~ajhalili2006's personal website, built with Zensical (successor of Material for Mkdocs) [old repo name got bugged while attempting to do manual knot migration via repo deletion]
andreijiroh.dev
andreijiroh.dev
zensical
mkdocs-material
website
1name: Docker CI
2
3# This workflow uses actions that are not certified by GitHub.
4# They are provided by a third-party and are governed by
5# separate terms of service, privacy policy, and support
6# documentation.
7
8on:
9 schedule:
10 - cron: '30 22 * * *'
11 push:
12 pull_request:
13 branches: [ "main" ]
14
15env:
16 # github.repository as <account>/<repo>
17 IMAGE_NAME: ${{ github.repository }}
18
19jobs:
20 build-ci:
21 name: Build environment for GitLab CI/CD
22 runs-on: ubuntu-latest
23 permissions:
24 contents: read
25 packages: write
26 # This is used to complete the identity challenge
27 # with sigstore/fulcio when running outside of PRs.
28 id-token: write
29
30 steps:
31 - name: Checkout repository
32 uses: actions/checkout@v4
33
34 # Workaround: https://github.com/docker/build-push-action/issues/461
35 - name: Setup Docker buildx
36 uses: docker/setup-buildx-action@v2
37 with:
38 buildkitd-flags: --debug
39
40 # Login against a Docker registry except on PR
41 # https://github.com/docker/login-action
42 - name: Log into GHCR
43 if: github.event_name != 'pull_request'
44 uses: docker/login-action@v2
45 with:
46 registry: ghcr.io
47 username: ${{ secrets.HUB_USERNAME }}
48 password: ${{ secrets.HUB_TOKEN }}
49 - name: Log into RHQCR
50 if: github.event_name != 'pull_request'
51 uses: docker/login-action@v2
52 with:
53 registry: quay.io
54 username: ${{ secrets.RHQCR_BOT_USERNAME }}
55 password: ${{ secrets.RHQCR_BOT_TOKEN }}
56
57 # Extract metadata (tags, labels) for Docker
58 # https://github.com/docker/metadata-action
59 - name: Extract Docker metadata
60 id: meta
61 uses: docker/metadata-action@v4
62 with:
63 images: |
64 ghcr.io/${{ env.IMAGE_NAME }}/build-ci
65 quay.io/ajhalili2006/mkdocs-material-build-ci
66 tags: |
67 type=raw,value=latest,enable={{is_default_branch}}
68 type=sha,enable=true,priority=100,prefix=commit-,suffix=,format=long
69 type=schedule,pattern=nightly
70 type=schedule,prefix=nightly-,pattern={{date 'YYYYMMDDhhmmss'}}
71 type=raw,prefix=branch-,value={{branch}}
72 - uses: hadolint/hadolint-action@v3.1.0
73 with:
74 dockerfile: docker/Dockerfile
75
76 # Build and push Docker image with Buildx (don't push on PR)
77 # https://github.com/docker/build-push-action
78 - name: Build and push Docker image
79 id: build-and-push
80 uses: docker/build-push-action@v4.1.1
81 with:
82 context: docker
83 platforms: linux/amd64
84 #file: Dockerfile
85 # workaround: https://github.com/moby/buildkit/issues/2713#issuecomment-1068540101
86 push: true
87 #load: true
88 tags: ${{ steps.meta.outputs.tags }}
89 labels: ${{ steps.meta.outputs.labels }}
90 cache-from: |
91 type=registry,ref=quay.io/ajhalili2006/mkdocs-material-build-ci:buildkit-cache-web
92 type=registry,ref=quay.io/ajhalili2006/mkdocs-material-build-ci:branch-main
93 type=registry,ref=quay.io/ajhalili2006/mkdocs-material-build-ci:latest
94 #cache-to: type=registry,ref=quay.io/ajhalili2006/mkdocs-material-build-ci:buildkit-cache-web
95 devenv:
96 name: Generate Gitpod workspace image snapshot
97 runs-on: ubuntu-latest
98 permissions:
99 contents: read
100 packages: write
101 # This is used to complete the identity challenge
102 # with sigstore/fulcio when running outside of PRs.
103 id-token: write
104 steps:
105 - name: Checkout repository
106 uses: actions/checkout@v4
107
108 # Workaround: https://github.com/docker/build-push-action/issues/461
109 - name: Setup Docker buildx
110 uses: docker/setup-buildx-action@v2
111 with:
112 buildkitd-flags: --debug
113
114 # Login against a Docker registry except on PR
115 # https://github.com/docker/login-action
116 - name: Log into GHCR
117 if: github.event_name != 'pull_request'
118 uses: docker/login-action@v2
119 with:
120 registry: ghcr.io
121 username: ${{ secrets.HUB_USERNAME }}
122 password: ${{ secrets.HUB_TOKEN }}
123 - name: Log into RHQCR
124 if: github.event_name != 'pull_request'
125 uses: docker/login-action@v2
126 with:
127 registry: quay.io
128 username: ajhalili2006
129 password: ${{ secrets.RHQCR_PASSWORD }}
130
131 # Extract metadata (tags, labels) for Docker
132 # https://github.com/docker/metadata-action
133 - name: Extract Docker metadata
134 id: meta
135 uses: docker/metadata-action@v4
136 with:
137 images: |
138 ghcr.io/${{ env.IMAGE_NAME }}/devenv
139 quay.io/gitpodified-workspace-images/mkdocs-deps
140 tags: |
141 type=raw,value=latest,enable={{is_default_branch}}
142 type=sha,enable=true,priority=100,prefix=commit-,suffix=,format=long
143 type=schedule,pattern=nightly
144 type=schedule,prefix=nightly-,pattern={{date 'YYYYMMDDhhmmss'}}
145 type=raw,prefix=branch-,value={{branch}}
146
147 - uses: hadolint/hadolint-action@v3.1.0
148 with:
149 dockerfile: .gitpod.Dockerfile
150
151 # Build and push Docker image with Buildx (don't push on PR)
152 # https://github.com/docker/build-push-action
153 - name: Build and push Docker image
154 id: build-and-push
155 uses: docker/build-push-action@v4.1.1
156 with:
157 context: .
158 file: .gitpod.Dockerfile
159 platforms: linux/amd64
160 # workaround: https://github.com/moby/buildkit/issues/2713#issuecomment-1068540101
161 push: true
162 #load: true
163 tags: ${{ steps.meta.outputs.tags }}
164 labels: ${{ steps.meta.outputs.labels }}
165 cache-from: |
166 type=registry,ref=quay.io/ajhalili2006/gitpod-workspace:buildkit-cache-web
167 type=registry,ref=ghcr.io/ajhalili2006/website/devenv:nightly
168 type=registry,ref=ghcr.io/ajhalili2006/website/devenv:branch-main
169 #cache-to: type=registry,ref=quay.io/ajhalili2006/gitpod-workspace:buildkit-cache-web