name: 'Docker' description: 'Build and publish docker images' inputs: docker_image: description: docker client image to use for building images default: "docker:latest" docker_args: description: "Extra arguments to pass to docker invocation" default: "" tag_prefix: description: "a prefix to add to all docker tags" tag_suffix: description: "a suffix to add to all docker tags" tag_commit_enable: description: "generate docker tags for git tag if present" default: "true" tag_commit_prefix: description: "a suffix to add to docker tags that were generated from commit sha" default: "commit-" tag_ref_slug_enable: description: "generate a tag from the git ref slug" default: "false" tag_ref_normalized_enable: description: "" default: "true" tag_semver_major: description: "" default: "true" tag_semver_minor: description: "" default: "true" tag_semver_patch: description: "" default: "true" additional_registry_destinations: description: "a list of --destination registry/orga/repo:tag strings, space separated" default: "" squash_layers: description: "" default: "true" additional_registries: description: "" default: "" add_ci_registry_auth: description: "" default: "true" add_ci_registry_target: description: "" default: "true" registry_auth_json: description: "" default: "" merge_registry_json: description: "" default: "true" push_tags: description: "" default: "true" docker_buildkit: description: "" default: "1" docker_multiarch: description: "if set to true use linux/amd64,linux/arm64, otherwise specifiy arch list manually" default: "false" dockerfile: description: "Dockerfile used to build images" default: "Dockerfile" docker_context_dir: description: "${{ github.workspace }}" ci_registry_password: description: "password/token for default ci registry, should usually be set to secret value with ${{ secrets.someSecretName }} for gitea" default: "" required: false outputs: published_tags: description: "Published tags as csv" value: "" runs: using: "composite" steps: - id: information uses: https://gitea.dhswt.de/actions/information@master - name: add ci registry to targets shell: bash if: inputs.add_ci_registry_target == 'true' run: | CI_REGISTRY="${{ steps.information.outputs.ci_hostname }}" echo "CI_REGISTRY=$CI_REGISTRY" >> $GITHUB_ENV echo "::debug::using CI_REGISTRY=$CI_REGISTRY" REGISTRY_TARGETS="$CI_REGISTRY/$GITHUB_REPOSITORY:" # needs to have : suffix echo "REGISTRY_TARGETS=$REGISTRY_TARGETS" >> $GITHUB_ENV echo "::debug::adding $CI_REGISTRY/$GITHUB_REPOSITORY to registry targets" - name: add additional registries shell: bash run: | IFS="," for REGISTRY in $INPUT_ADDITIONAL_REGISTRIES; do # add ":" to registry paths missing it if [[ "$REGISTRY" != *":"* ]]; then REGISTRY="$REGISTRY:" fi echo "::debug::adding $REGISTRY to REGISTRY_TARGETS" REGISTRY_TARGETS="$REGISTRY_TARGETS,$REGISTRY" done IFS="$OLD_IFS" echo "::debug::REGISTRY_TARGETS=$REGISTRY_TARGETS" >> $GITHUB_ENV - name: add ci registry auth shell: bash if: inputs.add_ci_registry_auth == 'true' run: | REGISTRY_AUTH_JSON="$REGISTRY_AUTH_JSON {\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n token:$CI_REGISTRY_PASSWORD | base64)\"}}}" echo "REGISTRY_AUTH_JSON=$REGISTRY_AUTH_JSON" >> $GITHUB_ENV - name: merge registry auth json shell: bash if: inputs.merge_registry_auth_json == 'true' run: | if [[ ! -z "$REGISTRY_AUTH_JSON" ]]; then REGISTRY_AUTH_JSON=$(echo "$REGISTRY_AUTH_JSON" | jq --slurp 'reduce .