Docker Image CI #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# K2HR3 Container Registration Sidecar | |
# | |
# Copyright 2019 Yahoo Japan Corporation. | |
# | |
# K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers | |
# common management information for the cloud. | |
# K2HR3 can dynamically manage information as "who", "what", "operate". | |
# These are stored as roles, resources, policies in K2hdkc, and the | |
# client system can dynamically read and modify these information. | |
# | |
# For the full copyright and license information, please view | |
# the license file that was distributed with this source code. | |
# | |
# AUTHOR: Takeshi Nakatani | |
# CREATE: Mon, May 25 2024 | |
# REVISION: | |
# | |
#------------------------------------------------------------------------------------ | |
# Github Actions | |
#------------------------------------------------------------------------------------ | |
name: Docker Image CI | |
# | |
# Events | |
# | |
on: | |
push: | |
pull_request: | |
# | |
# CRON event is fire on every sunday(UTC). | |
# | |
schedule: | |
- cron: '0 15 * * 0' | |
# | |
# Jobs | |
# | |
jobs: | |
lint: | |
runs-on: ubuntu-latest | |
env: | |
# | |
# Installation special environment variables for ubuntu(debian). | |
# | |
DEBIAN_FRONTEND: noninteractive | |
steps: | |
# | |
# Checks-out your repository under ${GITHUB_WORKSPACE}, so your job can access it | |
# | |
- name: Checkout sources | |
uses: actions/checkout@v4 | |
# | |
# Install shellcheck | |
# | |
- name: Install packages | |
run: | | |
sudo apt-get update -y -qq | |
sudo apt-get install -y shellcheck | |
# | |
# Check scripts by shellcheck | |
# | |
- name: ShellCheck | |
run: | | |
if command -v shellcheck >/dev/null 2>&1; then | |
SHELLCHECK_TARGET_DIRS="." | |
SHELLCHECK_BASE_OPT="--shell=sh" | |
SHELLCHECK_IGN_OPT="--exclude=SC1117,SC1090,SC1091" | |
SHELLCHECK_INCLUDE_IGN_OPT="${SHELLCHECK_IGN_OPT},SC2034,SC2148" | |
SHELLCHECK_EXCEPT_PATHS_CMD="| grep -v '\.sh\.' | grep -v '\.log' | grep -v '/\.git/' | grep -v '\.yaml' | grep -v '\.yml'" | |
: | |
SHELLCHECK_FILES_NO_SH=$(/bin/sh -c "grep -ril '^\#!/bin/sh' ${SHELLCHECK_TARGET_DIRS} | grep -v '\.sh' ${SHELLCHECK_EXCEPT_PATHS_CMD} | tr '\n' ' '") | |
SHELLCHECK_FILES_SH=$(/bin/sh -c "grep -ril '^\#!/bin/sh' ${SHELLCHECK_TARGET_DIRS} | grep '\.sh' ${SHELLCHECK_EXCEPT_PATHS_CMD} | tr '\n' ' '") | |
SHELLCHECK_FILES_INCLUDE_SH=$(/bin/sh -c "grep -Lir '^\#!/bin/sh' ${SHELLCHECK_TARGET_DIRS} | grep '\.sh' ${SHELLCHECK_EXCEPT_PATHS_CMD} | tr '\n' ' '") | |
: | |
if [ -n "${SHELLCHECK_FILES_NO_SH}" ]; then | |
LC_ALL=C.UTF-8 shellcheck ${SHELLCHECK_BASE_OPT} ${SHELLCHECK_IGN_OPT} ${SHELLCHECK_FILES_NO_SH} | |
fi | |
if [ -n "${SHELLCHECK_FILES_SH}" ]; then | |
LC_ALL=C.UTF-8 shellcheck ${SHELLCHECK_BASE_OPT} ${SHELLCHECK_IGN_OPT} ${SHELLCHECK_FILES_SH} | |
fi | |
if [ -n "${SHELLCHECK_FILES_INCLUDE_SH}" ]; then | |
LC_ALL=C.UTF-8 shellcheck ${SHELLCHECK_BASE_OPT} ${SHELLCHECK_INCLUDE_IGN_OPT} ${SHELLCHECK_FILES_INCLUDE_SH} | |
fi | |
else | |
echo "ShellCheck is not installed, skip checking by ShellCheck." | |
fi | |
dockerimage: | |
