-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaction.yaml
261 lines (244 loc) · 8.78 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
name: Build Elixir docker container
branding:
color: blue
icon: anchor
description: >-
GitHub Composite Action for building and optionally pushing Elixir & Beam
based docker containers in an opinionated way.
inputs:
build-args:
description: >-
(Optional) A list of extra build args to pass to the build step. Note
that the github-token and hex-token will automatically be set if
passed in.
required: false
cache:
default: "true"
description: >-
(Optional) Enables caching built docker layers in the GitHub actions
cache. This is highly recommended to speed up builds. Note, if you are
not getting a speed bump, check your .dockerignore file to ensure you
are not sending files that would break layer caching, like the .git
folder.
required: false
context:
default: "."
description: >-
(Optional) The build context to use when building the docker image.
required: false
file:
default: Dockerfile
description: >-
(Optional) The path to the Dockerfile we are building.
required: false
github-token:
default: ${{ github.token }}
description: >-
(Optional) Used to setup mix for pulling private packages from GitHub.
This is usually `secrets.GH_PERSONAL_ACCESS_TOKEN`.
required: false
hex-organization:
default: stord
description: >-
(Optional) Hex organization when authenticating. By default this will
be the Stord hex organization.
required: false
hex-token:
description: >-
(Optional) Used to setup mix for pulling private packages from the
hex organization. This is usually `secrets.HEX_API_KEY`.
required: false
images:
description: >-
(Optional) A list of docker images to use when building and
publishing. By default, this will match the repository being built.
For example, if you are building `stordco/test-app`, the image will
be `ghcr.io/stordco/test-app`.
required: false
labels:
description: >-
(Optional) A list of labels to be added to the default ones when
pushing the image.
required: false
load:
default: false
description: >-
(Optional) When set to true, the `load` input acts as a shorthand for --output=type=docker,
automatically loading the single-platform build result into the local Docker images.
This is useful for testing the image locally to the GHA instance.
required: false
oban-fingerprint:
description: >-
(Optional) Public key for fetching the oban pro repository data.
This is usually refered to as OBAN_KEY_FINTERPRINT in documentation.
required: false
oban-token:
description: >-
(Optional) Oban pro license key.
required: false
platforms:
default: linux/amd64
description: >-
(Optional) List of target platforms for build.
required: false
push:
default: "false"
description: >-
(Optional) Push the final built image to the set registry.
required: false
secrets:
description: >-
(Optional) A list of extra secrets to pass to the build step. Note
that the github-token and hex-token will automatically be set if
passed in.
required: false
tags:
description: >-
(Optional) A list of tags to be added to the default ones when
pushing the image.
required: false
outputs:
digest:
description: >-
The docker build image digest.
value: ${{ steps.build.outputs.digest }}
image:
description: >-
The first docker image published. This can be used as reference when
deploying the image.
value: ${{ steps.outputs.outputs.image }}
images:
description: >-
A list of all the published docker images.
value: ${{ steps.inputs.output.images }}
labels:
description: >-
A list of all docker labels used when publishing.
value: ${{ steps.metadata.outputs.labels }}
metadata:
description: >-
The docker build result metadata
value: ${{ steps.build.outputs.metadata }}
tag:
description: >-
A sha specific tag used when publishing the docker image. This is the most
specific tag that won't get repeated and should be used when deploying the
image.
value: ${{ steps.outputs.outputs.tag }}
tags:
description: >-
A list of all docker tags that were published.
value: ${{ steps.metadata.outputs.tags }}
runs:
using: composite
steps:
- id: inputs
name: Get Inputs
uses: actions/github-script@v7
env:
INPUT_BUILD_ARGS: ${{ inputs.build-args }}
INPUT_CACHE: ${{ inputs.cache }}
INPUT_GITHUB_TOKEN: ${{ inputs.github-token }}
INPUT_HEX_TOKEN: ${{ inputs.hex-token }}
INPUT_IMAGES: ${{ inputs.images }}
INPUT_OBAN_FINGERPRINT: ${{ inputs.oban-fingerprint }}
INPUT_OBAN_TOKEN: ${{ inputs.oban-token }}
INPUT_SECRETS: ${{ inputs.secrets }}
with:
script: |
const buildArgs = core.getMultilineInput('build args')
const secrets = core.getMultilineInput('secrets')
buildArgs.push(`GIT_SHA=${context.sha}`)
const githubToken = core.getInput('github token')
if (githubToken != null && githubToken !== '') {
buildArgs.push(`GH_PERSONAL_ACCESS_TOKEN=${githubToken}`)
buildArgs.push(`GITHUB_PERSONAL_ACCESS_TOKEN=${githubToken}`)
secrets.push(`github_token=${githubToken}`)
core.info('Added GitHub token build information')
}
const hexToken = core.getInput('hex token')
if (hexToken != null && hexToken !== '') {
buildArgs.push(`HEX_TOKEN=${hexToken}`)
secrets.push(`hex_token=${hexToken}`)
core.info('Added Hex token build information')
}
const obanFingerprint = core.getInput('oban fingerprint')
const obanToken = core.getInput('oban token')
if (obanFingerprint != null && obanFingerprint !== '') {
if (obanToken != null && obanToken !== '') {
secrets.push(`oban_fingerprint=${obanFingerprint}`)
secrets.push(`oban_token=${obanToken}`)
core.info('Added Oban Pro build information')
}
}
core.setOutput('build-args', buildArgs.join('\n'))
core.setOutput('secrets', secrets.join('\n'))
if (core.getBooleanInput('cache')) {
core.setOutput('cache-from', 'type=gha')
core.setOutput('cache-to', 'type=gha,mode=max')
core.info('Using GitHub cache for maximum performance')
} else {
core.setOutput('cache-from', '')
core.setOutput('cache-to', '')
core.info('Cache is disabled')
}
const images = core.getMultilineInput('images')
if (images.length > 0) {
core.setOutput('images', process.env.INPUT_IMAGES)
} else {
const image = `ghcr.io/${context.repo.owner}/${context.repo.repo}`
core.setOutput('images', image)
core.info(`Setting docker image to default ${image}`)
}
- id: metadata
name: Get Metadata
uses: docker/metadata-action@v5
with:
flavor: |
latest=auto
github-token: ${{ inputs.github-token }}
images: |
${{ steps.inputs.outputs.images }}
labels: |
${{ inputs.labels }}
tags: |
type=sha
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=ref,event=branch
type=ref,event=pr
${{ inputs.tags }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- id: build
name: Build
uses: docker/build-push-action@v6
with:
build-args: ${{ steps.inputs.outputs.build-args }}
cache-from: ${{ steps.inputs.outputs.cache-from }}
cache-to: ${{ steps.inputs.outputs.cache-to }}
context: ${{ inputs.context }}
file: ${{ inputs.file }}
labels: ${{ steps.metadata.outputs.labels }}
platforms: ${{ inputs.platforms }}
push: ${{ inputs.push }}
secrets: ${{ steps.inputs.outputs.secrets }}
tags: ${{ steps.metadata.outputs.tags }}
load: ${{ inputs.load }}
- id: outputs
name: Get Outputs
uses: actions/github-script@v7
env:
BUILD_OUTPUT: ${{ steps.metadata.outputs.json }}
with:
script: |
const metadata = JSON.parse(process.env.BUILD_OUTPUT)
const shaUrl = metadata.tags.find((t) => t.includes(':sha-'))
if (shaUrl == null) {
core.error('Unable to find sha tag of image')
} else {
const [image, tag] = shaUrl.split(':')
core.setOutput('image', image)
core.setOutput('tag', tag)
}