diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index dbe751f..43c1cc9 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -12,8 +12,7 @@ permissions: jobs: build-and-push-image: if: github.repository_owner == 'exercism' # Stops this job from running on forks. - # uses: exercism/github-actions/.github/workflows/docker-build-push-image.yml@main - uses: ./.github/workflows/docker-build-push-image-test.yml + uses: exercism/github-actions/.github/workflows/docker-build-push-image.yml@main secrets: AWS_ACCOUNT_ID: ${{secrets.AWS_ACCOUNT_ID}} AWS_REGION: ${{secrets.AWS_REGION}} diff --git a/.github/workflows/docker-build-push-image-test.yml b/.github/workflows/docker-build-push-image-test.yml deleted file mode 100644 index 3aa76a2..0000000 --- a/.github/workflows/docker-build-push-image-test.yml +++ /dev/null @@ -1,154 +0,0 @@ -name: Build and Push Docker image - -on: - workflow_call: - inputs: - aws_ecr: - description: "Push to AWS ECR" - default: true - required: false - type: boolean - docker_hub: - description: "Push to Docker Hub" - default: true - required: false - type: boolean - provenance: - description: "Generate provenance attestation for the build" - default: true - required: false - type: boolean - image_name: - description: "The name of the image to deploy (default: repo name)" - required: false - type: string - platform: - description: "The image's platform (default: linux/amd64)" - default: "linux/amd64" - required: false - type: string - secrets: - AWS_ACCOUNT_ID: - description: "The AWS account ID used to determine the ECR registry" - required: true - AWS_REGION: - description: "The AWS region used to determine the ECR registry" - required: true - AWS_ECR_ACCESS_KEY_ID: - description: "The access key ID used to log into AWS ECR" - required: true - AWS_ECR_SECRET_ACCESS_KEY: - description: "The secret access key ID used to log into AWS ECR" - required: true - DOCKERHUB_USERNAME: - description: "The username used to log into Docker Hub" - required: true - DOCKERHUB_PASSWORD: - description: "The password used to log into Docker Hub" - required: true - DOCKER_BUILD_ARGS: - description: "Docker build arguments" - required: false - -permissions: - contents: write - -jobs: - build-and-push: - runs-on: ubuntu-22.04 - - env: - ECR_REGISTRY: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com - - steps: - - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - with: - # Never deploy from non-main branches - ref: main - - - name: Check if Dockerfile is present - id: dockerfile-exists - run: | - dockerfile_exists=$(test -f Dockerfile && echo 'true' || echo 'false') - if [ "${dockerfile_exists}" == "false" ]; then - echo "::warning:: Skip deploy due to missing Dockerfile" - fi - echo "result=${dockerfile_exists}" >> $GITHUB_OUTPUT - - - name: Set up Docker - uses: docker/setup-docker-action@v4 - with: - daemon-config: | - { - "features": { - "containerd-snapshotter": true - } - } - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - if: steps.dockerfile-exists.outputs.result == 'true' - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 - - - name: Login to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef - if: ${{steps.dockerfile-exists.outputs.result == 'true' && inputs.docker_hub}} - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} - - - name: Login to ECR - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef - if: ${{steps.dockerfile-exists.outputs.result == 'true' && inputs.aws_ecr}} - with: - registry: ${{ env.ECR_REGISTRY }} - username: ${{ secrets.AWS_ECR_ACCESS_KEY_ID }} - password: ${{ secrets.AWS_ECR_SECRET_ACCESS_KEY }} - - - name: Build Docker image - if: ${{steps.dockerfile-exists.outputs.result == 'true' && (inputs.docker_hub || inputs.aws_ecr)}} - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 - with: - context: . - file: ./Dockerfile - load: true - cache-from: type=gha - cache-to: type=gha,mode=max - build-args: ${{ secrets.DOCKER_BUILD_ARGS }} - provenance: false - platforms: ${{ inputs.platform }} - - - name: Push to Docker Hub - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 - if: ${{steps.dockerfile-exists.outputs.result == 'true' && inputs.docker_hub}} - with: - context: . - file: ./Dockerfile - push: true - tags: | - exercism/${{ inputs.image_name || github.event.repository.name }}:latest - exercism/${{ inputs.image_name || github.event.repository.name }}:${{ github.sha }} - cache-from: type=gha - cache-to: type=gha,mode=max - build-args: ${{ secrets.DOCKER_BUILD_ARGS }} - provenance: false - platforms: ${{ inputs.platform }} - - - name: Push to AWS ECR - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 - if: ${{steps.dockerfile-exists.outputs.result == 'true' && inputs.aws_ecr}} - with: - context: . - file: ./Dockerfile - push: true - tags: | - ${{ env.ECR_REGISTRY }}/${{ inputs.image_name || github.event.repository.name }}:production - ${{ env.ECR_REGISTRY }}/${{ inputs.image_name || github.event.repository.name }}:${{ github.sha }} - cache-from: type=gha - cache-to: type=gha,mode=max - build-args: ${{ secrets.DOCKER_BUILD_ARGS }} - provenance: false - platforms: ${{ inputs.platform }}