Skip to content

Commit

Permalink
wip
Browse files Browse the repository at this point in the history
  • Loading branch information
@pythoninthegrass
pythoninthegrass committed Oct 15, 2024
1 parent 10f5caf commit 4fdc89f
Showing 1 changed file with 31 additions and 34 deletions.
65 changes: 31 additions & 34 deletions .github/workflows/docker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,32 +5,23 @@ on:
branches:
- 'main'
- 'master'
- 'feat/**'
tags:
- '*.*.*'
paths:
- '.dockerignore'
- '.env.example'
- '.github/workflows/**'
- '**.bat'
- '**.ps1'
- '**.py'
- '**.sh'
- 'bin/**'
- 'config/**'
- 'Dockerfile*'
- 'musicbot.service'
- 'musicbot/**'
- 'musicbotcmd'
- 'poetry.lock'
- 'pyproject.toml'
- 'poetry.lock'
- 'requirements.txt'
- '**.py'
- '**.sh'
- '.dockerignore'
- '.env.example'
- '.github/workflows/**'
workflow_dispatch:

env:
REGISTRY_URL: ${{ vars.REGISTRY_URL }}
REGISTRY_USER: ${{ vars.REGISTRY_USER }}
REGISTRY_PASS: ${{ secrets.REGISTRY_PASS }}

jobs:
push_to_registry:
Expand All @@ -40,22 +31,38 @@ jobs:
matrix:
dockerfile: [Dockerfile]
concurrency:
group: ${{ github.workflow }}-${{ matrix.dockerfile }}-${{ github.ref }}
group: ${{ github.workflow }}-${{ matrix.dockerfile }}-${{ github.head_ref || github.ref }}
cancel-in-progress: true
permissions:
packages: write
contents: read
actions: read
# permissions:
# packages: write
# contents: read
# actions: read
steps:
- name: Check out the repo
uses: actions/checkout@v4

- name: Set password by container registry
run: |
case "${{ env.REGISTRY_URL }}" in
"ghcr.io")
echo "REGISTRY_PASS=${{ secrets.GITHUB_TOKEN }}" >> $GITHUB_ENV
;;
*)
if [ -n "${{ secrets.REGISTRY_PASS }}" ]; then
echo "REGISTRY_PASS=${{ secrets.REGISTRY_PASS }}" >> $GITHUB_ENV
else
echo "REGISTRY_PASS secret is not set and registry is not recognized. Exiting..."
exit 1
fi
;;
esac
- name: Log into container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY_URL }}
username: ${{ env.REGISTRY_URL == 'ghcr.io' && github.repository_owner || env.REGISTRY_USER }}
password: ${{ env.REGISTRY_URL == 'ghcr.io' && secrets.GITHUB_TOKEN || env.REGISTRY_PASS }}
username: ${{ env.REGISTRY_USER }}
password: ${{ env.REGISTRY_PASS }}

- name: Extract image name from Dockerfile
id: image_name
Expand All @@ -68,24 +75,17 @@ jobs:
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY_URL }}/${{ env.REGISTRY_URL == 'ghcr.io' && github.repository_owner || env.REGISTRY_USER }}/${{ steps.image_name.outputs.IMAGE }}
${{ env.REGISTRY_URL }}/${{ env.REGISTRY_USER }}/${{ steps.image_name.outputs.IMAGE }}
tags: |
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' }}
type=ref,event=branch
type=raw,value=latest,enable={{is_default_branch}}
type=semver,pattern={{version}}
flavor: |
latest=false
- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

# TODO: fix tagging
# ! 'manifest unknown' via `docker pull ghcr.io/pythoninthegrass/musicbot:feat-update_docker`
# ! `docker pull ghcr.io/pythoninthegrass/musicbot@sha256:40b2474ed9a12a7276196e1e09956c2b94ddd379ba46c6859ed40740ea41039a` works
# ! annotations also only apply to sha256 -- not 'branch/tag' versions
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
Expand All @@ -97,6 +97,3 @@ jobs:
platforms: linux/amd64,linux/arm64/v8
cache-from: type=registry,ref=${{ steps.meta.outputs.tags }}
cache-to: type=registry,ref=${{ steps.meta.outputs.tags }},mode=max
outputs: >
type=image,name=${{ steps.meta.outputs.tags }},
annotation-index.org.opencontainers.image.description=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.description'] }}

0 comments on commit 4fdc89f

Please sign in to comment.