263 lines
8.0 KiB
YAML
263 lines
8.0 KiB
YAML
name: 'Docker'
|
|
description: 'Build and publish docker images'
|
|
|
|
inputs:
|
|
docker-image:
|
|
description: docker client image to use for building images
|
|
default: "docker:latest"
|
|
|
|
docker-args:
|
|
description: "Extra arguments to pass to docker invocation"
|
|
default: ""
|
|
|
|
tag-prefix:
|
|
description: "a prefix to add to all docker tags"
|
|
|
|
tag-suffix:
|
|
description: "a suffix to add to all docker tags"
|
|
|
|
tag-commit-enable:
|
|
description: "generate docker tags for git tag if present"
|
|
default: "true"
|
|
|
|
tag-commit-prefix:
|
|
description: "a suffix to add to docker tags that were generated from commit sha"
|
|
default: "commit-"
|
|
|
|
tag-ref-slug-enable:
|
|
description: "generate a tag from the git ref slug"
|
|
default: "false"
|
|
|
|
tag-ref-normalized-enable:
|
|
description: ""
|
|
default: "true"
|
|
|
|
tag-semver-major:
|
|
description: ""
|
|
default: "true"
|
|
|
|
tag-semver-minor:
|
|
description: ""
|
|
default: "true"
|
|
|
|
tag-semver-patch:
|
|
description: ""
|
|
default: "true"
|
|
|
|
additional-registry-destinations:
|
|
description: "a list of --destination registry/orga/repo:tag strings, space separated"
|
|
default: ""
|
|
|
|
squash-layers:
|
|
description: ""
|
|
default: "true"
|
|
|
|
additional-registries:
|
|
description: ""
|
|
default: ""
|
|
|
|
add-ci-registry-auth:
|
|
description: ""
|
|
default: "true"
|
|
|
|
add-ci-registry-target:
|
|
description: ""
|
|
default: "true"
|
|
|
|
registry-auth-json:
|
|
description: ""
|
|
default: ""
|
|
|
|
merge-registry-json:
|
|
description: ""
|
|
default: "true"
|
|
|
|
debug-step:
|
|
description: ""
|
|
default: "false"
|
|
|
|
push-tags:
|
|
description: ""
|
|
default: "true"
|
|
|
|
docker-buildkit:
|
|
description: ""
|
|
default: "1"
|
|
|
|
docker-multi-arch:
|
|
description: ""
|
|
default: "false"
|
|
|
|
dockerfile:
|
|
description: "Dockerfile used to build images"
|
|
default: "Dockerfile"
|
|
|
|
docker-context-dir:
|
|
description: "${{ github.workspace }}"
|
|
|
|
ci-registry-password:
|
|
description: "password/token for default ci registry, should usually be set to secret value with ${{ secrets.someSecretName }} for gitea"
|
|
default: ""
|
|
required: false
|
|
|
|
outputs:
|
|
published-tags:
|
|
description: "Published tags as csv"
|
|
value: ""
|
|
|
|
runs:
|
|
using: "composite"
|
|
steps:
|
|
- name: "dummy step"
|
|
shell: bash
|
|
run: echo dummy step
|
|
|
|
- name: add ci registry to targets
|
|
shell: bash
|
|
if: ${{ inputs.add-ci-registry-target }} == "true"
|
|
run: |
|
|
# TODO candidate for extraction to common information gathering role
|