[] as $item ({}; . * $item)') echo "REGISTRY_AUTH_JSON=$REGISTRY_AUTH_JSON" >> $GITHUB_ENV fi - name: generate registry auth json file shell: bash run: | if [[ ! -z "$REGISTRY_AUTH_JSON" ]]; then mkdir -p /home/runner/.docker echo "$REGISTRY_AUTH_JSON" > /home/runner/.docker/config.json fi - name: collect tags shell: bash run: | if [[ "$INPUT_TAG_COMMIT_ENABLE" == "true" ]]; then IMAGE_TAGS="$IMAGE_TAGS,$INPUT_TAG_PREFIX$INPUT_TAG_COMMIT_PREFIX$GITHUB_SHA$INPUT_TAG_SUFFIX" fi # TODO extract semver vars from tag/branch, candidate for refactor to common info gathering action # add semver major tag if enabled and available, exclude "0" tag # add semver major.minor tag if enabled and available, exclude "0.0" tag # add semver major.minor.patch tag if enabled and available, exclude "0.0.0" tag if [[ "$INPUT_TAG_SEMVER_MAJOR" == "true" ]] && [[ ! -z $SEMVER_MAJOR ]] && [[ "$SEMVER_MAJOR" != "0" ]]; then IMAGE_TAGS="$IMAGE_TAGS,$INPUT_TAG_PREFIX$SEMVER_MAJOR" TAG_REF_NORMALIZED_ENABLE=0 fi if [[ "$INPUT_TAG_SEMVER_MINOR" == "true" ]] && [[ ! -z $SEMVER_MINOR ]] && [[ "$SEMVER_MAJOR_MINOR" != "0.0" ]]; then IMAGE_TAGS="$IMAGE_TAGS,$INPUT_TAG_PREFIX$SEMVER_MAJOR_MINOR" TAG_REF_NORMALIZED_ENABLE=0 fi if [[ "$INPUT_TAG_SEMVER_PATCH" == "true" ]] && [[ ! -z $SEMVER_PATCH ]] && [[ "$SEMVER_MAJOR_MINOR_PATCH" != "0.0.0" ]]; then IMAGE_TAGS="$IMAGE_TAGS,$INPUT_TAG_PREFIX$SEMVER_MAJOR_MINOR_PATCH" TAG_REF_NORMALIZED_ENABLE=0 fi # add tag for reference if available using normalization # - dont add tag if semver tags were added # - attempt to build tag first # - attempt to build branch if not a PR (if not PR for extra security, variable description on drone unclear) if [[ "$INPUT_TAG_REF_NORMALIZED_ENABLE" == "true" ]] && [[ ! -z $DRONE_TAG ]]; then echo "::debug::adding docker tag for git tag" REF_TAG_NORMALIZED=$(echo $DRONE_TAG | sed s:/:-:g) IMAGE_TAGS="$IMAGE_TAGS,$INPUT_TAG_PREFIX$REF_TAG_NORMALIZED$INPUT_TAG_SUFFIX" elif [[ "$INPUT_TAG_REF_NORMALIZED_ENABLE" == "true" ]] && [[ -z "$DRONE_PULL_REQUEST" ]] && [[ ! -z $DRONE_BRANCH ]]; then echo "adding tag for branch" REF_TAG_NORMALIZED=$(echo $DRONE_BRANCH | sed s:/:-:g) IMAGE_TAGS="$IMAGE_TAGS,$INPUT_TAG_PREFIX$REF_TAG_NORMALIZED$INPUT_TAG_SUFFIX" fi # prepare destinations by combining registries + tags echo "# preparing destinations:" IMAGE_DESTS="" IMAGE_DESTS_PUSH="" IFS="," for REGISTRY in $REGISTRY_TARGETS; do if [[ -z "$REGISTRY" ]]; then continue; fi for IMAGE_TAG in $IMAGE_TAGS; do if [[ -z "$IMAGE_TAG" ]]; then continue; fi echo "::debug::- $REGISTRY$IMAGE_TAG" IMAGE_DESTS="$IMAGE_DESTS --tag $REGISTRY$IMAGE_TAG" IMAGE_DESTS_PUSH="$IMAGE_DESTS_PUSH $REGISTRY$IMAGE_TAG" done done IMAGE_DESTS=$(echo $IMAGE_DESTS | xargs) IMAGE_DESTS_PUSH=$(echo $IMAGE_DESTS_PUSH | xargs) IFS="$OLD_IFS" echo "IMAGE_DESTS=$IMAGE_DESTS" >> $GITHUB_ENV echo "IMAGE_DESTS_PUSH=$IMAGE_DESTS_PUSH" >> $GITHUB_ENV - name: prepare docker args shell: bash run: | # prepare docker build args if [[ -z "$DOCKER_ARGS" ]]; then DOCKER_ARGS="" fi DOCKER_ARGS="$INPUT_CONTEXT_DIR --file $INPUT_DOCKERFILE $INPUT_DOCKER_ARGS $DOCKER_ARGS" if [[ "$INPUT_SQUASH_LAYERS" == "true" ]]; then DOCKER_ARGS="$DOCKER_ARGS --squash" fi if [[ ! -z "$IMAGE_DESTS" ]]; then DOCKER_ARGS="$DOCKER_ARGS $IMAGE_DESTS" fi if [[ ! -z "$INPUT_ADDITIONAL_REGISTRY_DESTINATIONS" ]]; then DOCKER_ARGS="$DOCKER_ARGS $INPUT_ADDITIONAL_REGISTRY_DESTINATIONS" fi echo "DOCKER_ARGS=$DOCKER_ARGS" >> $GITHUB_ENV echo "::debug:: DOCKER_ARGS=$DOCKER_ARGS" - name: debug print env shell: bash run: | echo "::debug::printing env" echo "::debug:: $(env)"