=${BUILD_DATE}" \ 211 | --label "org.label-schema.vcs-url=${GITHUB_URL}" \ 212 | --label "org.label-schema.vcs-ref=${GITHUB_SHA}" \ 213 | --label "org.opencontainers.image.created=${BUILD_DATE}" \ 214 | --label "org.opencontainers.image.source=${GITHUB_URL}" \ 215 | --label "org.opencontainers.image.revision=${GITHUB_SHA}" \ 216 | "${{ inputs.context }}" 217 | 218 | 219 | echo "::endgroup::" 220 | 221 | echo "::group::Inspecting the image ..." 222 | docker image ls 223 | 224 | 225 | echo "Labels:" 226 | docker image inspect "${{ inputs.registry }}/${IMAGE_NAME}:${TARGET_REF}" | jq '.[].Config.Labels' 227 | 228 | echo "Env variables:" 229 | docker image inspect "${{ inputs.registry }}/${IMAGE_NAME}:${TARGET_REF}" | jq '.[].Config.Env' 230 | 231 | echo "::endgroup::" 232 | 233 | echo "::group::Pushing the image to ${{ inputs.registry }} ..." 234 | docker push --all-tags "${{ inputs.registry }}/${IMAGE_NAME}" && echo "Pushed" 235 | echo "::endgroup::" 236 | --------------------------------------------------------------------------------