Skip to content

v0.8.1

v0.8.1 #47

name: Docker release main app
on:
release:
types: [published]
jobs:
mainapp:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
steps:
- name: Get the version
id: get_version
# run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}
run: echo "DP_VERSION=${GITHUB_REF/refs\/tags\//}" >> "$GITHUB_ENV"
# - name: Release check out ${{ steps.get_version.outputs.VERSION }}
- name: Release check out ${{ env.DP_VERSION }}
uses: actions/checkout@v3
with:
ref: ${{ env.DP_VERSION }}
# ref: ${{ steps.get_version.outputs.VERSION }}
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into Docker Hub registry
uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
# Install the cosign tool except on PR
# https://github.com/sigstore/cosign-installer
# - name: Install cosign
# uses: sigstore/cosign-installer@7e0881f8fe90b25e305bbf0309761e9314607e25
# with:
# cosign-release: 'v1.9.0'
- name: Tag reference ${{ github.ref }} - version=${{ env.DP_VERSION }}
run: |
echo release: ${{ env.DP_VERSION }}
export dpversion=${{ env.DP_VERSION }}
echo docker version: $dpversion
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@b2391d37b4157fa4aa2e118d643f417910ff3242
with:
images: dataplane/dataplane
# - name: Tags - ${{ steps.meta.outputs.tags }}
# run: echo tags ${{ steps.meta.outputs.tags }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
context: .
file: docker-build/Dockerfile.main.alpine
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
DATAPLANE_VERSION=${{ env.DP_VERSION }}
# Sign the resulting Docker image digest except on PRs.
# This will only write to the public Rekor transparency log when the Docker
# repository is public to avoid leaking data. If you would like to publish
# transparency data even for private images, pass --force to cosign below.
# https://github.com/sigstore/cosign
# - name: Sign the published Docker image
# if: ${{ github.event_name != 'pull_request' }}
# env:
# COSIGN_EXPERIMENTAL: "true"
# # This step uses the identity token to provision an ephemeral certificate
# # against the sigstore community Fulcio instance.
# run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }}
# docker build -t dataplane/dataplane:$dpversion -f docker-build/Dockerfile.main.alpine .
# docker tag dataplane/dataplane:$dpversion dataplane/dataplane:$dpversion
# docker push dataplane/dataplane:$dpversion
# docker tag dataplane/dataplane:$dpversion dataplane/dataplane:latest
# docker push dataplane/dataplane:latest
# docker build -t dataplane/dataplane-worker-python:$dpversion -f docker-build/Dockerfile.workerpython.debian .
# docker tag dataplane/dataplane-worker-python:$dpversion dataplane/dataplane-worker-python:$dpversion
# docker push dataplane/dataplane-worker-python:$dpversion
# docker tag dataplane/dataplane-worker-python:$dpversion dataplane/dataplane-worker-python:latest
# docker push dataplane/dataplane-worker-python:latest