Skip to content

Commit

Permalink
github:action - job, workflow config
Browse files Browse the repository at this point in the history
  • Loading branch information
@lehungio
lehungio committed Jan 5, 2025
1 parent 35e6601 commit 5cc5953
Show file tree
Hide file tree
Showing 2 changed files with 242 additions and 26 deletions.
136 changes: 110 additions & 26 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,14 @@ on:
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
IMAGE_AUTOMATION_TEST: automation-test
IMAGE_UBUNTU: ubuntu-latest
IMAGE_PHP: php-latest

jobs:
# job inspect-code
inspect-code:
name: '[Required] Inspect code'
name: 'Inspect code'
runs-on: ubuntu-latest
steps:
- name: Check out repository
Expand All @@ -31,6 +35,7 @@ jobs:
- name: Check code
run: ls -all

# job manual, workflow manual
manual:
name: 'Manual workflow'
runs-on: ubuntu-latest
Expand All @@ -50,7 +55,8 @@ jobs:
TEST: true
- name: Check code
run: ls -all


# job automation, workflow automation
automation:
name: 'Automation workflow'
runs-on: ubuntu-latest
Expand All @@ -70,17 +76,46 @@ jobs:
TEST: true
- name: Check code
run: ls -all

- name: Set up date and time variable
run: echo "DATE_TIME=$(TZ='Asia/Tokyo' date '+%Y-%m-%d-%H-%M-%S')" >> $GITHUB_ENV
- name: Log in to Docker Hub # https://github.com/docker/login-action
# uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Log in to the Container registry # https://github.com/docker/login-action
# uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker # https://github.com/docker/metadata-action
id: meta
# uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 # using hash
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,${{ env.IMAGE_AUTOMATION_TEST }}-${{ env.DATE_TIME }}
type=ref,enable=true,priority=600,prefix=${{ env.IMAGE_AUTOMATION_TEST }}-,event=branch
type=ref,enable=true,priority=600,prefix=${{ env.IMAGE_AUTOMATION_TEST }}-,event=pr
type=schedule,pattern={{date 'YYYYMMDD-hhmmss' tz='Asia/Tokyo'}}
type=semver,pattern={{raw}} # TODO release only
type=sha # TODO release only
# OS
# Ubuntu
# Ubuntu - manual build and test
# job build ubuntu latest manual
build-ubuntu-latest-manual:
name: '[Manual] Build Ubuntu latest'
needs: manual
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up date and time variable
run: echo "DATE_TIME=$(date '+%Y-%m-%d-%H-%M-%S')" >> $GITHUB_ENV
run: echo "DATE_TIME=$(TZ='Asia/Tokyo' date '+%Y-%m-%d-%H-%M-%S')" >> $GITHUB_ENV
- name: Output date and time
run: |
ls -all;pwd;whoami;
Expand All @@ -103,6 +138,7 @@ jobs:
# docker push ubuntu-latest:${{ env.DATE_TIME }}
# docker push ghcr.io/lecaoquochung/ubuntu-latest:${{ env.DATE_TIME }}
# Ubuntu - automation build and push
build-ubuntu-latest:
name: '[Auto] Build Ubuntu latest'
needs: automation
Expand All @@ -116,48 +152,44 @@ jobs:
steps:
- name: Check out the repo
uses: actions/checkout@v4

- name: Set up date and time variable
run: echo "DATE_TIME=$(date '+%Y-%m-%d-%H-%M-%S')" >> $GITHUB_ENV

- name: Log in to Docker Hub
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
run: echo "DATE_TIME=$(TZ='Asia/Tokyo' date '+%Y-%m-%d-%H-%M-%S')" >> $GITHUB_ENV
- name: Log in to Docker Hub # https://github.com/docker/login-action
# uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
- name: Log in to the Container registry # https://github.com/docker/login-action
# uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

# https://github.com/docker/metadata-action
- name: Extract metadata (tags, labels) for Docker
- name: Extract metadata (tags, labels) for Docker # https://github.com/docker/metadata-action
id: meta
# uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 # using hash
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,${{ env.DATE_TIME }}
type=ref,event=branch
type=ref,event=pr
type=schedule,pattern={{date 'YYYYMMDD-hhmmss' tz='Asia/Tokyo'}}
type=semver,pattern={{raw}}
# type=sha # Can be used with released
- name: Build and push Docker images
type=raw,${{ env.IMAGE_UBUNTU }}-${{ env.DATE_TIME }}
type=ref,enable=true,priority=600,prefix=${{ env.IMAGE_UBUNTU }}-,event=branch
type=ref,enable=true,priority=600,prefix=${{ env.IMAGE_UBUNTU }}-,event=pr
# type=schedule,pattern={{date 'YYYYMMDD-hhmmss' tz='Asia/Tokyo'}}
# type=semver,pattern={{raw}} # TODO release only
# type=sha # TODO release only
- name: Build and push Docker images # https://github.com/docker/build-push-action
id: push
uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
# uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
uses: docker/build-push-action@v6
with:
context: .
file: ./ubuntu/latest.Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