runs-on: ubuntu-latest | |
needs: lint | |
# | |
# build matrix for containers | |
# | |
strategy: | |
# | |
# do not stop jobs automatically if any of the jobs fail | |
# | |
fail-fast: false | |
# | |
# matrix for containers | |
# | |
matrix: | |
# | |
# Specify the "baseimage" in the following format: | |
# <base image tag>,<OS tag name>(,<default tag flag>) | |
# | |
# <base image tag>: specify the Docker image name(ex. "alpine:latest") | |
# <OS tag name>: OS tag attached to the created Docker image | |
# <default tag flag>: If you want to use the created Docker image as the default image, specify "default". | |
# | |
imageinfo: | |
- alpine:3.19,alpine,default | |
# | |
# Run building and pushing helper | |
# | |
steps: | |
- name: Checkout sources | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
# | |
# Login to avoid the Docker Hub rate limit | |
# | |
# Github Secret cannot be read in the case of Pull Request, so that process | |
# here will fail, so we need to skip it. Even if we skip this process, if we | |
# are using the official Runner of Github Actions, the IP address rate will | |
# not be limited and we will not get an error. | |
# However, this restriction release is based on the contract between Github | |
# and DockerHub, so if we skip this process, we may get an error. | |
# | |
- name: Login to DockerHub | |
if: ${{ github.event_name != 'pull_request' }} | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_HUB_USERNAME }} | |
password: ${{ secrets.DOCKER_HUB_ACCESSTOKEN }} | |
# | |
# Set environments from secrets | |
# | |
# [NOTE] Secrets | |
# When passing parameters to docker_helper.sh in build and pusing, | |
# use Secret of organization or repository. | |
# | |
# By setting the correct values for the following variable names, | |
# they will be passed as parameters in docker_helper.sh. | |
# * DOCKER_HUB_USERNAME : Docker Hub username to read/push the docker images | |
# * DOCKER_HUB_ACCESSTOKEN : Docker Hub user's Access Token | |
# DOCKER_HUB_ORG : Docker Hub organization to push(ex. "antpickax") | |
# IMAGETYPE_VARS_FILE : specify custom variables file | |
# FORCE_DOCKER_PUSH : specify force push(true) or not push(false) | |
# | |
# [REQUIRED] | |
# DOCKER_HUB_USERNAME and DOCKER_HUB_ACCESSTOKEN is required to read and push docker images! | |
# | |
- name: Set docker image build environments from secrets | |
run: | | |
echo "ENV_DOCKER_IMAGE_INFO=${{ matrix.imageinfo }}" >> "${GITHUB_ENV}" | |
echo "ENV_IMAGE_NAMES=k2hr3.sidecar" >> "${GITHUB_ENV}" | |
echo "ENV_IMAGEVAR_FILE=${{ secrets.IMAGETYPE_VARS_FILE }}" >> "${GITHUB_ENV}" | |
echo "ENV_DOCKER_HUB_ORG=${{ secrets.DOCKER_HUB_ORG }}" >> "${GITHUB_ENV}" | |
echo "ENV_MAINTAINER=antpickax" >> "${GITHUB_ENV}" | |
echo "ENV_FORCE_PUSH=${{ secrets.FORCE_DOCKER_PUSH }}" >> "${GITHUB_ENV}" | |
# | |
# Run building and pushing | |
# | |
- name: Build and Push image to Docker Hub | |
run: | | |
${GITHUB_WORKSPACE}/.github/workflows/custom_docker_helper.sh | |
# | |
# Local variables: | |
# tab-width: 4 | |
# c-basic-offset: 4 | |
# End: | |
# vim600: expandtab sw=4 ts=4 fdm=marker | |
# vim<600: expandtab sw=4 ts=4 | |
# |