Skip to content
Build and Push Docker Image

🔖 version 0.1.0 #13

Sign in to view logs

🔖 version 0.1.0

🔖 version 0.1.0 #13

Workflow file for this run

.github/workflows/docker.yml at eee083b
name: Build and Push Docker Image
on:
push:
branches:
- main
paths_ignore:
- .github/actions/setup-python/action.yml
- .github/workflows/release.yml
- .github/workflows/auto-merge.yml
- .github/workflows/ruff.yml
pull_request:
branches:
- main
paths_ignore:
- .github/actions/setup-python/action.yml
- .github/workflows/release.yml
- .github/workflows/auto-merge.yml
- .github/workflows/ruff.yml
workflow_run:
workflows: [ "Release" ]
types:
- completed
workflow_dispatch:
env:
LATEST_PYTHON_VERSION: "3.13"
jobs:
metadata:
runs-on: ubuntu-latest
if: |-
github.event_name != 'workflow_run' ||
(github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success')
permissions:
contents: read
outputs:
LATEST_RELEASE: ${{ steps.workflow.outputs.LATEST_RELEASE || steps.api.outputs.LATEST_RELEASE }}
steps:
- name: Get latest release from previous workflow
id: workflow
if: github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success'
run: |
tag=${{ github.event.workflow_run.head_branch }}
echo "LATEST_RELEASE=${tag#refs/tags/}" >> $GITHUB_OUTPUT
- name: Get latest release from api
id: api
if: github.event_name != 'workflow_run'
run: |
gh api repos/${{ github.repository }}/releases/latest | jq -r '.tag_name' | xargs -0 printf "LATEST_RELEASE=%s" >> $GITHUB_OUTPUT
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build:
runs-on: ubuntu-latest
needs: metadata
permissions:
contents: read
packages: write
concurrency:
group: ${{ github.workflow }}-${{ needs.metadata.outputs.LATEST_RELEASE }}-${{ matrix.python_version }}${{ matrix.python_variant }}-${{ matrix.platform }}
cancel-in-progress: true
strategy:
fail-fast: true
matrix:
python_version:
- "3.9"
- "3.10"
- "3.11"
- "3.12"
- "3.13"
python_variant:
- ""
- "-slim"
platform: ${{ fromJSON(github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success' && '["linux/arm64","linux/amd64"]' || '["linux/amd64"]') }}
steps:
- name: Checkout (Latest Release)
if: github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success'
uses: actions/checkout@v5
with:
ref: ${{ needs.metadata.outputs.LATEST_RELEASE}}
- name: Checkout (Other)
if: github.event_name != 'workflow_run'
uses: actions/checkout@v5
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Github Registry
uses: docker/login-action@v3
if: github.event_name != 'pull_request'
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GIT_TOKEN }}
- name: Generate Image Name and Scope
id: image
run: |
echo "IMAGE=ghcr.io/${GITHUB_REPOSITORY@L}" >> $GITHUB_OUTPUT
echo "SCOPE=${{ hashFiles('**/pdm.lock') }}-${{ matrix.python_version }}${{ matrix.python_variant }}-${{ matrix.platform }}" >> $GITHUB_OUTPUT
platform="${{ matrix.platform }}"
echo "ARTIFACT=${{ matrix.python_version }}${{ matrix.python_variant }}-${platform/\//-}-digests" >> $GITHUB_OUTPUT
- name: Generate Labels
uses: docker/metadata-action@v5
id: metadata
with:
images: ${{ steps.image.outputs.IMAGE }}
tags: |
type=edge,value=nightly
type=ref,event=pr
type=sha,event=branch
- name: Build and Publish
uses: docker/build-push-action@v6
id: build
with:
context: .
platforms: ${{ matrix.platform }}
push: ${{ github.event_name != 'pull_request' }}
build-args: |
PYTHON_IMAGE=${{ matrix.python_version }}
VARIANT=${{ matrix.python_variant }}
labels: ${{ steps.metadata.outputs.labels }}
cache-from: type=gha,scope=${{ steps.image.outputs.SCOPE }}
cache-to: type=gha,scope=${{ steps.image.outputs.SCOPE }},mode=max
outputs: type=image,name=${{ steps.image.outputs.IMAGE }},push-by-digest=true,name-canonical=true,push=true
- name: Export digest
run: |
mkdir -p /tmp/digests/
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: ${{ steps.image.outputs.ARTIFACT }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
push:
runs-on: ubuntu-latest
needs: [metadata, build]
strategy:
matrix:
python_version:
- "3.9"
- "3.10"
- "3.11"
- "3.12"
- "3.13"
python_variant:
- ""
- "-slim"
steps:
- name: Checkout (Release)
if: github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success'
uses: actions/checkout@v5
with:
ref: ${{ needs.metadata.outputs.LATEST_RELEASE }}
- name: Checkout (Other)
if: github.event_name != 'workflow_run'
uses: actions/checkout@v5
- name: Download digests
uses: actions/download-artifact@v5
with:
path: /tmp/artifacts
pattern: "*-digests"
- name: Copy digests
run: |
mkdir -p /tmp/digests
cp /tmp/artifacts/${{ matrix.python_version }}${{ matrix.python_variant }}-*-digests/* /tmp/digests
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
if: github.event_name != 'pull_request'
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GIT_TOKEN }}
- name: Generate Image Name
id: image
run: |
echo "IMAGE=ghcr.io/${GITHUB_REPOSITORY@L}" >> $GITHUB_OUTPUT
- name: Generate Tags (Release)
uses: docker/metadata-action@v5
if: github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success'
id: metadata-release
with:
context: git
images: |
${{ steps.image.outputs.IMAGE }}
flavor: |
suffix=-py${{ matrix.python_version }}${{ matrix.python_variant }},onlatest=true
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: Generate Labels (Other)
if: github.event_name != 'workflow_run'
uses: docker/metadata-action@v5
id: metadata-other
with:
context: git
images: |
${{ steps.image.outputs.IMAGE }}
flavor: |
suffix=-py${{ matrix.python_version }}${{ matrix.python_variant }},onlatest=true
tags: |
type=edge,value=nightly
type=ref,event=pr
type=sha,event=branch
- name: Create manifest list and push
working-directory: /tmp/digests
run: |
docker buildx imagetools create --dry-run $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ steps.image.outputs.IMAGE }}@sha256:%s ' *)
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ steps.image.outputs.IMAGE }}@sha256:%s ' *)
- name: Generate Tags (Release)
uses: docker/metadata-action@v5
id: metadata-latest-release
if: matrix.python_version == env.LATEST_PYTHON_VERSION && github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success'
with:
context: git
images: |
${{ steps.image.outputs.IMAGE }}
flavor: |
suffix=${{ matrix.python_variant }},onlatest=true
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
- name: Generate Labels (Other)
if: matrix.python_version == env.LATEST_PYTHON_VERSION && github.event_name != 'workflow_run'
uses: docker/metadata-action@v5
id: metadata-latest-other
with:
context: git
images: |
${{ steps.image.outputs.IMAGE }}
flavor: |
suffix=${{ matrix.python_variant }},onlatest=true
tags: |
type=ref,event=pr
type=sha,event=branch
- name: Create manifest list and push for latest python version
if: matrix.python_version == env.LATEST_PYTHON_VERSION
working-directory: /tmp/digests
run: |
docker buildx imagetools create --dry-run $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ steps.image.outputs.IMAGE }}@sha256:%s ' *)
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ steps.image.outputs.IMAGE }}@sha256:%s ' *)