Create test-ubuntu-git Docker Container for Proxy Tests
#1616
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| name: Publishes the test-ubuntu-git Container Image | ||
|
|
||
| on: | ||
| # Use an on demand workflow trigger. | ||
| # (Forked copies of actions/checkout won't have permission to update GHCR.io/actions, | ||
| # so avoid trigger events that run automatically.) | ||
| workflow_dispatch: | ||
| inputs: | ||
| publish: | ||
| description: 'Publish to ghcr.io?' | ||
| type: boolean | ||
| required: true | ||
| default: false | ||
|
|
||
| env: | ||
| REGISTRY: ghcr.io | ||
| IMAGE_NAME: actions/test-ubuntu-git | ||
|
|
||
| jobs: | ||
| build-and-push-image: | ||
| runs-on: ubuntu-latest | ||
| # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
|
|
||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| # Use `docker/login-action` to log in to GHCR.io. | ||
| # Once published, the packages are scoped to the account defined here. | ||
| - name: Log in to the ghcr.io container registry | ||
| uses: docker/login-action@v3.0.0 | ||
| with: | ||
| registry: ${{ env.REGISTRY }} | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| # Use `docker/metadata-action` to preserve tags and labels that exist on the GHCR.io container image. | ||
| # - name: Extract metadata (tags, labels) for Docker | ||
| # id: meta | ||
| # uses: docker/metadata-action@v5.5.1 | ||
| # with: | ||
| # images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | ||
|
Comment on lines
+40
to
+45
There was a problem hiding this comment. I'm not convinced this block is necessary at this point. I'd like to see what happens without it first. |
||
|
|
||
| # Use `docker/build-push-action` to build (and optionally publish) the image. | ||
| - name: Build and push Docker image | ||
| uses: docker/build-push-action@v5.1.0 | ||
| with: | ||
| context: . | ||
| file: images/test-ubuntu-git.Dockerfile | ||
| push: ${{ inputs.publish }} | ||
| tags: ${{ env.IMAGE_NAME }}:sha-${{ env.GITHUB_SHA }} | ||
| # tags: ${{ steps.meta.outputs.tags }} | ||
| # labels: ${{ steps.meta.outputs.labels }} | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # Defines the test-ubuntu-git Container Image. | ||
| # Consumed by actions/checkout CI/CD validation workflows. | ||
|
|
||
| FROM ubuntu:latest | ||
|
|
||
| RUN apt update | ||
| RUN apt install -y git | ||
|
|
||
| LABEL org.opencontainers.image.description="Ubuntu image with git pre-installed" | ||
| LABEL org.opencontainers.image.licenses=MIT |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is
${{ github.actor }}always theactionsorg?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's whomever triggers the workflow, (I can devise a quick test to confirm), but I believe it'll still work as desired. All the examples use
${{ github.actor }}.The explanation is a bit murky, but some documentation is here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
github.repository_owneris another option, but I wanted to try it this way first and see if it works OK.I figure it should help make
auth-related failures in the workflow more clear. (e.g. joe triggered the workflow, but joe doesn't have the requisite permissions).It might also be handy to see who published the image in GHCR.io in the event we need to do some forensics.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see other workflows in the
actionsorg that also usegithub.actorwhen pushing toghcr.ioincluding actions/runner.