|
# extract base hostname from server url
|
|
re="^(https)(:\/\/|@)([^\/:]+)[\/:]([^\/:]+)\/(.+)*$"
|
|
if [[ $GITHUB_SERVER_URL =~ $re ]]; then
|
|
CI_REGISTRY=${BASH_REMATCH[3]}
|
|
else
|
|
echo "Failed to extract hostname"
|
|
exit 1
|
|
fi
|
|
|
|
echo "CI_REGISTRY=$CI_REGISTRY" >> $GITHUB_ENV
|
|
|
|
REGISTRY_TARGETS="$CI_REGISTRY/$GITHUB_REPOSITORY"
|
|
echo "REGISTRY_TARGETS=$REGISTRY_TARGETS" >> $GITHUB_ENV
|
|
|
|
- name: add additional registries
|
|
shell: bash
|
|
run: |
|
|
IFS=","
|
|
for REGISTRY in $ADDITIONAL_REGISTRIES; do
|
|
# add ":" to registry paths missing it
|
|
if [[ "$REGISTRY" != *":"* ]]; then
|
|
REGISTRY="$REGISTRY:"
|
|
fi
|
|
|
|
debug_log "adding $REGISTRY to REGISTRY_TARGETS"
|
|
|
|
REGISTRY_TARGETS="$REGISTRY_TARGETS,$REGISTRY"
|
|
done
|
|
IFS="$OLD_IFS"
|
|
|
|
echo "REGISTRY_TARGETS=$REGISTRY_TARGETS" >> $GITHUB_ENV
|
|
|
|
- name: add ci registry auth
|
|
shell: bash
|
|
if: ${{ inputs.add-ci-registry-auth }} == "true"
|
|
run: |
|
|
REGISTRY_AUTH_JSON="$REGISTRY_AUTH_JSON {\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n token:$CI_REGISTRY_PASSWORD | base64)\"}}}"
|
|
echo "REGISTRY_AUTH_JSON=$REGISTRY_AUTH_JSON" >> $GITHUB_ENV
|
|
|
|
- name: merge registry auth json
|
|
shell: bash
|
|
if: ${{ inputs.merge-registry-auth-json }} == "true"
|
|
run: |
|
|
if [[ ! -z "$REGISTRY_AUTH_JSON" ]]; then
|
|
REGISTRY_AUTH_JSON=$(echo "$REGISTRY_AUTH_JSON" | jq --slurp 'reduce .[] as $item ({}; . * $item)')
|
|
echo "REGISTRY_AUTH_JSON=$REGISTRY_AUTH_JSON" >> $GITHUB_ENV
|
|
fi
|
|
|
|
- name: generate registry auth json file
|
|
shell: bash
|
|
run: |
|
|
if [[ ! -z "$REGISTRY_AUTH_JSON" ]]; then
|
|
mkdir -p /root/.docker
|
|
echo "$REGISTRY_AUTH_JSON" > /root/.docker/config.json
|
|
fi
|
|
|
|
- name: collect tags
|
|
shell: bash
|
|
run: |
|
|
if [[ "$INPUT_TAG_COMMIT_ENABLE" == "true" ]]; then
|
|
IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$TAG_COMMIT_PREFIX$CI_COMMIT_SHA$TAG_SUFFIX"
|
|
fi
|
|
|
|
# TODO extract semver vars from tag/branch, candidate for refactor to common info gathering action
|
|
# add semver major tag if enabled and available, exclude "0" tag
|
|
# add semver major.minor tag if enabled and available, exclude "0.0" tag
|
|
# add semver major.minor.patch tag if enabled and available, exclude "0.0.0" tag
|
|
if [[ "$TAG_SEMVER_MAJOR" == "true" ]] && [[ ! -z $SEMVER_MAJOR ]] && [[ "$SEMVER_MAJOR" != "0" ]]; then
|
|
IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$SEMVER_MAJOR"
|
|
TAG_REF_NORMALIZED_ENABLE=0
|
|
fi
|
|
if [[ "$TAG_SEMVER_MINOR" == "true" ]] && [[ ! -z $SEMVER_MINOR ]] && [[ "$SEMVER_MAJOR_MINOR" != "0.0" ]]; then
