Skip to content

Docker Image CI

Docker Image CI #29

Workflow file for this run

#
# K2HR3 Container Registration Sidecar
#
# Copyright 2019 Yahoo Japan Corporation.
#
# K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
# common management information for the cloud.
# K2HR3 can dynamically manage information as "who", "what", "operate".
# These are stored as roles, resources, policies in K2hdkc, and the
# client system can dynamically read and modify these information.
#
# For the full copyright and license information, please view
# the license file that was distributed with this source code.
#
# AUTHOR: Takeshi Nakatani
# CREATE: Mon, May 25 2024
# REVISION:
#
#------------------------------------------------------------------------------------
# Github Actions
#------------------------------------------------------------------------------------
name: Docker Image CI
#
# Events
#
on:
push:
pull_request:
#
# CRON event is fire on every sunday(UTC).
#
schedule:
- cron: '0 15 * * 0'
#
# Jobs
#
jobs:
lint:
runs-on: ubuntu-latest
env:
#
# Installation special environment variables for ubuntu(debian).
#
DEBIAN_FRONTEND: noninteractive
steps:
#
# Checks-out your repository under ${GITHUB_WORKSPACE}, so your job can access it
#
- name: Checkout sources
uses: actions/checkout@v4
#
# Install shellcheck
#
- name: Install packages
run: |
sudo apt-get update -y -qq
sudo apt-get install -y shellcheck
#
# Check scripts by shellcheck
#
- name: ShellCheck
run: |
if command -v shellcheck >/dev/null 2>&1; then
SHELLCHECK_TARGET_DIRS="."
SHELLCHECK_BASE_OPT="--shell=sh"
SHELLCHECK_IGN_OPT="--exclude=SC1117,SC1090,SC1091"
SHELLCHECK_INCLUDE_IGN_OPT="${SHELLCHECK_IGN_OPT},SC2034,SC2148"
SHELLCHECK_EXCEPT_PATHS_CMD="| grep -v '\.sh\.' | grep -v '\.log' | grep -v '/\.git/' | grep -v '\.yaml' | grep -v '\.yml'"
:
SHELLCHECK_FILES_NO_SH=$(/bin/sh -c "grep -ril '^\#!/bin/sh' ${SHELLCHECK_TARGET_DIRS} | grep -v '\.sh' ${SHELLCHECK_EXCEPT_PATHS_CMD} | tr '\n' ' '")
SHELLCHECK_FILES_SH=$(/bin/sh -c "grep -ril '^\#!/bin/sh' ${SHELLCHECK_TARGET_DIRS} | grep '\.sh' ${SHELLCHECK_EXCEPT_PATHS_CMD} | tr '\n' ' '")
SHELLCHECK_FILES_INCLUDE_SH=$(/bin/sh -c "grep -Lir '^\#!/bin/sh' ${SHELLCHECK_TARGET_DIRS} | grep '\.sh' ${SHELLCHECK_EXCEPT_PATHS_CMD} | tr '\n' ' '")
:
if [ -n "${SHELLCHECK_FILES_NO_SH}" ]; then
LC_ALL=C.UTF-8 shellcheck ${SHELLCHECK_BASE_OPT} ${SHELLCHECK_IGN_OPT} ${SHELLCHECK_FILES_NO_SH}
fi
if [ -n "${SHELLCHECK_FILES_SH}" ]; then
LC_ALL=C.UTF-8 shellcheck ${SHELLCHECK_BASE_OPT} ${SHELLCHECK_IGN_OPT} ${SHELLCHECK_FILES_SH}
fi
if [ -n "${SHELLCHECK_FILES_INCLUDE_SH}" ]; then
LC_ALL=C.UTF-8 shellcheck ${SHELLCHECK_BASE_OPT} ${SHELLCHECK_INCLUDE_IGN_OPT} ${SHELLCHECK_FILES_INCLUDE_SH}
fi
else
echo "ShellCheck is not installed, skip checking by ShellCheck."
fi
dockerimage:
runs-on: ubuntu-latest
needs: lint
#
# build matrix for containers
#
strategy:
#
# do not stop jobs automatically if any of the jobs fail
#
fail-fast: false
#
# matrix for containers
#
matrix:
#
# Specify the "baseimage" in the following format:
# <base image tag>,<OS tag name>(,<default tag flag>)
#
# <base image tag>: specify the Docker image name(ex. "alpine:latest")
# <OS tag name>: OS tag attached to the created Docker image
# <default tag flag>: If you want to use the created Docker image as the default image, specify "default".
#
imageinfo:
- alpine:3.19,alpine,default
#
# Run building and pushing helper
#
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
#
# Login to avoid the Docker Hub rate limit
#
# Github Secret cannot be read in the case of Pull Request, so that process
# here will fail, so we need to skip it. Even if we skip this process, if we
# are using the official Runner of Github Actions, the IP address rate will
# not be limited and we will not get an error.
# However, this restriction release is based on the contract between Github
# and DockerHub, so if we skip this process, we may get an error.
#
- name: Login to DockerHub
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESSTOKEN }}
#
# Set environments from secrets
#
# [NOTE] Secrets
# When passing parameters to docker_helper.sh in build and pusing,
# use Secret of organization or repository.
#
# By setting the correct values for the following variable names,
# they will be passed as parameters in docker_helper.sh.
# * DOCKER_HUB_USERNAME : Docker Hub username to read/push the docker images
# * DOCKER_HUB_ACCESSTOKEN : Docker Hub user's Access Token
# DOCKER_HUB_ORG : Docker Hub organization to push(ex. "antpickax")
# IMAGETYPE_VARS_FILE : specify custom variables file
# FORCE_DOCKER_PUSH : specify force push(true) or not push(false)
#
# [REQUIRED]
# DOCKER_HUB_USERNAME and DOCKER_HUB_ACCESSTOKEN is required to read and push docker images!
#
- name: Set docker image build environments from secrets
run: |
echo "ENV_DOCKER_IMAGE_INFO=${{ matrix.imageinfo }}" >> "${GITHUB_ENV}"
echo "ENV_IMAGE_NAMES=k2hr3.sidecar" >> "${GITHUB_ENV}"
echo "ENV_IMAGEVAR_FILE=${{ secrets.IMAGETYPE_VARS_FILE }}" >> "${GITHUB_ENV}"
echo "ENV_DOCKER_HUB_ORG=${{ secrets.DOCKER_HUB_ORG }}" >> "${GITHUB_ENV}"
echo "ENV_MAINTAINER=antpickax" >> "${GITHUB_ENV}"
echo "ENV_FORCE_PUSH=${{ secrets.FORCE_DOCKER_PUSH }}" >> "${GITHUB_ENV}"
#
# Run building and pushing
#
- name: Build and Push image to Docker Hub
run: |
${GITHUB_WORKSPACE}/.github/workflows/custom_docker_helper.sh
#
# Local variables:
# tab-width: 4
# c-basic-offset: 4
# End:
# vim600: expandtab sw=4 ts=4 fdm=marker
# vim<600: expandtab sw=4 ts=4
#