docker-packt-cli/.github/workflows/deploy-docker-image.yml at ea989517cfba15d48de8ccda28ec38cfb03fcb6c · GhostWriters/docker-packt-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
---
name: build-and-push-docker-image

permissions: read-all

on:
  push:
    branches:
      - main

jobs:
  docker:
    runs-on: ubuntu-latest
    permissions:
      packages: write
    steps:
      # Checks out the main branch of the repository to the runner
      - name: checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: "0"

      # This action creates a new git tag of the main branch with the new version number
      - name: Bump version and push tag
        id: bumpTag
        uses: anothrNick/github-tag-action@4ed44965e0db8dab2b466a16da04aec3cc312fd8 # 1.75.0
        env:
          GITHUB_TOKEN: ${{ secrets.PAT }}
          WITH_V: true

      # Sets up the QEMU emulator that emulates different architectures
      - name: Set up QEMU
        uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0

      # Sets up the Docker Buildx plugin to build multi-architecture Docker images
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0

      # Authenticates with Docker Hub
      - name: Login to Docker Hub
        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
        with:
          registry: docker.io
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      # Authenticates with the GitHub Container Registry
      - name: Login to GitHub Package Registry
        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract metadata (tags, labels) for Docker
        id: metadata
        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
        with:
          images: |
            ${{ github.repository }}
            ghcr.io/${{ github.repository }}
          tags: |
            type=raw,value=latest,enable={{is_default_branch}}
          # type=raw,value={{branch}}

      # Builds and pushes the Docker image to Docker Hub and the GitHub Container Registry with the following tags:
      # - 'latest' for successful builds on the main branch.
      # - '<short_branch_name>' pushes to non-main branches.
      - name: Build and push Docker image
        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
        with:
          context: .
          push: true
          platforms: linux/amd64,linux/arm64
          tags: ${{ steps.metadata.outputs.tags }}
          labels: ${{ steps.metadata.outputs.labels }}

      # - name: SonarCloud Scan
      #   uses: SonarSource/sonarcloud-github-action@5875562561d22a34be0c657405578705a169af6c # v1.9.1
      #   env:
      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
      #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

      # Create a release based on the new tag
      - name: Create release
        uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
        with:
          tag_name: ${{ steps.bumpTag.outputs.new_tag }}
          token: ${{ secrets.PAT }}