|
|
IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$SEMVER_MAJOR_MINOR"
|
|
TAG_REF_NORMALIZED_ENABLE=0
|
|
fi
|
|
if [[ "$TAG_SEMVER_PATCH" == "true" ]] && [[ ! -z $SEMVER_PATCH ]] && [[ "$SEMVER_MAJOR_MINOR_PATCH" != "0.0.0" ]]; then
|
|
IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$SEMVER_MAJOR_MINOR_PATCH"
|
|
TAG_REF_NORMALIZED_ENABLE=0
|
|
fi
|
|
|
|
# add tag for reference if available using normalization
|
|
# - dont add tag if semver tags were added
|
|
# - attempt to build tag first
|
|
# - attempt to build branch if not a PR (if not PR for extra security, variable description on drone unclear)
|
|
echo "TAG_REF_NORMALIZED_ENABLE=$TAG_REF_NORMALIZED_ENABLE"
|
|
if [[ "$TAG_REF_NORMALIZED_ENABLE" == "true" ]] && [[ ! -z $DRONE_TAG ]]; then
|
|
echo "adding tag for tag"
|
|
REF_TAG_NORMALIZED=$(echo $DRONE_TAG | sed s:/:-:g)
|
|
IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$REF_TAG_NORMALIZED$TAG_SUFFIX"
|
|
elif [[ "$TAG_REF_NORMALIZED_ENABLE" == "true" ]] && [[ -z "$DRONE_PULL_REQUEST" ]] && [[ ! -z $DRONE_BRANCH ]]; then
|
|
echo "adding tag for branch"
|
|
REF_TAG_NORMALIZED=$(echo $DRONE_BRANCH | sed s:/:-:g)
|
|
IMAGE_TAGS="$IMAGE_TAGS,$TAG_PREFIX$REF_TAG_NORMALIZED$TAG_SUFFIX"
|
|
fi
|
|
|
|
# prepare destinations by combining registries + tags
|
|
echo "# preparing destinations:"
|
|
IMAGE_DESTS=""
|
|
IMAGE_DESTS_PUSH=""
|
|
IFS=","
|
|
for REGISTRY in $REGISTRY_TARGETS; do
|
|
if [[ -z "$REGISTRY" ]]; then continue; fi
|
|
|
|
for IMAGE_TAG in $IMAGE_TAGS; do
|
|
if [[ -z "$IMAGE_TAG" ]]; then continue; fi
|
|
echo "- $REGISTRY$IMAGE_TAG"
|
|
IMAGE_DESTS="$IMAGE_DESTS --tag $REGISTRY$IMAGE_TAG"
|
|
IMAGE_DESTS_PUSH="$IMAGE_DESTS_PUSH $REGISTRY$IMAGE_TAG"
|
|
done
|
|
done
|
|
IMAGE_DESTS=$(echo $IMAGE_DESTS | xargs)
|
|
IMAGE_DESTS_PUSH=$(echo $IMAGE_DESTS_PUSH | xargs)
|
|
IFS="$OLD_IFS"
|
|
|
|
echo "IMAGE_DESTS=$IMAGE_DESTS" >> $GITHUB_ENV
|
|
echo "IMAGE_DESTS_PUSH=$IMAGE_DESTS_PUSH" >> $GITHUB_ENV
|
|
|
|
- name: prepare docker args
|
|
shell: bash
|
|
run: |
|
|
# prepare docker build args
|
|
if [[ -z "$DOCKER_ARGS" ]]; then
|
|
DOCKER_ARGS=""
|
|
fi
|
|
DOCKER_ARGS="$CONTEXT_DIR --file $DOCKERFILE $DOCKER_ARGS"
|
|
|
|
if [[ "$SQUASH_LAYERS" == "true" ]]; then
|
|
DOCKER_ARGS="$DOCKER_ARGS --squash"
|
|
fi
|
|
if [[ -z "$IMAGE_DESTS" ]]; then
|
|
DOCKER_ARGS="$DOCKER_ARGS $IMAGE_DESTS"
|
|
fi
|
|
if [[ -z "$ADDITIONAL_REGISTRY_DESTINATIONS" ]]; then
|
|
DOCKER_ARGS="$DOCKER_ARGS $ADDITIONAL_REGISTRY_DESTINATIONS"
|
|
fi
|
|
|
|
echo "DOCKER_ARGS=$DOCKER_ARGS" >> $GITHUB_ENV
|
|
|
|
- name: debug print env
|
|
shell: bash
|
|
run: |
|
|
echo "printing env"
|
|
env
|
|
|