Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish Docker 🐳 images 📦 to GitHub Container Registry | |
on: | |
release: | |
types: [created] | |
workflow_dispatch: {} | |
jobs: | |
build-and-publish-to-pypi-and-ghcr: | |
# Explicitly grant the `secrets.GITHUB_TOKEN` permissions. | |
permissions: | |
# Grant the ability to write to GitHub Packages (push Docker images to | |
# GitHub Container Registry). | |
packages: write | |
name: Build and publish Python 🐍 distributions 📦 to PyPI, and Docker 🐳 images 📦 to GitHub Container Registry | |
runs-on: ubuntu-latest | |
steps: | |
# 1. Publish to PyPI | |
- uses: actions/checkout@v2 | |
- name: Set up Python 3.10 | |
uses: actions/setup-python@v1 | |
with: | |
python-version: "3.10" | |
- name: Install pypa/build | |
run: >- | |
python -m | |
pip install | |
build | |
--user | |
- name: Build a binary wheel and a source tarball | |
run: >- | |
python -m | |
build | |
--sdist | |
--wheel | |
--outdir dist/ | |
. | |
- name: Publish distribution 📦 to PyPI | |
if: startsWith(github.ref, 'refs/tags') | |
uses: pypa/gh-action-pypi-publish@release/v1 | |
with: | |
user: __token__ | |
password: ${{ secrets.PYPI_API_TOKEN }} | |
skip_existing: true | |
# 2. Publish to GHCR | |
- uses: actions/checkout@v2 | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@v4 | |
with: | |
images: ghcr.io/${{ github.repository }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
# This is the user that triggered the Workflow. In this case, it will | |
# either be the user whom created the Release or manually triggered | |
# the workflow_dispatch. | |
username: ${{ github.actor }} | |
# `secrets.GITHUB_TOKEN` is a secret that's automatically generated by | |
# GitHub Actions at the start of a workflow run to identify the job. | |
# This is used to authenticate against GitHub Container Registry. | |
# See https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret | |
# for more detailed information. | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# Get the cartography version from the GitHub release event metadata and sleep to wait for PyPI to finish publishing | |
- name: Extract version and sleep | |
id: version | |
run: | | |
echo "VERSION=${{ github.event.release.tag_name }}" >> $GITHUB_ENV | |
sleep 10 | |
- name: Build and push | |
uses: docker/build-push-action@v3 | |
with: | |
file: Dockerfile | |
context: . | |
push: true # push the image to ghcr | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
# e.g. '==0.98.0' | |
build-args: VERSION_SPECIFIER===${{ env.VERSION }} |