deps: bump docker/build-push-action from 5.4.0 to 6.0.0 in /docker-im… #149
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: test-docker-image-builder | |
on: | |
push: | |
branches: | |
- main | |
paths: | |
- "docker-image-builder/**" | |
- ".github/workflows/test-docker-image-builder.yml" | |
pull_request: | |
branches: | |
- main | |
paths: | |
- "docker-image-builder/**" | |
- ".github/workflows/test-docker-image-builder.yml" | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
permissions: {} | |
jobs: | |
test-docker-image-builder: | |
name: test-docker-image-builder | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
pull-requests: write | |
issues: write | |
statuses: write | |
steps: | |
- name: step-security/harden-runner | |
uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
auth.docker.io:443 | |
dl-cdn.alpinelinux.org:443 | |
github.com:443 | |
production.cloudflare.docker.com:443 | |
raw.githubusercontent.com:443 | |
registry-1.docker.io:443 | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: Update Status | |
id: check_pending | |
uses: ./commit-status-and-label | |
if: github.event_name == 'pull_request' | |
with: | |
token: ${{ github.token }} | |
sha: ${{ github.event.pull_request.head.sha || github.event.workflow_run.head_sha || github.sha }} | |
state: "pending" | |
- name: docker-image-builder | |
id: docker | |
uses: ./docker-image-builder | |
with: | |
registry_push: false | |
load_locally: true | |
dockerfile: docker-image-builder/Dockerfile.test | |
image_platforms: linux/amd64 | |
dockerhub_image_name: ${{ github.repository_owner }}/test-docker-image-builder | |
- name: check outputs | |
id: check_outputs | |
env: | |
DOCKER_LABELS: ${{ steps.docker.outputs.labels }} | |
DOCKER_JSON: ${{ steps.docker.outputs.json }} | |
DOCKER_TAGS: ${{ steps.docker.outputs.image_tags }} | |
DOCKER_VERSION: ${{ steps.docker.outputs.version }} | |
run: | | |
if [[ -z "$DOCKER_TAGS" ]]; then | |
echo "::error::image_tags not set by docker-image-builder" | |
exit 1 | |
fi | |
if [[ -z "$DOCKER_LABELS" ]]; then | |
echo "::error::labels not set by docker-image-builder" | |
exit 1 | |
fi | |
if [[ -z "$DOCKER_VERSION" ]]; then | |
echo "::error::version not set by docker-image-builder" | |
exit 1 | |
fi | |
if [[ -z "$DOCKER_JSON" ]]; then | |
echo "::error::json not set by docker-image-builder" | |
exit 1 | |
fi | |
- name: Use the image | |
id: docker_run | |
# bash + curl installed as part of docker-image-builder/Dockerfile.test | |
env: | |
DOCKER_TAGS: ${{ steps.docker.outputs.image_tags }} | |
run: | | |
test_image=$(echo "$DOCKER_TAGS" | head -n 1 | cut -d' ' -f1) | |
docker run --rm --entrypoint=bash "$test_image" \ | |
-c "curl -fSsL https://raw.githubusercontent.com/${{ github.repository }}/main/README.md" | |
- name: Cleanup | |
# Our work here is done, so cleanup | |
id: cleanup | |
if: success() || failure() | |
continue-on-error: true | |
env: | |
DOCKER_TAGS: ${{ steps.docker.outputs.image_tags }} | |
run: | | |
for image in $DOCKER_TAGS; do | |
docker rmi "$image" | |
done | |
- name: Check Status | |
id: check_outcome | |
if: | | |
(success() || failure()) && | |
github.event_name == 'pull_request' | |
uses: ./commit-status-and-label | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
sha: ${{ github.event.pull_request.head.sha || github.event.workflow_run.head_sha || github.sha }} | |
state: "${{ steps.docker_run.outcome }}" | |
notification: | |
name: notification | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
needs: | |
- test-docker-image-builder | |
if: | | |
github.event_name == 'pull_request' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: dispatch | |
uses: ./pr-trigger | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
event_type: "pr-docker-image-builder-test-success" |