Merge pull request #680 from darrenvechain/enable-custom-ghcr-images

feat: publish docker images across different scenarios
vechain · Mar 25, 2024 · 0848268 · 0848268
2 parents e42227b + db68a5f
commit 0848268
Show file tree

Hide file tree

Showing 9 changed files with 217 additions and 106 deletions.
diff --git a/.github/workflows/lint-go.yaml b/.github/workflows/lint-go.yaml
@@ -1,10 +1,7 @@
 name: Lint
 
 on:
-  push:
-    branches:
-      - master
-  pull_request:
+  workflow_call:
 
 permissions:
   contents: read

diff --git a/.github/workflows/on-master-commit.yaml b/.github/workflows/on-master-commit.yaml
@@ -0,0 +1,48 @@
+name: Master branch CI
+
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  run-unit-tests:
+    name: Run Unit Tests
+    uses: ./.github/workflows/test.yaml
+
+  lint:
+    name: Lint
+    uses: ./.github/workflows/lint-go.yaml
+
+  generate-tags:
+    name: Generate Docker Tags
+    runs-on: ubuntu-latest
+    outputs:
+      tag_date: ${{ steps.tag_date.outputs.tag_date }}
+      short_sha: ${{ steps.short_sha.outputs.short_sha }}
+    steps:
+      - name: Generate Tag Date
+        id: tag_date
+        run: echo "tag_date=$(date +'%Y%m%d')" >> "$GITHUB_OUTPUT"
+      - name: Generate Short SHA
+        id: short_sha
+        run: echo "short_sha=$(echo $GITHUB_SHA | cut -c1-7)" >> "$GITHUB_OUTPUT"
+
+  publish-docker-image:
+    name: Publish Docker Image
+    uses: ./.github/workflows/publish-docker-images.yaml
+    secrets: inherit
+    needs:
+      - run-unit-tests
+      - generate-tags
+      - lint
+    permissions:
+      contents: read
+      packages: write
+    with:
+      images: |
+        ghcr.io/${{ github.repository }}
+      # eg: master-20240321-7d8e9f2
+      tags: |
+        type=raw,value=master-${{ needs.generate-tags.outputs.tag_date }}-${{ needs.generate-tags.outputs.short_sha }}
+        type=raw,value=master-latest
diff --git a/.github/workflows/on-pre-release.yaml b/.github/workflows/on-pre-release.yaml
@@ -0,0 +1,28 @@
+name: Pre-Release CI
+
+on:
+  release:
+    types:
+      - prereleased
+
+jobs:
+  run-unit-tests:
+    name: Run Unit Tests
+    uses: ./.github/workflows/test.yaml
+
+  publish-docker-image:
+    name: Publish Pre-Release Docker Image
+    uses: ./.github/workflows/publish-docker-images.yaml
+    secrets: inherit
+    needs:
+      - run-unit-tests
+    permissions:
+      contents: read
+      packages: write
+    with:
+      environment: docker-publish
+      images: |
+        ${{ github.repository }}
+        ghcr.io/${{ github.repository }}
+      tags: |
+        type=raw,value=${{ github.event.release.tag_name }}
diff --git a/.github/workflows/on-pull-request.yaml b/.github/workflows/on-pull-request.yaml
@@ -0,0 +1,30 @@
+name: Pull Request CI
+
+on:
+  pull_request:
+    branches:
+      - master
+
+jobs:
+
+  run-unit-tests:
+    name: Run Unit Tests
+    uses: ./.github/workflows/test.yaml
+
+  lint:
+    name: Lint
+    uses: ./.github/workflows/lint-go.yaml
+
+  # This doesn't publish the image, it just tests the publishing workflow (build the image / tags / labels)
+  test-docker-publish:
+    name: Test Docker Publish
+    uses: ./.github/workflows/publish-docker-images.yaml
+    secrets: inherit
+    permissions:
+      contents: read
+      packages: write
+    with:
+      images: |
+        ghcr.io/${{ github.repository }}
+      tags: |
+        type=raw,value=${{ github.ref }}-${{ github.sha }}
diff --git a/.github/workflows/on-release.yaml b/.github/workflows/on-release.yaml
@@ -0,0 +1,30 @@
+name: Release CI
+
+on:
+  release:
+    types:
+      - released
+
+jobs:
+
+  run-unit-tests:
+    name: Run Unit Tests
+    uses: ./.github/workflows/test.yaml
+
+  publish-docker-image:
+    name: Publish Docker Image
+    uses: ./.github/workflows/publish-docker-images.yaml
+    secrets: inherit
+    needs:
+      - run-unit-tests
+    permissions:
+      contents: read
+      packages: write
+    with:
+      environment: docker-publish
+      images: |
+        ${{ github.repository }}
+        ghcr.io/${{ github.repository }}
+      tags: |
+        type=raw,value=${{ github.event.release.tag_name }}
+        type=raw,value=latest
diff --git a/.github/workflows/publish-docker-images.yaml b/.github/workflows/publish-docker-images.yaml
@@ -0,0 +1,73 @@
+name: Publish Docker Image
+
+on:
+  workflow_call:
+    inputs:
+      environment:
+        type: string
+        required: false
+        description: 'The environment to publish the Docker image to.'
+      tags:
+        type: string
+        required: true
+        description: 'The tags to apply to the Docker image.'
+      images:
+        type: string
+        required: true
+        description: 'The images to publish'
+  workflow_dispatch:
+
+jobs:
+  build-and-push-image:
+    name: Build and Push Docker Image
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      packages: write
+
+    environment: ${{ inputs.environment }}
+    steps:
+
+      - name: Checkout Repo
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        # Only log in to Docker Hub if the event is a release
+        if: ${{ inputs.environment == 'docker-publish' }}
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          # default to ghcr.io for workflow_dispatch
+          images: ${{ inputs.images || format('ghcr.io/{0}', github.repository) }}
+          # use the branch + sha if workflow_dispatch
+          tags: ${{ inputs.tags || format('type=raw,value={0}-{1}', github.ref, github.sha) }}
+
+      - name: Push to Registry(s)
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: ${{ github.event_name != 'pull_request' }}
+          provenance: false
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/release-docker.yaml b/.github/workflows/release-docker.yaml
diff --git a/.github/workflows/test-docker-build.yaml b/.github/workflows/test-docker-build.yaml
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -1,14 +1,7 @@
 name: Unit Tests
 
-on: 
-  push:
-    branches:
-      - 'master'
-      - 'master-*'
-
-  pull_request:
-    branches:
-      - master
+on:
+  workflow_call:
 
 jobs:
   unit_tests:
@@ -18,9 +11,9 @@ jobs:
         os: [ubuntu-latest, macos-latest, windows-latest]
         include:
           - go-version: 1.19.x
-            os: ubuntu-latest 
+            os: ubuntu-latest
           - go-version: 1.20.x
-            os: ubuntu-latest 
+            os: ubuntu-latest
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout code
@@ -33,11 +26,11 @@ jobs:
 
       - name: Make all
         run: make all
-      
+
       - name: Make Test
         id: unit-test
         run: make test
-      
+
       - name: Post To Slack
         if: always()  && github.ref == 'refs/heads/master' && (steps.unit-test.outcome == 'failure')
         uses: slackapi/[email protected]
@@ -52,7 +45,7 @@ jobs:
         env:
           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
   test_coverage:
-    runs-on: ubuntu-latest 
+    runs-on: ubuntu-latest
     steps:
       - name: Checkout code
         uses: actions/checkout@v3