Publish canary container images via ghcr.io

Ref roboll/helmfile#1824
Sajfer · May 2, 2022 · 09acbf2 · 09acbf2
1 parent 6e61dd3
commit 09acbf2
Show file tree

Hide file tree

Showing 4 changed files with 94 additions and 0 deletions.
diff --git a/.github/actions/setup-docker-environment/action.yaml b/.github/actions/setup-docker-environment/action.yaml
@@ -0,0 +1,30 @@
+name: "Setup Docker"
+
+outputs:
+  sha_short:
+    description: "The short SHA used for image builds"
+    value: ${{ steps.vars.outputs.sha_short }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Get Short SHA
+      id: vars
+      run: |
+        echo ::set-output name=sha_short::${GITHUB_SHA::7}
+      shell: bash
+
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v1
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1
+      with:
+        version: latest
+
+    # - name: Login to DockerHub
+    #   if: ${{ github.ref == 'main' && github.event.pull_request.merged == true }}
+    #   uses: docker/login-action@v1
+    #   with:
+    #     username: ${{ inputs.username }}
+    #     password: ${{ inputs.password }}
diff --git a/.github/workflows/canary_images.yaml b/.github/workflows/canary_images.yaml
@@ -0,0 +1,60 @@
+name: Publish Canary Images
+
+on:
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - .github/workflows/ci.yml
+      - .github/workflows/lock.yml
+      - "docs/**"
+      - "hack/**"
+      - "**.md"
+      - ".gitignore"
+      - "Makefile"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    name: Build and Publish Canary Images
+    env:
+      DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USER }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup Docker Environment
+        id: vars
+        uses: ./.github/actions/setup-docker-environment
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and Push
+        uses: docker/build-push-action@v2
+        with:
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository }}:canary
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Build and Push (debian stable-slim)
+        uses: docker/build-push-action@v2
+        with:
+          file: Dockerfile.debian
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository }}-debian-stable-slim:canary
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/Dockerfile b/Dockerfile
@@ -9,6 +9,8 @@ RUN make static-linux
 
 FROM alpine:3.13
 
+LABEL org.opencontainers.image.source https://github.com/helmfile/helmfile
+
 RUN apk add --no-cache ca-certificates git bash curl jq
 
 ARG HELM_VERSION="v3.7.2"

diff --git a/Dockerfile.debian b/Dockerfile.debian
@@ -15,6 +15,8 @@ RUN make static-linux
 
 FROM debian:stable-slim
 
+LABEL org.opencontainers.image.source https://github.com/helmfile/helmfile
+
 RUN apt-get update \ 
  && apt-get install -y --no-install-recommends \
     ca-certificates  \