# Some refs : # - Starting : https://docs.docker.com/ci-cd/github-actions/ # - More details here : https://github.com/marketplace/actions/build-and-push-docker-images#update-dockerhub-repo-description # - Variables (contexts) : https://docs.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#github-context name: Docker Hub on: push: branches: - master tags: - "v*.*.*" jobs: ############## # JOB - build-publish-alpine # build-publish-alpine: name: Build, Publish alpine environment: prod runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 ############## # Python is used to get the program's version and generate tags # - name: Set up Python uses: actions/setup-python@v2 with: python-version: '3.x' - name: Generate tags run: | python -m pip install --upgrade pip pip install -c constraints.txt -r requirements-build.txt # Stores a variable for each variant as needed echo ALPINE_TAGS=$(python3 setup.py -q docker_tags --image nicolabs/nicobot --variant alpine --ref ${{ github.ref }} --sep ,) >> $GITHUB_ENV # Also stores the computed version echo NICOBOT_VERSION=$(python3 setup.py --version) >> $GITHUB_ENV # ############## - name: Set up QEMU for multiarch uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@v2 # https://github.community/t/worker-running-out-of-disk-space/18245 => not true anymore # https://github.com/actions/virtual-environments/issues/709#issuecomment-616751758 => apt clean does not hurt - name: Patch Docker Daemon data-root run: | sudo df -h sudo apt clean - name: Set up cache for Docker layers layers uses: actions/cache@v3.3.1 with: path: /tmp/.buildx-cache # Change CACHE_VERSION to clear all caches ; see https://github.community/t/how-to-clear-cache-in-github-actions/129038/5 key: ${{ secrets.CACHE_VERSION }}-${{ runner.os }}-buildx-alpine-${{ github.sha }} # See https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows#matching-a-cache-key restore-keys: | ${{ runner.os }}-buildx-alpine- - name: Login to Docker Hub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Build and push alpine id: docker_build_alpine uses: docker/build-push-action@v4 with: context: ./ file: ./alpine.Dockerfile builder: ${{ steps.buildx.outputs.name }} platforms: linux/arm/v7,linux/arm64,linux/386,linux/amd64 push: true tags: ${{ env.ALPINE_TAGS }} labels: | version=${{ env.NICOBOT_VERSION }} github.sha:${{ github.sha }} cache-from: type=local,src=/tmp/.buildx-cache # mode=max to cache intermediate layers : https://github.com/docker/buildx#--cache-tonametypetypekeyvalue cache-to: type=local,dest=/tmp/.buildx-cache - name: Image digest run: echo ${{ steps.docker_build_alpine.outputs.digest }} ############## # JOB - build-publish-debian # build-publish-debian: name: Build, Publish debian environment: prod runs-on: ubuntu-latest # FIXME Does not work because GA thinks it's secret stuff #outputs: # digest: ${{ steps.docker_build_debian.outputs.digest }} steps: - name: Checkout uses: actions/checkout@v4 ############## # Python is used to get the program's version and generate tags # - name: Set up Python uses: actions/setup-python@v2 with: python-version: '3.x' - name: Generate tags run: | python -m pip install --upgrade pip pip install -c constraints.txt -r requirements-build.txt # Stores a variable for each variant as needed echo DEBIAN_TAGS=$(python3 setup.py -q docker_tags --image nicolabs/nicobot --variant debian --ref ${{ github.ref }} --sep ,) >> $GITHUB_ENV # Also stores the computed version echo NICOBOT_VERSION=$(python3 setup.py --version) >> $GITHUB_ENV # ############## - name: Set up QEMU for multiarch uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@v2 # https://github.community/t/worker-running-out-of-disk-space/18245 => not true anymore # https://github.com/actions/virtual-environments/issues/709#issuecomment-616751758 => apt clean does not hurt - name: Patch Docker Daemon data-root run: | sudo df -h sudo apt clean - name: Set up cache for Docker layers layers uses: actions/cache@v3.3.1 with: path: /tmp/.buildx-cache # Change CACHE_VERSION to clear all caches ; see https://github.community/t/how-to-clear-cache-in-github-actions/129038/5 key: ${{ secrets.CACHE_VERSION }}-${{ runner.os }}-buildx-debian-debian-${{ github.sha }} # See https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows#matching-a-cache-key restore-keys: | ${{ runner.os }}-buildx-debian- - name: Login to Docker Hub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Build and push debian id: docker_build_debian uses: docker/build-push-action@v4 with: context: ./ file: ./debian.Dockerfile builder: ${{ steps.buildx.outputs.name }} platforms: linux/arm/v7,linux/arm64,linux/386,linux/amd64 push: true tags: ${{ env.DEBIAN_TAGS }} labels: | version=${{ env.NICOBOT_VERSION }} github.sha:${{ github.sha }} cache-from: type=local,src=/tmp/.buildx-cache # mode=max to cache intermediate layers : https://github.com/docker/buildx#--cache-tonametypetypekeyvalue cache-to: type=local,dest=/tmp/.buildx-cache,mode=max - name: Image digest run: echo ${{ steps.docker_build_debian.outputs.digest }} ############## # JOB - build-publish-signaldebian # build-publish-signaldebian: name: Build, Publish signal-debian needs: - build-publish-debian environment: prod runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 ############## # Python is used to get the program's version and generate tags # - name: Set up Python uses: actions/setup-python@v2 with: python-version: '3.x' - name: Generate tags run: | python -m pip install --upgrade pip pip install -c constraints.txt -r requirements-build.txt # Stores a variable for each variant as needed echo DEBIAN_TAGS=$(python3 setup.py -q docker_tags --image nicolabs/nicobot --variant debian --ref ${{ github.ref }} --sep ,) >> $GITHUB_ENV echo NICOBOT_DEBIAN_FROM=$(python3 setup.py -q docker_tags --image nicolabs/nicobot --variant debian --ref ${{ github.ref }} --sep '\n' | head -1) >> $GITHUB_ENV echo SIGNAL_DEBIAN_TAGS=$(python3 setup.py -q docker_tags --image nicolabs/nicobot --variant signal-debian --ref ${{ github.ref }} --sep ,) >> $GITHUB_ENV # Also stores the computed version echo NICOBOT_VERSION=$(python3 setup.py --version) >> $GITHUB_ENV # ############## - name: Set up QEMU for multiarch uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@v2 # https://github.community/t/worker-running-out-of-disk-space/18245 => not true anymore # https://github.com/actions/virtual-environments/issues/709#issuecomment-616751758 => apt clean does not hurt - name: Patch Docker Daemon data-root run: | sudo df -h sudo apt clean - name: Set up cache for Docker layers layers uses: actions/cache@v3.3.1 with: path: /tmp/.buildx-cache # Change CACHE_VERSION to clear all caches ; see https://github.community/t/how-to-clear-cache-in-github-actions/129038/5 key: ${{ secrets.CACHE_VERSION }}-${{ runner.os }}-buildx-debian-signaldebian-${{ github.sha }} # See https://docs.github.com/en/actions/guides/caching-dependencies-to-speed-up-workflows#matching-a-cache-key restore-keys: | ${{ runner.os }}-buildx-debian- - name: Login to Docker Hub uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - name: Build and push signal-debian id: docker_build_signal_debian uses: docker/build-push-action@v4 with: context: ./ file: ./signal-debian.Dockerfile build-args: | NICOBOT_DEBIAN_FROM=${{ env.NICOBOT_DEBIAN_FROM }} builder: ${{ steps.buildx.outputs.name }} platforms: linux/arm/v7,linux/arm64,linux/386,linux/amd64 push: true tags: ${{ env.SIGNAL_DEBIAN_TAGS }} labels: | version=${{ env.NICOBOT_VERSION }} github.sha:${{ github.sha }} cache-from: type=local,src=/tmp/.buildx-cache # mode=max to cache intermediate layers : https://github.com/docker/buildx#--cache-tonametypetypekeyvalue cache-to: type=local,dest=/tmp/.buildx-cache - name: Image digest run: echo ${{ steps.docker_build_signal_debian.outputs.digest }} ############## # POST STEP # post: name: Update repo needs: - build-publish-alpine - build-publish-debian - build-publish-signaldebian environment: prod runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 # https://github.com/peter-evans/dockerhub-description - name: Update repo description uses: peter-evans/dockerhub-description@v3 with: username: ${{ secrets.DOCKER_HUB_USERNAME }} password: ${{ secrets.DOCKER_HUB_PASSWORD }} repository: nicolabs/nicobot