diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index e61ba556..70321c9a 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -7,139 +7,27 @@ name: Docker on: push: - branches: [ gh-images ] + branches: [gh-images] # Publish semver tags as releases. - tags: [ 'v*.*.*' ] + tags: ["v*.*.*"] env: REGISTRY: ghcr.io REGISTRY_WITH_PATH: ghcr.io/${{ github.repository_owner }} - jobs: - - build-secrets: - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - name: Checkout submodules - run: git submodule update -i - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 - with: - images: ${{ env.REGISTRY_WITH_PATH }}/central-secrets - # generate Docker tags based on the following events/attributes - tags: | - type=ref,event=branch - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}}.{{hotfix}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} - type=sha - - name: Build and push secrets Docker image - uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc - with: - file: secrets.dockerfile - context: . - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - build-nginx: - #needs: checkout_meta - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - name: Checkout submodules - run: git submodule update -i - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 - with: - images: ${{ env.REGISTRY_WITH_PATH }}/central-nginx - # generate Docker tags based on the following events/attributes - tags: | - type=ref,event=branch - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}}.{{hotfix}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} - type=sha - - name: Build and push nginx Docker image - uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc - with: - file: nginx.dockerfile - context: . - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - build-service: - #needs: checkout_meta - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - name: Checkout submodules - run: git submodule update -i - - name: Log into registry ${{ env.REGISTRY }} - if: github.event_name != 'pull_request' - uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 - with: - images: ${{ env.REGISTRY_WITH_PATH }}/central-service - # generate Docker tags based on the following events/attributes - tags: | - type=ref,event=branch - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}}.{{hotfix}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} - type=sha - - name: Build and push service Docker image - uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc - with: - file: service.dockerfile - context: . - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - - build-enketo: - #needs: checkout_meta + build-push-image: + strategy: + matrix: + image: [secrets, nginx, service, enketo] + build_args: [""] + flavor: [""] + include: + - image: nginx + flavor: | + prefix=oidc,onlatest=true + build_args: | + OIDC_ENABLED=true runs-on: ubuntu-latest permissions: contents: read @@ -160,7 +48,8 @@ jobs: id: meta uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 with: - images: ${{ env.REGISTRY_WITH_PATH }}/central-enketo + images: ${{ env.REGISTRY_WITH_PATH }}/central-${{ matrix.image }} + flavor: ${{ matrix.flavor }} # generate Docker tags based on the following events/attributes tags: | type=ref,event=branch @@ -169,11 +58,12 @@ jobs: type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} type=sha - - name: Build and push enketo Docker image + - name: Build and push ${{ matrix.image }} Docker image uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc with: - file: enketo.dockerfile + file: ${{ matrix.image }}.dockerfile context: . + build-args: ${{ matrix.build_args }} push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }}