-
Notifications
You must be signed in to change notification settings - Fork 543
155 lines (135 loc) · 6.84 KB
/
docker-image.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#############################################################################
# Local testing of this workflow can be carried out using
# act (https://github.com/nektos/act).
#
# Act will set an environment variable, ACT, to indicate that it is running the workflow.
# This environment variable is used to skip some build steps, such as logging in to
# a container registry and pushing container images.
#
# On first run, act will prompt you to select a micro, medium or large runner image. This
# workflow can be run using the medium image.
#
# Some actions, such as docker/metadata-action, require a GITHUB_TOKEN. To meet this
# requirement when using act you will need to create a Personal Access Token on GitHub.
# You can then run act using a command similar to:
# act --job docker_build --secret GITHUB_TOKEN
# Act will then prompt you to enter your token.
#############################################################################
# Docker push will only occur if configuration variable DO_DOCKER_PUSH is set to 'true'.
# This ensures that repository forks do not attempt push to the ghcr.io/apache/ofbiz container registry.
# See https://docs.github.com/en/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows
# for more information on configuring variables for a repository.
name: Build and push docker images
on:
push:
branches: [ trunk ]
tags:
- '**'
permissions:
contents: read
packages: write
jobs:
docker_build:
name: Build and push OFBiz docker container images
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: Check out OFBiz sources
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Log in to the Container registry
if: ${{ !env.ACT && vars.DO_DOCKER_PUSH == 'true' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
############################################################################
# Build and push a container image of the OFBiz Framework without any data loaded.
- name: Determine metadata (tags, labels) for Docker runtime build
id: runtimemeta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ghcr.io/apache/ofbiz
tags: |
# Extract container tag from git tag.
type=match,pattern=release(.*),group=1
# Build container tag based on branch name and string '-snapshot'
type=ref,event=branch,suffix=-snapshot,priority=650
- name: Update VERSION file
run: |
# Populate the VERSION file based on the outputs of the metadata-action above.
# The same VERSION file will be used for all container images built in this workflow.
# Set the version label for this build.
echo "${{fromJSON(steps.runtimemeta.outputs.json).labels['org.opencontainers.image.version']}}. " > VERSION
# Append the git commit SHA.
echo '${uiLabelMap.CommonRevision}:' "${{fromJSON(steps.runtimemeta.outputs.json).labels['org.opencontainers.image.revision']}}. " >> VERSION
# Append the timestamp.
echo '${uiLabelMap.CommonBuiltOn}:' "${{fromJSON(steps.runtimemeta.outputs.json).labels['org.opencontainers.image.created']}}. " >> VERSION
echo "Version file contents:"
cat VERSION
- name: Build and push runtime docker image
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
target: runtime
push: ${{ !env.ACT && vars.DO_DOCKER_PUSH == 'true' }}
tags: ${{ steps.runtimemeta.outputs.tags }}
labels: ${{ steps.runtimemeta.outputs.labels }}
############################################################################
# Build and push a container image of the OFBiz Framework preloaded with demo data
- name: Determine metadata (tags, labels) for Docker demo-preload build
id: demometa
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ghcr.io/apache/ofbiz
tags: |
type=match,pattern=release(.*),group=1,suffix=-preloaddemo
type=ref,event=branch,suffix=-preloaddemo-snapshot,priority=650
- name: Build and push demo docker image
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
target: demo
push: ${{ !env.ACT && vars.DO_DOCKER_PUSH == 'true' }}
tags: ${{ steps.demometa.outputs.tags }}
labels: ${{ steps.demometa.outputs.labels }}
############################################################################
# Build and push a container image of the OFBiz Framework plus Plugins,
# without any data loaded.
- name: Grant execute permission for pullAllPluginsSource.sh
run: chmod +x pullAllPluginsSource.sh
- name: Load all plugins
run: ./pullAllPluginsSource.sh
- name: Determine metadata (tags, labels) for Docker framework with plugins build
id: pluginsmeta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ghcr.io/apache/ofbiz
tags: |
type=match,pattern=release(.*),group=1,suffix=-plugins
type=ref,event=branch,suffix=-plugins-snapshot,priority=650
- name: Build and push framework with plugins docker image
uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0
with:
context: .
target: runtime
push: ${{ !env.ACT && vars.DO_DOCKER_PUSH == 'true' }}
tags: ${{ steps.pluginsmeta.outputs.tags }}
labels: ${{ steps.pluginsmeta.outputs.labels }}