1
0
mirror of https://github.com/pypa/gh-action-pypi-publish synced 2024-11-30 21:22:28 +08:00
gh-action-pypi-publish/.github/workflows/build-and-push-docker-image.yml
Brendon Smith f81cd95ad9
Tag Docker images with Git SHA
PR https://github.com/pypa/gh-action-pypi-publish/pull/230 updated the
action to pull Docker images from GHCR instead of building Docker images
each time the workflow runs. As part of this PR, a new GitHub Actions
workflow was added that builds Docker images and pushes them to GitHub
Container Registry (GHCR).

Actions can be referenced in various ways. The Docker build workflow
covers most of the action references, but does not push Docker images
tagged with the Git commit ID (Git SHA).

This commit will add Docker tags for referencing the action with a Git
SHA. GitHub Actions only supports references by the full 40 character
SHA. If users try to reference the action by a short SHA like `1234567`,
they will get an error like, "Unable to resolve action
`pypa/gh-action-pypi-publish@1234567`, the provided ref `1234567` is the
shortened version of a commit SHA, which is not supported. Please use
the full commit SHA `1234567890123456789012345678901234567890` instead."

https://github.com/pypa/gh-action-pypi-publish/pull/230
https://github.com/pypa/gh-action-pypi-publish/issues/290
https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry
https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow#using-shas
2024-11-11 18:58:36 -05:00

59 lines
1.8 KiB
YAML

---
name: 🏗️
on: # yamllint disable-line rule:truthy
pull_request:
push:
branches: ["release/*", "unstable/*"]
workflow_dispatch:
inputs:
tag:
description: Docker image tag
required: true
type: string
jobs:
smoke-test:
uses: ./.github/workflows/reusable-smoke-test.yml
build-and-push:
if: github.event_name != 'pull_request'
runs-on: ubuntu-latest
needs:
- smoke-test
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: Build Docker image
run: |
DOCKER_TAG="${DOCKER_TAG/'/'/'-'}"
DOCKER_TAG_MAJOR=$(echo "$DOCKER_TAG" | cut -d '.' -f 1)
DOCKER_TAG_MAJOR_MINOR=$(echo "$DOCKER_TAG" | cut -d '.' -f 1-2)
IMAGE="ghcr.io/$GITHUB_REPOSITORY:${DOCKER_TAG}"
IMAGE_MAJOR="ghcr.io/$GITHUB_REPOSITORY:${DOCKER_TAG_MAJOR}"
IMAGE_MAJOR_MINOR="ghcr.io/$GITHUB_REPOSITORY:${DOCKER_TAG_MAJOR_MINOR}"
IMAGE_SHA="ghcr.io/$GITHUB_REPOSITORY:${GITHUB_SHA}"
echo "IMAGE=$IMAGE" >>"$GITHUB_ENV"
echo "IMAGE_MAJOR=$IMAGE_MAJOR" >>"$GITHUB_ENV"
echo "IMAGE_MAJOR_MINOR=$IMAGE_MAJOR_MINOR" >>"$GITHUB_ENV"
echo "IMAGE_SHA=$IMAGE_SHA" >>"$GITHUB_ENV"
docker build . \
--build-arg BUILDKIT_INLINE_CACHE=1 \
--cache-from $IMAGE \
--tag $IMAGE
docker tag $IMAGE $IMAGE_MAJOR
docker tag $IMAGE $IMAGE_MAJOR_MINOR
docker tag $IMAGE $IMAGE_SHA
env:
DOCKER_TAG: ${{ inputs.tag || github.ref_name }}
- name: Log in to GHCR
run: >-
echo ${{ secrets.GITHUB_TOKEN }} |
docker login ghcr.io -u $GITHUB_ACTOR --password-stdin
- name: Push Docker image to GHCR
run: |
docker push $IMAGE
docker push $IMAGE_MAJOR
docker push $IMAGE_MAJOR_MINOR
docker push $IMAGE_SHA