Build and push container images #101
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Build and push container images | |
on: | |
push: | |
pull_request: | |
workflow_dispatch: | |
repository_dispatch: | |
types: [dispatch-build] | |
schedule: | |
# * is a special character in YAML so you have to quote this string | |
- cron: '0 5 * * 0' | |
jobs: | |
build-image-list: | |
runs-on: ubuntu-latest | |
outputs: | |
images: ${{ steps.image-list.outputs.json }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- id: image-list | |
run: | | |
ORG_DIR=htc | |
# List all image root dirs. Example value: | |
# "osg-htc/rocky:8 osg-htc/debian:12" | |
images_all=$(find $ORG_DIR -mindepth 1 \ | |
-maxdepth 1 \ | |
-type d \ | |
-printf "$ORG_DIR/%P\n" \ | |
| sort) | |
# Get the list of files changed based on the type of event | |
# kicking off the GHA: | |
# 1. For the main branch, diff the previous state of main vs | |
# the current commit | |
# 2. For other branches (i.e., on someone's fork), diff main | |
# vs the current commit | |
# 3. For PRs, diff the base ref vs the current commit | |
# 4. For everything else (e.g., dispatches), build all images | |
# Disable this section if running under "act" | |
if [[ $ACT != 'true' ]]; then | |
if [[ $GITHUB_EVENT_NAME == 'pull_request' ]] || | |
[[ $GITHUB_EVENT_NAME == 'push' ]]; then | |
if [[ $GITHUB_EVENT_NAME == 'pull_request' ]]; then | |
BASE=$(git merge-base origin/$GITHUB_BASE_REF HEAD) | |
elif [[ $GITHUB_REF == 'refs/heads/main' ]]; then | |
BASE=${{github.event.before}} | |
else | |
BASE=origin/main | |
fi | |
# List image root dirs where files have changed and the | |
# root dir exists. Example value: | |
# "osg-htc/rocky:8 osg-htc/debian:12" | |
images=$(git diff --name-only \ | |
"$BASE" \ | |
"$GITHUB_SHA" | | |
egrep "^$ORG_DIR/" | | |
cut -d/ -f -2 | | |
sort | | |
uniq | | |
xargs -I {} find . -type d \ | |
-wholename ./{} \ | |
-printf "%P\n") | |
fi | |
fi | |
# pass back the changed list, or all if no specific changes where found | |
if [ "x$images" = "x" ]; then | |
images="$images_all" | |
fi | |
image_json=$(echo -n "${images}" | jq -Rcs '.|split("\n")') | |
echo "json=$image_json" | |
echo "json=$image_json" >> $GITHUB_OUTPUT | |
build_push: | |
runs-on: ubuntu-latest | |
needs: build-image-list | |
# Prevent a single build failure from killing the workflow. | |
# This is safe since subsequent pushes should fail on cache load | |
continue-on-error: true | |
strategy: | |
fail-fast: false | |
matrix: | |
image: ${{ fromJson(needs.build-image-list.outputs.images) }} | |
steps: | |
- name: Set up Docker Buildx | |
if: success() | |
uses: docker/setup-buildx-action@v3 | |
- name: Container Registry Login | |
uses: docker/login-action@v3 | |
with: | |
registry: hub.opensciencegrid.org | |
username: ${{ secrets.OSG_HARBOR_ROBOT_USER }} | |
password: ${{ secrets.OSG_HARBOR_ROBOT_PASSWORD }} | |
- name: Build ${{ matrix.image }} | |
uses: docker/build-push-action@v5 | |
with: | |
context: "{{defaultContext}}:${{ matrix.image }}" | |
tags: hub.opensciencegrid.org/${{ matrix.image }} | |
push: true | |