Skip to content

Commit 9cc4846

Browse files
JohanDevlJohanDevl
committed
fix: enable Docker image builds for pull requests
- Add dedicated docker-pr job for building PR-specific Docker images - PR images tagged as PR-{number} for easy testing and identification - Update notification job to handle both production and PR builds - Enhance workflow summary to show appropriate Docker image links - Maintain separation between production and PR builds for security
1 parent 99a60ff commit 9cc4846

File tree

1 file changed

+85
-7
lines changed

1 file changed

+85
-7
lines changed

.github/workflows/ci-cd.yml

Lines changed: 85 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -111,7 +111,7 @@ jobs:
111111
name: export-trakt-binary
112112
path: build/export_trakt
113113

114-
# Job 2: Build and Push Docker Images
114+
# Job 2: Build and Push Docker Images (Production)
115115
docker:
116116
name: Build and Push Docker Images
117117
runs-on: ubuntu-latest
@@ -210,6 +210,79 @@ jobs:
210210
with:
211211
sarif_file: "trivy-results.sarif"
212212

213+
# Job 2b: Build and Push Docker Images for Pull Requests
214+
docker-pr:
215+
name: Build and Push Docker Images (PR)
216+
runs-on: ubuntu-latest
217+
needs: test-and-build
218+
if: github.event_name == 'pull_request'
219+
permissions:
220+
contents: read
221+
packages: write
222+
223+
steps:
224+
- name: Checkout repository
225+
uses: actions/checkout@v4
226+
227+
- name: Download build artifact
228+
uses: actions/download-artifact@v4
229+
with:
230+
name: export-trakt-binary
231+
path: build
232+
233+
- name: Make binary executable
234+
run: chmod +x build/export_trakt
235+
236+
- name: Set up QEMU
237+
uses: docker/setup-qemu-action@v3
238+
239+
- name: Set up Docker Buildx
240+
uses: docker/setup-buildx-action@v3
241+
242+
- name: Extract metadata for Docker (PR)
243+
id: meta
244+
uses: docker/metadata-action@v5
245+
with:
246+
images: |
247+
${{ env.REGISTRY_IMAGE }}
248+
${{ env.GITHUB_IMAGE }}
249+
tags: |
250+
# PR tags - for pull request testing
251+
type=ref,event=pr,prefix=PR-
252+
253+
- name: Log in to Docker Hub
254+
uses: docker/login-action@v3
255+
with:
256+
username: ${{ secrets.DOCKERHUB_USERNAME }}
257+
password: ${{ secrets.DOCKERHUB_TOKEN }}
258+
259+
- name: Log in to GitHub Container Registry
260+
uses: docker/login-action@v3
261+
with:
262+
registry: ${{ env.GITHUB_REGISTRY }}
263+
username: ${{ github.actor }}
264+
password: ${{ secrets.GITHUB_TOKEN }}
265+
266+
- name: Set build date
267+
id: build_date
268+
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
269+
270+
- name: Build and push Docker image (PR)
271+
uses: docker/build-push-action@v6
272+
with:
273+
context: .
274+
file: ./Dockerfile
275+
push: true
276+
platforms: linux/amd64,linux/arm64,linux/arm/v7
277+
tags: ${{ steps.meta.outputs.tags }}
278+
labels: ${{ steps.meta.outputs.labels }}
279+
cache-from: type=gha,scope=${{ github.workflow }}-pr-${{ github.event.number }}
280+
cache-to: type=gha,mode=max,scope=${{ github.workflow }}-pr-${{ github.event.number }}
281+
build-args: |
282+
VERSION=${{ needs.test-and-build.outputs.version }}
283+
COMMIT_SHA=${{ github.sha }}
284+
BUILD_DATE=${{ steps.build_date.outputs.BUILD_DATE }}
285+
213286
# Job 3: Test Docker Image
214287
docker-test:
215288
name: Test Docker Image
@@ -250,15 +323,15 @@ jobs:
250323
# Job 4: Notification and Summary
251324
notify:
252325
name: Notify and Summarize
253-
needs: [test-and-build, docker, docker-test]
326+
needs: [test-and-build, docker, docker-pr, docker-test]
254327
runs-on: ubuntu-latest
255328
if: always()
256329

257330
steps:
258331
- name: Check overall result
259332
id: check
260333
run: |
261-
if ${{ needs.test-and-build.result == 'success' && (needs.docker.result == 'success' || needs.docker.result == 'skipped') && (needs.docker-test.result == 'success' || needs.docker-test.result == 'skipped') }}; then
334+
if ${{ needs.test-and-build.result == 'success' && (needs.docker.result == 'success' || needs.docker.result == 'skipped') && (needs.docker-pr.result == 'success' || needs.docker-pr.result == 'skipped') && (needs.docker-test.result == 'success' || needs.docker-test.result == 'skipped') }}; then
262335
echo "status=success" >> $GITHUB_OUTPUT
263336
echo "✅ All jobs completed successfully"
264337
else
@@ -274,16 +347,21 @@ jobs:
274347
echo "- **Go Tests & Build**: ${{ needs.test-and-build.result }}" >> $GITHUB_STEP_SUMMARY
275348
echo "- **Coverage**: ${{ needs.test-and-build.outputs.coverage }}%" >> $GITHUB_STEP_SUMMARY
276349
echo "- **Version**: ${{ needs.test-and-build.outputs.version }}" >> $GITHUB_STEP_SUMMARY
277-
if [ "${{ github.event_name }}" != "pull_request" ]; then
350+
if [ "${{ github.event_name }}" == "pull_request" ]; then
351+
echo "- **Docker Build (PR)**: ${{ needs.docker-pr.result }}" >> $GITHUB_STEP_SUMMARY
352+
else
278353
echo "- **Docker Build**: ${{ needs.docker.result }}" >> $GITHUB_STEP_SUMMARY
279354
echo "- **Docker Test**: ${{ needs.docker-test.result }}" >> $GITHUB_STEP_SUMMARY
280355
fi
281356
echo "" >> $GITHUB_STEP_SUMMARY
282357
if [ "${{ steps.check.outputs.status }}" == "success" ]; then
283358
echo "### ✅ Pipeline Status: SUCCESS" >> $GITHUB_STEP_SUMMARY
284-
if [ "${{ github.event_name }}" != "pull_request" ]; then
285-
echo "" >> $GITHUB_STEP_SUMMARY
286-
echo "### 🐳 Docker Images Published" >> $GITHUB_STEP_SUMMARY
359+
echo "" >> $GITHUB_STEP_SUMMARY
360+
echo "### 🐳 Docker Images Published" >> $GITHUB_STEP_SUMMARY
361+
if [ "${{ github.event_name }}" == "pull_request" ]; then
362+
echo "- Docker Hub: \`${{ env.REGISTRY_IMAGE }}:PR-${{ github.event.number }}\`" >> $GITHUB_STEP_SUMMARY
363+
echo "- GitHub Packages: \`${{ env.GITHUB_IMAGE }}:PR-${{ github.event.number }}\`" >> $GITHUB_STEP_SUMMARY
364+
else
287365
echo "- Docker Hub: \`${{ env.REGISTRY_IMAGE }}:${{ needs.test-and-build.outputs.version }}\`" >> $GITHUB_STEP_SUMMARY
288366
echo "- GitHub Packages: \`${{ env.GITHUB_IMAGE }}:${{ needs.test-and-build.outputs.version }}\`" >> $GITHUB_STEP_SUMMARY
289367
fi

0 commit comments

Comments
 (0)