-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 0e9a429
Showing
4 changed files
with
104 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| FROM google/cloud-sdk | ||
|
|
||
| COPY pull.sh /pull.sh | ||
|
|
||
| CMD ["/bin/bash", "/pull.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| # docker-push-gcr | ||
| GitHub Workflow Action to push Docker images to Google Container Registry (GCR) | ||
|
|
||
| Required Inputs: | ||
| * image: The Docker image and tag, like "image:latest" | ||
|
|
||
| Optional Inputs: | ||
| * gcr\_location: multi-region location to upload the Docker image to. Defaults | ||
| to gcr.io. Read more [here](https://cloud.google.com/container-registry/docs/pushing-and-pulling#pushing_an_image_to_a_registry) | ||
| * dockerfile: Path to the Dockerfile to build. The Docker image will be built | ||
| from within the folder containing the dockerfile. | ||
| * docker\_build\_script: Path to a script used to build a Docker image. Use this | ||
| if you have a more complex build script. This build script should still result | ||
| in a Docker image being built with the same name as the {image} arg. | ||
|
|
||
| Both the dockerfile and docker\_build\_script args cannot be used at the same time. | ||
|
|
||
| Required Environment Variables: | ||
| * GCLOUD\_SERVICE\_ACCOUNT\_KEY: The service account key needed to push to GCR. | ||
| It is recommended that this account should only have the minimum access needed | ||
| to push an image to GCR. Read more [here](https://cloud.google.com/container-registry/docs/advanced-authentication#json-key) | ||
| * GOOGLE\_PROJECT\_ID: The project ID associated with the Google Cloud Project. | ||
| To find your project ID, follow instructions [here](https://support.google.com/googleapi/answer/7014113?hl=en) | ||
|
|
||
| ## Examples | ||
|
|
||
| Simple example: | ||
| ```ylm | ||
| uses: thompsonja/docker-push-gcr | ||
| with: | ||
| image: "foo_image:latest" | ||
| env: | ||
| GCLOUD_SERVICE_ACCOUNT_KEY: ${{ secrets.GCLOUD_SERVICE_ACCOUNT_KEY }} | ||
| GOOGLE_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }} | ||
| ``` | ||
|
|
||
| Example using a specific Dockerfile, save images to EU servers only: | ||
| ```ylm | ||
| uses: thompsonja/docker-push-gcr | ||
| with: | ||
| gcr_location: "eu.gcr.io" | ||
| image: "foo_image:latest" | ||
| dockerfile: "path/to/Dockerfile" | ||
| env: | ||
| GCLOUD_SERVICE_ACCOUNT_KEY: ${{ secrets.GCLOUD_SERVICE_ACCOUNT_KEY }} | ||
| GOOGLE_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }} | ||
| ``` | ||
|
|
||
| Example using a build script, save images to US servers only: | ||
| ```ylm | ||
| uses: thompsonja/docker-push-gcr | ||
| with: | ||
| gcr_location: "us.gcr.io" | ||
| image: "foo_image:latest" | ||
| docker_build_script: "path/to/docker_build_script.sh" | ||
| env: | ||
| GCLOUD_SERVICE_ACCOUNT_KEY: ${{ secrets.GCLOUD_SERVICE_ACCOUNT_KEY }} | ||
| GOOGLE_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }} | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| name: "Pull Image from GCR" | ||
| description: "Pulls a Docker image from GCR" | ||
| author: "Joshua Thompson" | ||
| branding: | ||
| icon: "download-cloud" | ||
| color: "purple" | ||
| inputs: | ||
| image: | ||
| description: "Full Docker image and tag, like 'gcr.io/<project>/your_image:latest'" | ||
| required: true | ||
| runs: | ||
| using: "docker" | ||
| image: "Dockerfile" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| #!/bin/bash -eu | ||
|
|
||
| docker_pull() { | ||
| if [[ -z "${INPUT_IMAGE:-""}" ]]; then | ||
| echo "Config missing required input 'image'" | ||
| return 1 | ||
| fi | ||
|
|
||
| if [[ -z "${GCLOUD_SERVICE_ACCOUNT_KEY:-""}" ]]; then | ||
| echo "GCLOUD_SERVICE_ACCOUNT_KEY env var required (GitHub secret)" | ||
| return 1 | ||
| fi | ||
|
|
||
| # location, like us.gcr.io, is everything to the left of the first slash of | ||
| # the input image, whereas the image name is everything ot the right of the | ||
| # last slash. | ||
| local -r location="${INPUT_IMAGE%%/*}" | ||
| local -r image_name="${INPUT_IMAGE##*/}" | ||
|
|
||
| echo "${GCLOUD_SERVICE_ACCOUNT_KEY}" \ | ||
| | docker login -u _json_key --password-stdin "https://${location}" | ||
| docker pull "${INPUT_IMAGE}" | ||
| docker tag "${INPUT_IMAGE}" "${image_name}" | ||
| docker rmi "${INPUT_IMAGE}" | ||
| } | ||
|
|
||
| docker_pull "$@" |