Prebuild docker image

.github/workflows/cd.yml

@@ -0,0 +1,115 @@
+# When a PR is merged, or when run manually, this workflow will create a
+# release and publish the container image to the GitHub Container Registry. Both
+# will be labeled with the version specified in the manifest file.
+name: Continuous Delivery
+
+on:
+  pull_request:
+    types:
+      - closed
+    branches:
+      - main
+  workflow_dispatch:
+
+env:
+  CONTAINER_REGISTRY: ghcr.io
+  CONTAINER_REGISTRY_USERNAME: ${{ github.actor  }}
+  CONTAINER_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
+  MANIFEST_PATH: .version
+
+permissions:
+  contents: write
+  packages: write
+
+jobs:
+  publish:
+    name: Publish Container Image
+    runs-on: ubuntu-latest
+
+    # Ignore Dependabot pull requests.
+    if: |
+      github.event_name == 'workflow_dispatch' ||
+      (github.event.pull_request.merged == true &&
+      startsWith(github.head_ref, 'dependabot/') == false)
+
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-tags: true
+          ref: main
+
+      - name: Check Version
+        id: version
+        uses: issue-ops/semver@v2
+        with:
+          check-only: true
+          manifest-path: ${{ env.MANIFEST_PATH }}
+          ref: main
+          workspace: ${{ github.workspace }}
+
+      # Create the list of image tags that will be published. If a prerelease is
+      # being published (e.g. `1.2.3-alpha.4`), only the prerelease tag will be
+      # published (`v1.2.3-alpha.4`). Otherwise, the following tags will be
+      # published:
+      # - `latest`
+      # - `v1.2.3`
+      # - `v1.2`
+      # - `v1`
+      - name: Set Image Tags
+        id: tags
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const version = '${{ steps.version.outputs.version }}'
+
+            // Check if prerelease (e.g. 1.2.3-alpha.4)
+            if (version.includes('-')) {
+              // Only output the prerelease tag
+              core.setOutput('tags', `type=raw,value=v${version}`)
+            } else {
+              // Output all the tags
+              let tags = [
+                'type=raw,value=latest',
+                `type=raw,value=v${version}`,
+                `type=raw,value=v${version.split('.').slice(0, 2).join('.')}`,
+                `type=raw,value=v${version.split('.')[0]}`
+              ]
+              core.setOutput('tags', tags.join('\n'))
+            }
+
+      # Get metadata to apply to image
+      - name: Extract Metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.CONTAINER_REGISTRY }}/${{ github.repository }}
+          tags: ${{ steps.tags.outputs.tags }}
+
+      # Authenticate to the container registry
+      - name: Authenticate to Container Registry
+        id: login
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.CONTAINER_REGISTRY }}
+          username: ${{ env.CONTAINER_REGISTRY_USERNAME }}
+          password: ${{ env.CONTAINER_REGISTRY_PASSWORD }}
+
+      # Publish the container image
+      - name: Publish Container Image
+        id: publish
+        uses: docker/build-push-action@v6
+        env:
+          LABELS: ${{ steps.meta.outputs.labels }}
+          TAGS: ${{ steps.meta.outputs.tags }}
+        with:
+          labels: ${{ env.LABELS }}
+          push: true
+          tags: ${{ env.TAGS }}
+
+      - name: Create Release
+        id: release
+        uses: issue-ops/releaser@v2
+        with:
+          tag: v${{ steps.version.outputs.version }}

.github/workflows/main.yml

@@ -71,9 +71,39 @@ jobs:
 
   e2e-tests:
     runs-on: ubuntu-latest
+
+    # Run a local registry to push to
+    services:
+      registry:
+        image: registry:2
+        ports:
+          - 5001:5000
+
+    env:
+      TEST_TAG: localhost:5001/actions/find-code-references-in-pull-request:latest
+
     steps:
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+      - name: Setup Docker BuildX
+        id: setup-buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          install: true
+          driver-opts: network=host
+      - name: Build the Container
+        id: build
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: ${{ env.TEST_TAG }}
+      - name: Update action.yml for local testing
+        run: |
+          # Backup original file
+          cp action.yml action.yml.bak
+          # Replace image path for local testing
+          sed -i 's|docker://ghcr.io/ln-zap/find-code-references-in-pull-request:latest|docker://localhost:5001/actions/find-code-references-in-pull-request:latest|' action.yml
       - name: Find LaunchDarkly feature flags in diff
         uses: ./ # Uses an action in the root directory
         id: find-flags

.github/workflows/version-check.yml

@@ -0,0 +1,39 @@
+# This workflow checks the version of the container image that is being built
+# in the current pull request. If the version has already been published, the
+# workflow fails to prevent PRs from being merged until the version has been
+# incremented in the manifest file.
+name: Version Check
+
+on:
+  pull_request:
+    branches:
+      - main
+
+env:
+  MANIFEST_PATH: .version
+
+permissions:
+  checks: write
+  contents: read
+  pull-requests: write
+
+jobs:
+  check-version:
+    name: Version Check
+    runs-on: ubuntu-latest
+
+    if: ${{ github.actor != 'dependabot[bot]' }}
+
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-tags: true
+
+      - name: Check Version
+        id: check-version
+        uses: issue-ops/semver@v2
+        with:
+          check-only: true
+          manifest-path: ${{ env.MANIFEST_PATH }}

.version

@@ -0,0 +1 @@
+v1.0.0

action.yml

@@ -3,7 +3,7 @@ name: 'LaunchDarkly Code References in Pull Request'
 description: 'Find references to feature flags in your pull request'
 runs:
   using: 'docker'
-  image: 'Dockerfile'
+  image: 'docker://ghcr.io/ln-zap/find-code-references-in-pull-request:latest'
   env:
     LD_PROJ_KEY: ${{ inputs.project-key }}
     LD_ACCESS_TOKEN: ${{ inputs.access-token }}