on: repository_dispatch: workflow_dispatch: workflow_run: workflows: ["release"] types: - completed - requested name: Publish Docker Image (new) jobs: build: name: Build and test Docker images runs-on: ubuntu-latest services: registry: image: registry:2 ports: - 5000:5000 # this is needed because we restart the docker daemon for experimental # support options: "--restart always" env: # Export environment variables for all stages. DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} DOCKER_DEPLOY_IMAGES: true # //TEMP replace with correct repo once we are happy with tags DOCKER_REPO: lycheeverse/lychee-dev DOCKER_PLATFORMS: linux/amd64,linux/arm64/v8 steps: - name: Checkout code uses: actions/checkout@v2 # Enable docker daemon experimental support (for 'pull --platform'). - name: Enable experimental support run: | config='/etc/docker/daemon.json' if [[ -e "$config" ]]; then sudo sed -i -e 's/{/{ "experimental": true, /' "$config" else echo '{ "experimental": true }' | sudo tee "$config" fi sudo systemctl restart docker - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx (local builds) uses: docker/setup-buildx-action@v1 with: driver-opts: network=host - name: Set up env vars run: | set -vx # Export environment variable for later stages. if echo "$GITHUB_REF" | grep -q '^refs/heads/'; then # Pushes to (master) branch - deploy 'latest'. echo "TAG=latest" >> $GITHUB_ENV elif echo "$GITHUB_REF" | grep -q '^refs/tags/'; then # Pushes tag - deploy tag name. echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV else # Use commit SHA for PR echo "TAG=${GITHUB_SHA::8}" >> $GITHUB_ENV fi - name: Build and push to local registry uses: docker/build-push-action@v2 with: context: . file: Dockerfile-CI.Dockerfile platforms: ${{ env.DOCKER_PLATFORMS }} push: true tags: localhost:5000/${{ env.DOCKER_REPO }}:${{ env.TAG }} - name: Test docker images locally run: | for platform in ${DOCKER_PLATFORMS/,/ }; do image="localhost:5000/${DOCKER_REPO}:${TAG}" msg="Testing docker image $image on platform $platform" line="${msg//?/=}" printf "\n${line}\n${msg}\n${line}\n" docker pull -q --platform "$platform" "$image" echo -n "Image architecture: " docker run --platform "$platform" --rm --entrypoint /bin/sh "$image" -c 'uname -m' version=$(docker run --platform "$platform" --rm "$image" --version) echo "lychee version: $version" if [[ $TAG != "latest" ]] && [[ $TAG != "$version" ]] && ! echo "$version" | grep -q "$TAG"; then echo "Version mismatch: lychee $version tagged as $TAG" exit 1 fi done - name: Check GitHub settings if: > github.event_name == 'push' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')) && github.repository == 'lycheeverse/lychee' run: | missing=() [[ -n "${{ secrets.DOCKER_USERNAME }}" ]] || missing+=(DOCKER_USERNAME) [[ -n "${{ secrets.DOCKER_PASSWORD }}" ]] || missing+=(DOCKER_PASSWORD) for i in "${missing[@]}"; do echo "Missing github secret: $i" done (( ${#missing[@]} == 0 )) || exit 1 echo "DOCKER_DEPLOY_IMAGES=true" >> $GITHUB_ENV - name: Login to DockerHub if: ${{ env.DOCKER_DEPLOY_IMAGES == 'true' }} uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Push images to DockerHub if: ${{ env.DOCKER_DEPLOY_IMAGES == 'true' }} run: | image_src="${DOCKER_REPO}:${TAG}" image_dst="${{ env.DOCKER_REPO }}:${TAG}" msg="Copy multi-arch docker images to DockerHub ($image)" line="${msg//?/=}" printf "\n${line}\n${msg}\n${line}\n" skopeo copy --all --src-tls-verify=0 docker://localhost:5000/$image_src docker://docker.io/$image_dst