From 0e9a429b898e51fcbdfe19cfe654a69692bd737d Mon Sep 17 00:00:00 2001 From: Joshua Thompson Date: Wed, 27 May 2020 13:25:41 -0700 Subject: [PATCH] Initial commit --- Dockerfile | 5 +++++ README.md | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ action.yml | 13 ++++++++++++ pull.sh | 27 +++++++++++++++++++++++++ 4 files changed, 104 insertions(+) create mode 100644 Dockerfile create mode 100644 README.md create mode 100644 action.yml create mode 100644 pull.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..1bf10a7 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,5 @@ +FROM google/cloud-sdk + +COPY pull.sh /pull.sh + +CMD ["/bin/bash", "/pull.sh"] diff --git a/README.md b/README.md new file mode 100644 index 0000000..e5b52fe --- /dev/null +++ b/README.md @@ -0,0 +1,59 @@ +# docker-push-gcr +GitHub Workflow Action to push Docker images to Google Container Registry (GCR) + +Required Inputs: +* image: The Docker image and tag, like "image:latest" + +Optional Inputs: +* gcr\_location: multi-region location to upload the Docker image to. Defaults + to gcr.io. Read more [here](https://cloud.google.com/container-registry/docs/pushing-and-pulling#pushing_an_image_to_a_registry) +* dockerfile: Path to the Dockerfile to build. The Docker image will be built + from within the folder containing the dockerfile. +* docker\_build\_script: Path to a script used to build a Docker image. Use this + if you have a more complex build script. This build script should still result + in a Docker image being built with the same name as the {image} arg. + +Both the dockerfile and docker\_build\_script args cannot be used at the same time. + +Required Environment Variables: +* GCLOUD\_SERVICE\_ACCOUNT\_KEY: The service account key needed to push to GCR. + It is recommended that this account should only have the minimum access needed + to push an image to GCR. Read more [here](https://cloud.google.com/container-registry/docs/advanced-authentication#json-key) +* GOOGLE\_PROJECT\_ID: The project ID associated with the Google Cloud Project. + To find your project ID, follow instructions [here](https://support.google.com/googleapi/answer/7014113?hl=en) + +## Examples + +Simple example: +```ylm +uses: thompsonja/docker-push-gcr +with: + image: "foo_image:latest" + env: + GCLOUD_SERVICE_ACCOUNT_KEY: ${{ secrets.GCLOUD_SERVICE_ACCOUNT_KEY }} + GOOGLE_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }} +``` + +Example using a specific Dockerfile, save images to EU servers only: +```ylm +uses: thompsonja/docker-push-gcr +with: + gcr_location: "eu.gcr.io" + image: "foo_image:latest" + dockerfile: "path/to/Dockerfile" + env: + GCLOUD_SERVICE_ACCOUNT_KEY: ${{ secrets.GCLOUD_SERVICE_ACCOUNT_KEY }} + GOOGLE_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }} +``` + +Example using a build script, save images to US servers only: +```ylm +uses: thompsonja/docker-push-gcr +with: + gcr_location: "us.gcr.io" + image: "foo_image:latest" + docker_build_script: "path/to/docker_build_script.sh" + env: + GCLOUD_SERVICE_ACCOUNT_KEY: ${{ secrets.GCLOUD_SERVICE_ACCOUNT_KEY }} + GOOGLE_PROJECT_ID: ${{ secrets.GOOGLE_PROJECT_ID }} +``` diff --git a/action.yml b/action.yml new file mode 100644 index 0000000..1eb8aab --- /dev/null +++ b/action.yml @@ -0,0 +1,13 @@ +name: "Pull Image from GCR" +description: "Pulls a Docker image from GCR" +author: "Joshua Thompson" +branding: + icon: "download-cloud" + color: "purple" +inputs: + image: + description: "Full Docker image and tag, like 'gcr.io//your_image:latest'" + required: true +runs: + using: "docker" + image: "Dockerfile" diff --git a/pull.sh b/pull.sh new file mode 100644 index 0000000..00508ff --- /dev/null +++ b/pull.sh @@ -0,0 +1,27 @@ +#!/bin/bash -eu + +docker_pull() { + if [[ -z "${INPUT_IMAGE:-""}" ]]; then + echo "Config missing required input 'image'" + return 1 + fi + + if [[ -z "${GCLOUD_SERVICE_ACCOUNT_KEY:-""}" ]]; then + echo "GCLOUD_SERVICE_ACCOUNT_KEY env var required (GitHub secret)" + return 1 + fi + + # location, like us.gcr.io, is everything to the left of the first slash of + # the input image, whereas the image name is everything ot the right of the + # last slash. + local -r location="${INPUT_IMAGE%%/*}" + local -r image_name="${INPUT_IMAGE##*/}" + + echo "${GCLOUD_SERVICE_ACCOUNT_KEY}" \ + | docker login -u _json_key --password-stdin "https://${location}" + docker pull "${INPUT_IMAGE}" + docker tag "${INPUT_IMAGE}" "${image_name}" + docker rmi "${INPUT_IMAGE}" +} + +docker_pull "$@"