golang-github-action-example/.github/workflows/github-actions-buildOCI.yml at main · thomaswar/golang-github-action-example · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
name: build-oci-image

run-name: Build OCI Image for GoLang binary

on:
  push:
    #branches: ['main']
    tags: ['v*']
  #pull_request:
  #  branches: ['main']

env:
  GH_REGISTRY: ghcr.io # Github Container Registry
  FULL_IMAGE_NAME: ${{ github.repository }} # full image name: owner/image

jobs:
  build-oci-image:
    # https://github.com/actions/runner-images
    runs-on: ubuntu-22.04

    # https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
    permissions:
      contents: read # for actions/checkout
      packages: write # for OCI build
      #id-token: write # for requesting OIDC JWT from 3rd party

    steps:

      # debug
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event from ${{ github.actor }}."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."

      # checkout
      - name: Check out repository code
        uses: actions/checkout@v3

      # debug
      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
      - name: List files in the repository
        run: |
          ls ${{ github.workspace }}
      - run: echo "🍏 This job's status is ${{ job.status }}."

      # debug github context and env
      - name: Dump env
        run: env | sort
      - name: Dump GitHub context
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"

      # docker hub credentials
      - name: login to docker hub
        uses: docker/login-action@v2
        with:
          #registry: docker.io
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_TOKEN }}

      # Github container registry credentials
      - name: Log in to the Github Container registry ${{ env.GH_REGISTRY }} as ${{ github.actor }}
        uses: docker/login-action@v2
        with:
          registry: ${{ env.GH_REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      # tags and labels
      - name: Extract metadata (tags, labels) for image ${{ env.FULL_IMAGE_NAME }}
        id: meta
        uses: docker/metadata-action@v4
        with:
          # https://docs.github.com/en/actions/publishing-packages/publishing-docker-images
          # push to both docker hub and Github Container Registry
          images: |
            ${{ env.FULL_IMAGE_NAME }}
            ${{ env.GH_REGISTRY }}/${{ env.FULL_IMAGE_NAME }}
          tags: |
            type=semver,pattern={{version}}
            type=ref,event=pr
            type=ref,event=branch
            # in addition to full semantic version (x.y.z) would also create (x.y)
            #type=semver,pattern={{major}}.{{minor}}

      # Go environment
      #- name: setup Go Lang
      #  uses: actions/setup-go@v3
      #  with:
      #    go-version: '^1.19.2'
      #- run: go version

      # build OCI image and push to registries (Docker Hub and Github Container Registry)
      - name: build and push docker image
        uses: docker/build-push-action@v3.2.0
        with:
          context: .
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          build-args: |
            MY_VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}
            MY_BUILTBY=github-action