- name: Generate artifact attestation
uses: actions/attest-build-provenance@v2
with:
Expand Down Expand Up @@ -267,6 +299,58 @@ jobs:
- uses: actions/checkout@v4
- name: php-fpm
run: docker build . --file ./php/latest.Dockerfile --tag "php:$(date +%s)"

build-php-latest:
name: '[Auto] Build PHP latest'
needs: automation
runs-on: ubuntu-latest
environment: CI
permissions:
packages: write
contents: read
attestations: write
id-token: write
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Set up date and time variable
run: echo "DATE_TIME=$(TZ='Asia/Tokyo' date '+%Y-%m-%d-%H-%M-%S')" >> $GITHUB_ENV
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker # https://github.com/docker/metadata-action
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,${{ env.IMAGE_PHP }}-${{ env.DATE_TIME }}
type=ref,enable=true,priority=600,prefix=${{ env.IMAGE_PHP }}-,event=branch
type=ref,enable=true,priority=600,prefix=${{ env.IMAGE_PHP }}-,event=pr
- name: Build and push Docker images
id: push
uses: docker/build-push-action@v6
with:
context: .
file: ./php/latest.Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v2
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true

build-php-beta-manual:
name: '[Manual] Build PHP beta'
needs: manual
Expand Down
132 changes: 132 additions & 0 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,132 @@
name: Release

on:
release:
types:
- published

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
IMAGE_AUTOMATION_TEST: automation-test
IMAGE_UBUNTU: ubuntu-latest
IMAGE_PHP: php-latest

jobs:
automation:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
packages: write
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Publish
uses: actions/[email protected]

release-ubuntu-latest:
name: '[Auto] Release Ubuntu latest'
needs: automation
runs-on: ubuntu-latest
environment: CI
permissions:
packages: write
contents: read
attestations: write
id-token: write
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Set up date and time variable
run: echo "DATE_TIME=$(TZ='Asia/Tokyo' date '+%Y-%m-%d-%H-%M-%S')" >> $GITHUB_ENV
- name: Log in to Docker Hub # https://github.com/docker/login-action
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Log in to the Container registry # https://github.com/docker/login-action
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker # https://github.com/docker/metadata-action
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,${{ env.IMAGE_UBUNTU }}
type=ref,enable=true,priority=600,prefix=${{ env.IMAGE_UBUNTU }}-,event=branch
type=semver,enable=true,priority=900,prefix=${{ env.IMAGE_UBUNTU }}-,pattern={{raw}}
type=sha,enable=true,priority=100,prefix=${{ env.IMAGE_UBUNTU }}-sha-,suffix=,format=short
- name: Build and push Docker images # https://github.com/docker/build-push-action
id: push
uses: docker/build-push-action@v6
with:
context: .
file: ./ubuntu/latest.Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v2
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true

release-php-latest:
name: '[Auto] Release PHP latest'
needs: automation
runs-on: ubuntu-latest
environment: CI
permissions:
packages: write
contents: read
attestations: write
id-token: write
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Set up date and time variable
run: echo "DATE_TIME=$(TZ='Asia/Tokyo' date '+%Y-%m-%d-%H-%M-%S')" >> $GITHUB_ENV
- name: Log in to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker # https://github.com/docker/metadata-action
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,${{ env.IMAGE_PHP }}
type=ref,enable=true,priority=600,prefix=${{ env.IMAGE_PHP }}-,event=branch
type=semver,enable=true,priority=900,prefix=${{ env.IMAGE_PHP }}-,pattern={{raw}}
type=sha,enable=true,priority=100,prefix=${{ env.IMAGE_PHP }}-sha-,suffix=,format=short
- name: Build and push Docker images
id: push
uses: docker/build-push-action@v6
with:
context: .
file: ./php/latest.Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v2
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true

0 comments on commit 5cc5953

Please sign in to comment.