Skip to content

oci-image-publish-on-comment #58

oci-image-publish-on-comment

oci-image-publish-on-comment #58

name: oci-image-publish-on-comment
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
on:
issue_comment:
types: [created]
env:
DOCKERHUB_USERNAME: ${{ vars.DOCKERHUB_USERNAME }}
IMAGE_NAME: ${{ vars.IMAGE_NAME }}
REGISTRY: ${{ vars.REGISTRY }}
jobs:
build:
runs-on: ubuntu-latest
if: github.event.issue.pull_request && contains(github.event.comment.body, '/publish') && github.event.comment.user.login == 'Oded-B'
permissions:
contents: read
packages: write
# This is used to complete the identity challenge
# with sigstore/fulcio when running outside of PRs.
id-token: write
statuses: write
pull-requests: write
issues: write
steps:
- name: Get PR branch
uses: xt0rted/pull-request-comment-branch@v2
id: comment-branch
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ steps.comment-branch.outputs.head_ref }}
- name: Set latest commit status as pending
uses: myrotvorets/set-commit-status-action@master
with:
sha: ${{ steps.comment-branch.outputs.head_sha }}
token: ${{ secrets.GITHUB_TOKEN }}
status: pending
# Workaround: https://github.com/docker/build-push-action/issues/461
- name: Setup Docker buildx
uses: docker/setup-buildx-action@5138f76647652447004da686b2411557eaf65f33
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into GH registry (ghcr.io)
uses: docker/login-action@70fccc794acd729b2b22dd6a326895f286447728
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Log into Docker Hub registry
if: env.DOCKERHUB_USERNAME != ''
uses: docker/login-action@70fccc794acd729b2b22dd6a326895f286447728
with:
username: ${{ env.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
# 1st image name is for GH package repo
# 2nd image name is for DockerHub image
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@f7b4ed12385588c3f9bc252f0a2b520d83b52d48
with:
context: git
images: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=sha
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@2a53c6ccda456d31fb62eedc658aae06e238b7bd
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Extract Docker metadata - alpine
id: meta-alpine
uses: docker/metadata-action@f7b4ed12385588c3f9bc252f0a2b520d83b52d48
with:
context: git
images: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=ref,event=branch
type=ref,event=pr
type=sha
flavor: prefix=alpine-,onlatest=true
- name: Build and push Docker image - alpine
id: build-and-push-alpine
uses: docker/build-push-action@2a53c6ccda456d31fb62eedc658aae06e238b7bd
with:
context: .
target: alpine-release
push: true
tags: ${{ steps.meta-alpine.outputs.tags }}
labels: ${{ steps.meta-alpine.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Set latest commit status as ${{ job.status }}
uses: myrotvorets/set-commit-status-action@master
if: always()
with:
sha: ${{ steps.comment-branch.outputs.head_sha }}
token: ${{ secrets.GITHUB_TOKEN }}
status: ${{ job.status }}
- name: Add comment to PR
uses: actions/github-script@v7
if: always()
with:
script: |
const name = '${{ github.workflow }}';
const url = '${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}';
const success = '${{ job.status }}' === 'success';
const body = `${name}: ${success ? 'succeeded ✅' : 'failed ❌'}\n${url}\n${{ steps.meta.outputs.tags }}`;
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
})