Skip to content

Updates to latest docker images, aligning maven version (#125) #33

Updates to latest docker images, aligning maven version (#125)

Updates to latest docker images, aligning maven version (#125) #33

# yamllint --format github .github/workflows/deploy.yml
---
name: deploy webmvc4-boot
on:
# We deploy non-tagged pushes to master relevant for this project. We can't opt out of
# documentation-only commits because GH actions does not permit paths and paths-ignore.
push:
tags: ''
branches: master
paths:
- "build-bin/**"
- "docker/**"
- "webmvc4-boot/**"
- ".github/workflows/deploy-webmvc4-boot.yaml"
- "parent-pom.xml"
jobs:
deploy:
runs-on: ubuntu-22.04 # newest available distribution, aka jellyfish
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Cache local Maven repository
uses: actions/cache@v3
with:
path: ./m2repository # Shared with the Docker build context via .dockerignore
key: ${{ runner.os }}-webmvc4-boot-maven-${{ hashFiles('parent-pom.xml', 'webmvc4-boot/pom.xml') }}
restore-keys: ${{ runner.os }}-webmvc4-boot-maven-
# Don't attempt to cache Docker. Sensitive information can be stolen
# via forks, and login session ends up in ~/.docker. This is ok because
# we publish DOCKER_PARENT_IMAGE to ghcr.io, hence local to the runner.
- name: Deploy webmvc4-boot
env:
# GH_USER=<user that created GH_TOKEN>
GH_USER: ${{ secrets.GH_USER }}
# GH_TOKEN=<hex token value>
# - pushes Docker images to ghcr.io
# - create via https://github.com/settings/tokens
# - needs repo:status, public_repo, write:packages, delete:packages
GH_TOKEN: ${{ secrets.GH_TOKEN }}
run: |
build-bin/configure_deploy webmvc4-boot &&
build-bin/deploy webmvc4-boot