andreijiroh.dev / site
~ajhalili2006's personal website, built with Zensical (successor of Material for Mkdocs) [old repo name got bugged while attempting to do manual knot migration via repo deletion] andreijiroh.dev
zensical mkdocs-material website
fork atom
site / .github / workflows / docker.yml
at c1c5702bd37e80aa6ebdafd82bca392dbceb68fa 6.2 kB view raw
1name: Docker CI 2 3# This workflow uses actions that are not certified by GitHub. 4# They are provided by a third-party and are governed by 5# separate terms of service, privacy policy, and support 6# documentation. 7 8on: 9 schedule: 10 - cron: '30 22 * * *' 11 push: 12 pull_request: 13 branches: [ "main" ] 14 15env: 16 # github.repository as <account>/<repo> 17 IMAGE_NAME: ${{ github.repository }} 18 19jobs: 20 build-ci: 21 name: Build environment for GitLab CI/CD 22 runs-on: ubuntu-latest 23 permissions: 24 contents: read 25 packages: write 26 # This is used to complete the identity challenge 27 # with sigstore/fulcio when running outside of PRs. 28 id-token: write 29 30 steps: 31 - name: Checkout repository 32 uses: actions/checkout@v4 33 34 # Workaround: https://github.com/docker/build-push-action/issues/461 35 - name: Setup Docker buildx 36 uses: docker/setup-buildx-action@v2 37 with: 38 buildkitd-flags: --debug 39 40 # Login against a Docker registry except on PR 41 # https://github.com/docker/login-action 42 - name: Log into GHCR 43 if: github.event_name != 'pull_request' 44 uses: docker/login-action@v2 45 with: 46 registry: ghcr.io 47 username: ${{ secrets.HUB_USERNAME }} 48 password: ${{ secrets.HUB_TOKEN }} 49 - name: Log into RHQCR 50 if: github.event_name != 'pull_request' 51 uses: docker/login-action@v2 52 with: 53 registry: quay.io 54 username: ${{ secrets.RHQCR_BOT_USERNAME }} 55 password: ${{ secrets.RHQCR_BOT_TOKEN }} 56 57 # Extract metadata (tags, labels) for Docker 58 # https://github.com/docker/metadata-action 59 - name: Extract Docker metadata 60 id: meta 61 uses: docker/metadata-action@v4 62 with: 63 images: | 64 ghcr.io/${{ env.IMAGE_NAME }}/build-ci 65 quay.io/ajhalili2006/mkdocs-material-build-ci 66 tags: | 67 type=raw,value=latest,enable={{is_default_branch}} 68 type=sha,enable=true,priority=100,prefix=commit-,suffix=,format=long 69 type=schedule,pattern=nightly 70 type=schedule,prefix=nightly-,pattern={{date 'YYYYMMDDhhmmss'}} 71 type=raw,prefix=branch-,value={{branch}} 72 - uses: hadolint/hadolint-action@v3.1.0 73 with: 74 dockerfile: docker/Dockerfile 75 76 # Build and push Docker image with Buildx (don't push on PR) 77 # https://github.com/docker/build-push-action 78 - name: Build and push Docker image 79 id: build-and-push 80 uses: docker/build-push-action@v4.1.1 81 with: 82 context: docker 83 platforms: linux/amd64 84 #file: Dockerfile 85 # workaround: https://github.com/moby/buildkit/issues/2713#issuecomment-1068540101 86 push: true 87 #load: true 88 tags: ${{ steps.meta.outputs.tags }} 89 labels: ${{ steps.meta.outputs.labels }} 90 cache-from: | 91 type=registry,ref=quay.io/ajhalili2006/mkdocs-material-build-ci:buildkit-cache-web 92 type=registry,ref=quay.io/ajhalili2006/mkdocs-material-build-ci:branch-main 93 type=registry,ref=quay.io/ajhalili2006/mkdocs-material-build-ci:latest 94 #cache-to: type=registry,ref=quay.io/ajhalili2006/mkdocs-material-build-ci:buildkit-cache-web 95 devenv: 96 name: Generate Gitpod workspace image snapshot 97 runs-on: ubuntu-latest 98 permissions: 99 contents: read 100 packages: write 101 # This is used to complete the identity challenge 102 # with sigstore/fulcio when running outside of PRs. 103 id-token: write 104 steps: 105 - name: Checkout repository 106 uses: actions/checkout@v4 107 108 # Workaround: https://github.com/docker/build-push-action/issues/461 109 - name: Setup Docker buildx 110 uses: docker/setup-buildx-action@v2 111 with: 112 buildkitd-flags: --debug 113 114 # Login against a Docker registry except on PR 115 # https://github.com/docker/login-action 116 - name: Log into GHCR 117 if: github.event_name != 'pull_request' 118 uses: docker/login-action@v2 119 with: 120 registry: ghcr.io 121 username: ${{ secrets.HUB_USERNAME }} 122 password: ${{ secrets.HUB_TOKEN }} 123 - name: Log into RHQCR 124 if: github.event_name != 'pull_request' 125 uses: docker/login-action@v2 126 with: 127 registry: quay.io 128 username: ajhalili2006 129 password: ${{ secrets.RHQCR_PASSWORD }} 130 131 # Extract metadata (tags, labels) for Docker 132 # https://github.com/docker/metadata-action 133 - name: Extract Docker metadata 134 id: meta 135 uses: docker/metadata-action@v4 136 with: 137 images: | 138 ghcr.io/${{ env.IMAGE_NAME }}/devenv 139 quay.io/gitpodified-workspace-images/mkdocs-deps 140 tags: | 141 type=raw,value=latest,enable={{is_default_branch}} 142 type=sha,enable=true,priority=100,prefix=commit-,suffix=,format=long 143 type=schedule,pattern=nightly 144 type=schedule,prefix=nightly-,pattern={{date 'YYYYMMDDhhmmss'}} 145 type=raw,prefix=branch-,value={{branch}} 146 147 - uses: hadolint/hadolint-action@v3.1.0 148 with: 149 dockerfile: .gitpod.Dockerfile 150 151 # Build and push Docker image with Buildx (don't push on PR) 152 # https://github.com/docker/build-push-action 153 - name: Build and push Docker image 154 id: build-and-push 155 uses: docker/build-push-action@v4.1.1 156 with: 157 context: . 158 file: .gitpod.Dockerfile 159 platforms: linux/amd64 160 # workaround: https://github.com/moby/buildkit/issues/2713#issuecomment-1068540101 161 push: true 162 #load: true 163 tags: ${{ steps.meta.outputs.tags }} 164 labels: ${{ steps.meta.outputs.labels }} 165 cache-from: | 166 type=registry,ref=quay.io/ajhalili2006/gitpod-workspace:buildkit-cache-web 167 type=registry,ref=ghcr.io/ajhalili2006/website/devenv:nightly 168 type=registry,ref=ghcr.io/ajhalili2006/website/devenv:branch-main 169 #cache-to: type=registry,ref=quay.io/ajhalili2006/gitpod-workspace:buildkit-cache-web