name: 'Docker' description: 'Build and publish docker images' inputs: docker-image: description: docker client image to use for building images default: "docker:latest" docker-args: description: "Extra arguments to pass to docker invocation" default: "" tag-prefix: description: "a prefix to add to all docker tags" tag-suffix: description: "a suffix to add to all docker tags" tag-commit-enable: description: "generate docker tags for git tag if present" default: "true" tag-commit-prefix: description: "a suffix to add to docker tags that were generated from commit sha" default: "commit-" tag-ref-slug-enable: description: "generate a tag from the git ref slug" default: "false" tag-ref-normalized-enable: description: "" default: "true" tag-semver-major: description: "" default: "true" tag-semver-minor: description: "" default: "true" tag-semver-patch: description: "" default: "true" additional-registry-destinations: description: "a list of --destination registry/orga/repo:tag strings, space separated" default: "" squash-layers: description: "" default: "true" additional-registries: description: "" default: "" add-ci-registry-auth: description: "" default: "true" add-ci-registry-target: description: "" default: "true" registry-auth-json: description: "" default: "" merge-registry-json: description: "" default: "true" push-tags: description: "" default: "true" docker-buildkit: description: "" default: "1" docker-multi-arch: description: "" default: "false" dockerfile: description: "Dockerfile used to build images" default: "Dockerfile" docker-context-dir: description: "${{ github.workspace }}" ci-registry-password: description: "password/token for default ci registry, should usually be set to secret value with ${{ secrets.someSecretName }} for gitea" default: "" required: false outputs: published-tags: description: "Published tags as csv" value: "" runs: using: "composite" steps: - name: "dummy step" shell: bash run: echo dummy step changed - name: add ci registry to targets shell: bash if: inputs.add-ci-registry-target == "true" run: | # TODO candidate for extraction to common information gathering role # extract base hostname from server url re="^(https)(:\/\/|@)([^\/:]+)[\/:]([^\/:]+)\/(.+)*$" if [[ $GITHUB_SERVER_URL =~ $re ]]; then CI_REGISTRY=${BASH_REMATCH[3]} else echo "Failed to extract hostname" exit 1 fi echo "CI_REGISTRY=$CI_REGISTRY" >> $GITHUB_ENV echo "extract CI_REGISTRY=$CI_REGISTRY" REGISTRY_TARGETS="$CI_REGISTRY/$GITHUB_REPOSITORY" echo "REGISTRY_TARGETS=$REGISTRY_TARGETS" >> $GITHUB_ENV echo "adding $CI_REGISTRY/$GITHUB_REPOSITORY to registry targets" - name: add additional registries shell: bash run: | IFS="," for REGISTRY in $ADDITIONAL_REGISTRIES; do # add ":" to registry paths missing it if [[ "$REGISTRY" != *":"* ]]; then REGISTRY="$REGISTRY:" fi echo "adding $REGISTRY to REGISTRY_TARGETS" REGISTRY_TARGETS="$REGISTRY_TARGETS,$REGISTRY" done IFS="$OLD_IFS" echo "REGISTRY_TARGETS=$REGISTRY_TARGETS" >> $GITHUB_ENV - name: add ci registry auth shell: bash if: inputs.add-ci-registry-auth == "true" run: | REGISTRY_AUTH_JSON="$REGISTRY_AUTH_JSON {\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n token:$CI_REGISTRY_PASSWORD | base64)\"}}}" echo "REGISTRY_AUTH_JSON=$REGISTRY_AUTH_JSON" >> $GITHUB_ENV - name: merge registry auth json shell: bash if: inputs.merge-registry-auth-json == "true" run: | if [[ ! -z "$REGISTRY_AUTH_JSON" ]]; then REGISTRY_AUTH_JSON=$(echo "$REGISTRY_AUTH_JSON" | jq --slurp 'reduce .