Publish docker images for PRs that are labelled with version, pr numb… #86
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Continuous Integration Build via GitHub Actions | |
| name: CI Build | |
| # Run this Build for all pushes and PRs | |
| on: [push, pull_request] | |
| jobs: | |
| ci-build: | |
| runs-on: ubuntu-latest | |
| env: | |
| # Specify memory for Maven | |
| MAVEN_OPTS: "-Xmx256M" | |
| steps: | |
| # Output current build environment | |
| - run: echo "This is a CI build of branch ${{ github.ref }} in repository ${{ github.repository }}" | |
| - run: echo "This job was triggered by a ${{ github.event_name }} event and is running on a ${{ runner.os }} server" | |
| # https://github.com/actions/checkout | |
| - name: Checkout codebase | |
| uses: actions/checkout@v2 | |
| # https://github.com/actions/setup-java | |
| - name: Install JDK 17 | |
| uses: actions/setup-java@v2 | |
| with: | |
| java-version: 17 | |
| distribution: adopt | |
| # https://github.com/actions/cache | |
| - name: Cache Maven dependencies | |
| uses: actions/cache@v2 | |
| with: | |
| # Cache entire ~/.m2/repository | |
| path: ~/.m2/repository | |
| # Cache key is hash of all pom.xml files. Therefore any changes to POMs will invalidate cache | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: ${{ runner.os }}-maven- | |
| # Run build and execute tests | |
| - name: Build and Run unit tests | |
| run: mvn clean install -DskipIntTests -DskipDeploy --batch-mode | |
| # https://github.com/actions/setup-java | |
| # Sets up Java again, preparing the settings.xml to deploy to Sonatype (Maven) | |
| # ONLY on push to develop branch (using Sonatype snapshots repo) | |
| - name: Set up for deploy to Sonatype | |
| uses: actions/setup-java@v2 | |
| if: github.ref == 'refs/heads/develop' && github.event_name == 'push' | |
| with: | |
| java-version: 17 | |
| distribution: adopt | |
| server-id: sonatype-snapshots # Value of the distributionManagement/repository/id field of the pom.xml | |
| server-username: SONATYPE_USERNAME # env variable for sonatype username | |
| server-password: SONATYPE_PASSWORD # env variable for sonatype password | |
| gpg-private-key: ${{ secrets.CODESIGN_GPG_KEY }} # Value of the GPG private key to import | |
| gpg-passphrase: CODESIGN_GPG_PASSPHRASE # env variable for GPG private key passphrase | |
| # ONLY on push to main branch (using Sonatype releases repo) | |
| - name: Set up for deploy to Sonatype | |
| uses: actions/setup-java@v2 | |
| if: github.ref == 'refs/heads/main' && github.event_name == 'push' | |
| with: | |
| java-version: 17 | |
| distribution: adopt | |
| server-id: sonatype-releases # Value of the distributionManagement/repository/id field of the pom.xml | |
| server-username: SONATYPE_USERNAME # env variable for sonatype username | |
| server-password: SONATYPE_PASSWORD # env variable for sonatype password | |
| gpg-private-key: ${{ secrets.CODESIGN_GPG_KEY }} # Value of the GPG private key to import | |
| gpg-passphrase: CODESIGN_GPG_PASSPHRASE # env variable for GPG private key passphrase | |
| # Execute deployment to sonatype (only on push to develop or main branches) | |
| - name: Publish to Sonatype | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main') | |
| run: mvn deploy -DreleaseBuild -DskipTests -DskipDeploy --batch-mode | |
| env: | |
| SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
| SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
| CODESIGN_GPG_PASSPHRASE: ${{ secrets.CODESIGN_GPG_PASSPHRASE }} | |
| - name: Login to GHCR.IO | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.CONTAINER_REGISTRY_TOKEN }} | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Cache Docker layers | |
| uses: actions/cache@v2 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Extract Maven project version | |
| run: echo ::set-output name=version::$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec) | |
| id: project_version | |
| - name: Set docker tags (PR) | |
| if: ${{ github.event_name == 'pull_request' }} | |
| env: | |
| DOCKER_TAGS: ghcr.io/${{ github.repository }}:ghcr.io/${{ github.repository }}:${{ steps.project_version.outputs.version }},ghcr.io/${{ github.repository }}:${{ steps.project_version.outputs.version }}-PR-${{github.event.number}}-${{github.event.pull_request.head.sha}} | |
| - name: Set docker tags (Push) | |
| if: ${{ github.event_name == 'push' }} | |
| env: | |
| DOCKER_TAGS: ghcr.io/${{ github.repository }}:latest,ghcr.io/${{ github.repository }}:${{ steps.project_version.outputs.version }} | |
| - name: Build and push | |
| id: docker_build | |
| uses: docker/build-push-action@v2 | |
| if: github.event_name == 'pull_request' or (github.event_name == 'push' && (github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main')) | |
| with: | |
| context: ./ | |
| file: ./docker/Dockerfile | |
| builder: ${{ steps.buildx.outputs.name }} | |
| platforms: linux/amd64 | |
| push: true | |
| build-args: VERSION=${{ steps.project_version.outputs.version }} | |
| tags: ${{ DOCKER_TAGS }} | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache | |
| - name: Image digest | |
| run: echo ${{ steps.docker_build.outputs.digest }} |