feat: allow build-arg for docker build (#94)

Author: thewhitewizard

.github/workflows/deploy-docker.yml

@@ -3,6 +3,11 @@ name: Build & Deploy Docker
 on:
   workflow_call:
     inputs:
+      build-args:
+        description: "Docker build arguments (multiline format: KEY1=value1\nKEY2=value2)"
+        required: false
+        default: ""
+        type: string
       dockerfile:
         description: "Path to Dockerfile"
         default: "Dockerfile"
@@ -69,6 +74,7 @@ jobs:
     needs: get-tag
     uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/[email protected]
     with:
+      build-args: ${{ inputs.build-args }}
       dockerfile: ${{ inputs.dockerfile }}
       image-name: ${{ inputs.image_name }}
       image-tag: ${{ needs.get-tag.outputs.tag }}

.github/workflows/docker-build.yml

@@ -3,6 +3,10 @@ name: Build, Test and Push Docker Image
 on:
   workflow_call:
     inputs:
+      build-args:
+        description: "Docker build arguments (multiline format: KEY1=value1\nKEY2=value2)"
+        default: ""
+        type: string
       image-name:
         description: "Name of Docker Image"
         type: string
@@ -73,6 +77,7 @@ jobs:
       - name: Build Docker Image
         uses: docker/build-push-action@v6
         with:
+          build-args: ${{ inputs.build-args }}
           context: ${{ inputs.context }}
           file: ${{ inputs.dockerfile }}
           platforms: ${{ inputs.platforms }}
@@ -82,7 +87,15 @@ jobs:
       - name: Build Docker Image as Tarball
         if: ${{ inputs.security-scan }}
         run: |
-          docker build -t ${{ inputs.image-name }}:${{ inputs.image-tag }} -f ${{ inputs.dockerfile }} ${{ inputs.context }}
+          BUILD_ARGS=""
+          if [ -n "${{ inputs.build-args }}" ]; then
+            while IFS= read -r line; do
+              if [ -n "$line" ]; then
+                BUILD_ARGS="$BUILD_ARGS --build-arg $line"
+              fi
+            done <<< "${{ inputs.build-args }}"
+          fi
+          docker build $BUILD_ARGS -t ${{ inputs.image-name }}:${{ inputs.image-tag }} -f ${{ inputs.dockerfile }} ${{ inputs.context }}
           docker save -o vuln-image.tar ${{ inputs.image-name }}:${{ inputs.image-tag }}
 
       - name: Run Trivy vulnerability scanner

deploy-docker/README.md

@@ -12,6 +12,7 @@ This reusable GitHub Actions workflow automates the process of building a Docker
 
 | **Input**        | **Description**                                     | **Required** | **Default**     |
 |------------------|-----------------------------------------------------|--------------|-----------------|
+| **build-args**   | Docker build arguments (multiline format: `KEY1=value1\nKEY2=value2`). | No | `""` |
 | **dockerfile**   | Path to Dockerfile.                                 | No           | `Dockerfile`    |
 | **image_name**   | Full image name (e.g. org/my-api).                  | Yes          | -               |
 | **image_tag**    | Optional tag override (defaults to pushed Git tag). | No           | -               |
@@ -47,6 +48,7 @@ This reusable GitHub Actions workflow automates the process of building a Docker
 - **Depends On**: `get-tag`
 - **Uses**: The docker-build workflow from the same repository.
 - **Inputs**:
+  - Build arguments (optional)
   - Dockerfile path
   - Image name and tag
   - Push configuration (set to true)
@@ -65,10 +67,10 @@ This reusable GitHub Actions workflow automates the process of building a Docker
 
 ## How to Use This Reusable Workflow 🔄
 
-1. **Save the Workflow File**  
+1. **Save the Workflow File**
    This workflow is already saved as `.github/workflows/deploy-docker.yml` in the repository. 💾
 
-2. **Call the Reusable Workflow**  
+2. **Call the Reusable Workflow**
    In another workflow file (e.g., triggered by a release), invoke this reusable workflow like so:
 
    ```yaml
@@ -81,6 +83,9 @@ This reusable GitHub Actions workflow automates the process of building a Docker
      deploy:
        uses: iExecBlockchainComputing/github-actions-workflows/.github/workflows/deploy-docker.yml@main
        with:
+         build-args: |
+           BUILD_VERSION=1.0.0
+           NODE_ENV=production
          dockerfile: 'path/to/Dockerfile'
          image_name: 'your-org/your-app'
          remote_host: '[email protected]'
@@ -91,7 +96,7 @@ This reusable GitHub Actions workflow automates the process of building a Docker
          ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
    ```
 
-3. **Configure Secrets**  
+3. **Configure Secrets**
    Ensure that the following secrets are added to your repository's settings:
    - `DOCKERHUB_USERNAME`: Your DockerHub username
    - `DOCKERHUB_PASSWORD`: Your DockerHub password or access token

docker-build/README.md

@@ -19,16 +19,17 @@ This reusable GitHub Actions workflow automates the process of building and push
 
 | Name              | Description                                                                        | Required | Default                     |
 | ----------------- | ---------------------------------------------------------------------------------- | -------- | --------------------------- |
+| `build-args`      | Docker build arguments (multiline format: `KEY1=value1\nKEY2=value2`)              | No       | `""`                        |
+| `context`         | Path to Docker Build Context                                                       | No       | `"."`                       |
+| `dockerfile`      | Path to the Dockerfile to build (e.g., './Dockerfile', './docker/Dockerfile')      | No       | `"Dockerfile"`              |
+| `hadolint`        | Enable Hadolint                                                                    | No       | `true`                      |
 | `image-name`      | Name of Docker Image (e.g., 'myimage', 'myorg/myimage')                            | true     | -                           |
 | `image-tag`       | Tag to apply to the built image (e.g., 'latest', 'v1.2.3')                         | No       | `"latest"`                  |
-| `dockerfile`      | Path to the Dockerfile to build (e.g., './Dockerfile', './docker/Dockerfile')      | No       | `"Dockerfile"`              |
-| `context`         | Path to Docker Build Context                                                       | No       | `"."`                       |
 | `platforms`       | Indicates which platforms the image should be built for                            | No       | `"linux/amd64,linux/arm64"` |
-| `registry`        | Docker Registry                                                                    | No       | `"docker.io"`               |
 | `push`            | Push Docker Image to Registry                                                      | No       | `false`                     |
-| `security-scan`   | Enable Trivy Security Scan                                                         | No       | `true`                      |
+| `registry`        | Docker Registry                                                                    | No       | `"docker.io"`               |
 | `security-report` | Security Report Mode (`"sarif"` \| `"comment"`; ignored if `security-scan: false`) | No       | `"sarif"`                   |
-| `hadolint`        | Enable Hadolint                                                                    | No       | `true`                      |
+| `security-scan`   | Enable Trivy Security Scan                                                         | No       | `true`                      |
 
 ## 🔐 Secrets
 
@@ -62,6 +63,9 @@ jobs:
         with:
           image-name: "username/my-image"
           dockerfile: "Dockerfile"
+          build-args: |
+            BUILD_VERSION=1.0.0
+            NODE_ENV=production
         secrets:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PAT }}