Skip to content
Create and publish a Docker image

bump feature version. #132

Sign in to view logs

bump feature version.

bump feature version. #132

Workflow file for this run

.github/workflows/cicd.yaml at 011879c
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: Create and publish a Docker image
# Configures this workflow to run every time a change is pushed to the branch called `release`.
on:
workflow_dispatch:
push:
branches:
- 'main'
- 'releases/**'
tags:
- 'v*'
pull_request:
branches:
- 'main'
env:
# Sets the Docker image tag to use for the image built in this workflow.
features_dir: src/features
base_dir: src/devcontainers
context: .devcontainer
workspace_folder: .
readme: README.md
registry: ghcr.io
dockerfile: Dockerfile
server: https://github.com
org: NHSDigital
repository: nhs-notify-devcontainers
vendor: NHS England
node_version: 24
temp_dockerfile: /tmp/Dockerfile.source
image_prefix: nhsdigital/nhs-notify-devcontainer-
workflow_path: .github/workflows/cicd.yaml
# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu.
jobs:
deploy-nhs-notify-feature:
if: ${{ github.ref == 'refs/heads/main' }}
runs-on: ubuntu-latest
permissions:
packages: write
contents: write
pull-requests: write
steps:
- uses: actions/checkout@v3
- uses: dorny/paths-filter@v3
id: changes
with:
filters: |
src:
- '${{ env.features_dir }}/**'
- '${{ env.workflow_path }}'
- if: ${{steps.changes.outputs.src == 'true' || startsWith(github.ref, 'refs/tags/v')}}
name: "Publish Features"
uses: devcontainers/action@v1
with:
publish-features: "true"
base-path-to-features: "./${{ env.features_dir }}"
generate-docs: "false"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
check-if-changed:
needs: deploy-nhs-notify-feature
if: ${{!cancelled() && (needs.deploy-nhs-notify-feature.result == 'success' || needs.deploy-nhs-notify-feature.result == 'skipped')}}
permissions:
contents: read
runs-on: ubuntu-latest
outputs:
src: ${{ steps.changes.outputs.src }}
steps:
- uses: actions/checkout@v3
- uses: dorny/paths-filter@v3
id: changes
with:
filters: |
src:
- '${{env.base_dir}}/**'
- '${{ env.workflow_path }}'
build-and-push-image:
if: ${{ !cancelled() && (needs.check-if-changed.outputs.src == 'true' || startsWith(github.ref, 'refs/tags/v')) }}
needs: check-if-changed
runs-on: ubuntu-latest
strategy:
fail-fast: false
max-parallel: 1
matrix:
include:
- container_name: base
title: NHS Notifiy Devcontainer Base Image
description: Base development container for NHS Notify projects
- container_name: default
title: NHS Notifiy Devcontainer Default Image
description: Default development container for NHS Notify projects
- container_name: loaded
title: NHS Notifiy Devcontainer Loaded Image
description: Loaded development container for NHS Notify projects
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v5
- name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
with:
registry: ${{ env.registry }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/setup-node@v6
with:
node-version: ${{ env.node_version }}
- if: ${{!startsWith(github.ref, 'refs/tags/v')}}
name: Build default
working-directory: ${{env.base_dir}}/${{ matrix.container_name }}
run: |
BRANCH=${{ github.ref_name }}
make build BASE_IMAGE_TAG=$BRANCH IMAGE_NAME=${{ env.registry }}/${{ env.image_prefix }}${{ matrix.container_name }} WORKSPACE_FOLDER=${{ env.workspace_folder }}
- if: ${{startsWith(github.ref, 'refs/tags/v')}}
name: Build lock base image tags to same version
working-directory: ${{env.base_dir}}/${{ matrix.container_name }}
run: |
TAG=${{ github.ref_name }}
TAG_VERSION=${TAG#v}
make build BASE_IMAGE_TAG=$TAG_VERSION IMAGE_NAME=${{ env.registry }}/${{ env.image_prefix }}${{ matrix.container_name }} WORKSPACE_FOLDER=${{ env.workspace_folder }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
with:
images: ${{ env.registry }}/${{ env.image_prefix }}${{ matrix.container_name }}
flavor: |
latest=auto
tags: |
type=schedule
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=ref,event=branch
type=ref,event=pr
type=sha
labels: |
org.opencontainers.image.title= ${{ matrix.title }}
org.opencontainers.image.description=${{ matrix.description }}
org.opencontainers.image.vendor=${{ env.vendor }}
org.opencontainers.image.url=${{ env.server }}/${{ env.org }}/${{ env.repository }}/blob/main/${{ env.base_dir }}/${{matrix.container_name}}/${{ env.readme }}
org.opencontainers.image.source=${{ env.server }}/${{ env.org }}/${{ env.repository }}/tree/main/${{ env.base_dir }}/${{matrix.container_name}}/
- name: create temp dockerfile source
run: echo 'FROM ${{ env.registry }}/${{ env.image_prefix }}${{ matrix.container_name }}' > ${{ env.temp_dockerfile }}
- name: Build and push Docker image
id: push
uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4
with:
context: .
file: ${{ env.temp_dockerfile }}
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v3
with:
subject-name: ${{ env.registry }}/${{ env.image_prefix }}${{ matrix.container_name }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: false