Publish docker image #429
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish docker image | |
| on: | |
| schedule: | |
| - cron: "0 3 * * *" # At 03:00 every day | |
| workflow_dispatch: | |
| inputs: | |
| git_ref: | |
| type: string | |
| required: true | |
| default: main | |
| description: "Git branch/tag revision to build" | |
| dockerfile_branch: | |
| type: string | |
| required: true | |
| default: main | |
| description: "Git branch for getting Dockerfile" | |
| image_tag: | |
| type: string | |
| required: true | |
| default: trunk | |
| description: "docker image tag" | |
| jobs: | |
| build: | |
| runs-on: [self-hosted, auto-provisioned] | |
| steps: | |
| - name: Checkout .github | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ inputs.dockerfile_branch || 'main' }} | |
| path: main | |
| sparse-checkout: | | |
| .github | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ inputs.git_ref || 'main' }} | |
| path: ydb | |
| - name: get revision | |
| shell: bash | |
| id: get-sha | |
| working-directory: ydb | |
| run: | | |
| echo "SHA=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT | |
| - name: Set up Docker buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Log in to the Docker Hub | |
| uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | |
| with: | |
| username: ${{ vars.DOCKER_HUB_USER_NAME }} | |
| password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: | | |
| ghcr.io/${{ github.repository_owner }}/local-ydb | |
| ${{ vars.DOCKER_HUB_REPOSITORY && vars.DOCKER_HUB_REPOSITORY || '' }} | |
| labels: | | |
| ydb.revision=${{ steps.get-sha.outputs.SHA }} | |
| org.opencontainers.image.revision=${{ steps.get-sha.outputs.SHA }} | |
| tags: | | |
| type=schedule,pattern=nightly | |
| type=raw,value=${{ inputs.image_tag || 'trunk' }} | |
| - name: Build docker image | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| file: main/.github/docker/Dockerfile | |
| load: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: linux/amd64 | |
| provenance: false | |
| cache-from: type=s3,name=local_ydb,region=ru-central1,bucket=${{ vars.AWS_BUCKET }},endpoint_url=${{ vars.AWS_ENDPOINT }},access_key_id=${{ secrets.AWS_KEY_ID }},secret_access_key=${{ secrets.AWS_KEY_VALUE }} | |
| cache-to: type=s3,name=local_ydb,region=ru-central1,bucket=${{ vars.AWS_BUCKET }},endpoint_url=${{ vars.AWS_ENDPOINT }},access_key_id=${{ secrets.AWS_KEY_ID }},secret_access_key=${{ secrets.AWS_KEY_VALUE }},mode=max | |
| - name: Test docker image | |
| continue-on-error: false | |
| run: | | |
| docker run -d --rm --name local-ydb-test ghcr.io/${{ github.repository_owner }}/local-ydb:${{ inputs.image_tag || 'trunk' }} | |
| sleep 61 # Wait for the health check to run (--start-period=60s --interval=1s) | |
| if [ "$(docker inspect --format='{{json .State.Health.Status}}' local-ydb-test)" != "\"healthy\"" ]; then | |
| echo "Container is not healthy" | |
| docker inspect --format='{{json .State.Health}}' local-ydb-test | |
| docker logs local-ydb-test | |
| exit 1 | |
| fi | |
| docker stop local-ydb-test || true | |
| - name: Push docker image | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| file: main/.github/docker/Dockerfile | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: linux/amd64 | |
| provenance: false | |
| cache-from: type=s3,name=local_ydb,region=ru-central1,bucket=${{ vars.AWS_BUCKET }},endpoint_url=${{ vars.AWS_ENDPOINT }},access_key_id=${{ secrets.AWS_KEY_ID }},secret_access_key=${{ secrets.AWS_KEY_VALUE }} | |
| cache-to: type=s3,name=local_ydb,region=ru-central1,bucket=${{ vars.AWS_BUCKET }},endpoint_url=${{ vars.AWS_ENDPOINT }},access_key_id=${{ secrets.AWS_KEY_ID }},secret_access_key=${{ secrets.AWS_KEY_VALUE }},mode=max |