[] as $item ({}; . * $item)') echo "REGISTRY_AUTH_JSON=$REGISTRY_AUTH_JSON" >> $GITHUB_ENV fi - name: generate registry auth json file shell: bash run: | if [[ ! -z "$REGISTRY_AUTH_JSON" ]]; then mkdir -p /root/.docker echo "$REGISTRY_AUTH_JSON" > /root/.docker/config.json fi - name: collect tags shell: bash run: | if [[ "$INPUT_TAG_COMMIT_ENABLE" == "true" ]]; then IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$TAG_COMMIT_PREFIX$CI_COMMIT_SHA$TAG_SUFFIX" fi # TODO extract semver vars from tag/branch, candidate for refactor to common info gathering action # add semver major tag if enabled and available, exclude "0" tag # add semver major.minor tag if enabled and available, exclude "0.0" tag # add semver major.minor.patch tag if enabled and available, exclude "0.0.0" tag if [[ "$TAG_SEMVER_MAJOR" == "true" ]] && [[ ! -z $SEMVER_MAJOR ]] && [[ "$SEMVER_MAJOR" != "0" ]]; then IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$SEMVER_MAJOR" TAG_REF_NORMALIZED_ENABLE=0 fi if [[ "$TAG_SEMVER_MINOR" == "true" ]] && [[ ! -z $SEMVER_MINOR ]] && [[ "$SEMVER_MAJOR_MINOR" != "0.0" ]]; then IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$SEMVER_MAJOR_MINOR" TAG_REF_NORMALIZED_ENABLE=0 fi if [[ "$TAG_SEMVER_PATCH" == "true" ]] && [[ ! -z $SEMVER_PATCH ]] && [[ "$SEMVER_MAJOR_MINOR_PATCH" != "0.0.0" ]]; then IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$SEMVER_MAJOR_MINOR_PATCH" TAG_REF_NORMALIZED_ENABLE=0 fi # add tag for reference if available using normalization # - dont add tag if semver tags were added # - attempt to build tag first # - attempt to build branch if not a PR (if not PR for extra security, variable description on drone unclear) echo "TAG_REF_NORMALIZED_ENABLE=$TAG_REF_NORMALIZED_ENABLE" if [[ "$TAG_REF_NORMALIZED_ENABLE" == "true" ]] && [[ ! -z $DRONE_TAG ]]; then echo "adding tag for tag" REF_TAG_NORMALIZED=$(echo $DRONE_TAG | sed s:/:-:g) IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$REF_TAG_NORMALIZED$TAG_SUFFIX" elif [[ "$TAG_REF_NORMALIZED_ENABLE" == "true" ]] && [[ -z "$DRONE_PULL_REQUEST" ]] && [[ ! -z $DRONE_BRANCH ]]; then echo "adding tag for branch" REF_TAG_NORMALIZED=$(echo $DRONE_BRANCH | sed s:/:-:g) IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$REF_TAG_NORMALIZED$TAG_SUFFIX" fi # prepare destinations by combining registries + tags echo "# preparing destinations:" IMAGE_DESTS="" IMAGE_DESTS_PUSH="" IFS="," for REGISTRY in $REGISTRY_TARGETS; do if [[ -z "$REGISTRY" ]]; then continue; fi for IMAGE_TAG in $IMAGE_TAGS; do if [[ -z "$IMAGE_TAG" ]]; then continue; fi echo "- $REGISTRY$IMAGE_TAG" IMAGE_DESTS="$IMAGE_DESTS --tag $REGISTRY$IMAGE_TAG" IMAGE_DESTS_PUSH="$IMAGE_DESTS_PUSH $REGISTRY$IMAGE_TAG" done done IMAGE_DESTS=$(echo $IMAGE_DESTS | xargs) IMAGE_DESTS_PUSH=$(echo $IMAGE_DESTS_PUSH | xargs) IFS="$OLD_IFS" echo "IMAGE_DESTS=$IMAGE_DESTS" >> $GITHUB_ENV echo "IMAGE_DESTS_PUSH=$IMAGE_DESTS_PUSH" >> $GITHUB_ENV - name: prepare docker args shell: bash run: | # prepare docker build args if [[ -z "$DOCKER_ARGS" ]]; then DOCKER_ARGS="" fi DOCKER_ARGS="$CONTEXT_DIR --file $DOCKERFILE $DOCKER_ARGS" if [[ "$SQUASH_LAYERS" == "true" ]]; then DOCKER_ARGS="$DOCKER_ARGS --squash" fi if [[ -z "$IMAGE_DESTS" ]]; then DOCKER_ARGS="$DOCKER_ARGS $IMAGE_DESTS" fi if [[ -z "$ADDITIONAL_REGISTRY_DESTINATIONS" ]]; then DOCKER_ARGS="$DOCKER_ARGS $ADDITIONAL_REGISTRY_DESTINATIONS" fi echo "DOCKER_ARGS=$DOCKER_ARGS" >> $GITHUB_ENV - name: debug print env shell: bash run: | echo "printing env" env