Skip to content

Improvements #50

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Ilyes512 merged 4 commits into from
Apr 7, 2026
Merged

Improvements #50

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b240986
Surround steps with newlines
Ilyes512 Apr 7, 2026
d995343
Added optional disable AppArmor step
Ilyes512 Apr 7, 2026
d4a0908
Allow passing of secrets when using the callable workflows
Ilyes512 Apr 7, 2026
bb0eb4b
Updated self-ref version
Ilyes512 Apr 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 23 additions & 3 deletions .github/workflows/build-php.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,47 +19,67 @@ on:
description: Dockerfile path
type: string
default: Dockerfile
secrets:
description: List of secrets to expose to the build
type: string
required: false
disable-apparmor:
description: Disable AppArmor for the build
type: boolean
default: false

jobs:
build:
name: Build Image
runs-on: ${{ inputs.runs-on }}
steps:

- name: Checkout
uses: actions/checkout@v6

- name: Image name
id: image_name
uses: ASzc/change-string-case-action@v8
with:
string: ${{ inputs.image-name }}

- name: Log in to the Container registry
uses: docker/login-action@v4
if: ${{ github.actor != 'dependabot[bot]' }}
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Disable AppArmor
if: ${{ inputs.disable-apparmor }}
uses: cisagov/action-disable-apparmor@v1

- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v4

- name: Build and Push by digest (runtime)
uses: specsnl/github-actions/build-target@1.2.0
uses: specsnl/github-actions/build-target@1.2.1
with:
platform: ${{ inputs.platform }}
image-name: ${{ steps.image_name.outputs.lowercase }}
dockerfile: ${{ inputs.dockerfile }}
target: runtime

- name: Build and Push by digest (builder)
uses: specsnl/github-actions/build-target@1.2.0
uses: specsnl/github-actions/build-target@1.2.1
with:
platform: ${{ inputs.platform }}
image-name: ${{ steps.image_name.outputs.lowercase }}
dockerfile: ${{ inputs.dockerfile }}
target: builder

- name: Build and Push by digest (builder_nodejs)
uses: specsnl/github-actions/build-target@1.2.0
uses: specsnl/github-actions/build-target@1.2.1
with:
platform: ${{ inputs.platform }}
image-name: ${{ steps.image_name.outputs.lowercase }}
dockerfile: ${{ inputs.dockerfile }}
target: builder_nodejs
secrets: ${{ inputs.secrets }}
20 changes: 19 additions & 1 deletion .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,33 +27,51 @@ on:
description: Custom image description (overrides repository description)
type: string
required: false
secrets:
description: List of secrets to expose to the build
type: string
required: false
disable-apparmor:
description: Disable AppArmor for the build
type: boolean
default: false

jobs:
build:
name: Build Image
runs-on: ${{ inputs.runs-on }}
steps:

- name: Checkout
uses: actions/checkout@v6

- name: Log in to the Container registry
uses: docker/login-action@v4
if: ${{ github.actor != 'dependabot[bot]' }}
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Disable AppArmor
if: ${{ inputs.disable-apparmor }}
uses: cisagov/action-disable-apparmor@v1

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4

- name: Image name
id: image_name
uses: ASzc/change-string-case-action@v8
with:
string: ${{ inputs.image-name }}

- name: Build and Push by digest
uses: specsnl/github-actions/build-image@1.2.0
uses: specsnl/github-actions/build-image@1.2.1
with:
dockerfile: ${{ inputs.dockerfile }}
platform: ${{ inputs.platform }}
image-name: ${{ steps.image_name.outputs.lowercase }}
title: ${{ inputs.title }}
description: ${{ inputs.description }}
secrets: ${{ inputs.secrets }}
14 changes: 10 additions & 4 deletions .github/workflows/merge-php.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,44 +36,50 @@ on:
type: string
required: false


jobs:
merge:
name: Merge Images
runs-on: ${{ inputs.runs-on }}
if: ${{ github.actor != 'dependabot[bot]' }}
steps:

- name: Checkout
uses: actions/checkout@v6

- name: Image name
id: image_name
uses: ASzc/change-string-case-action@v8
with:
string: ${{ inputs.image-name }}

- name: Log in to the Container registry
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4

- name: Create Manifest (runtime)
uses: specsnl/github-actions/create-manifest-for-target@1.2.0
uses: specsnl/github-actions/create-manifest-for-target@1.2.1
with:
image-name: ${{ steps.image_name.outputs.lowercase }}
target: runtime
description: ${{ inputs.description-runtime }}
title: ${{ inputs.title-runtime }}

- name: Create Manifest (builder)
uses: specsnl/github-actions/create-manifest-for-target@1.2.0
uses: specsnl/github-actions/create-manifest-for-target@1.2.1
with:
image-name: ${{ steps.image_name.outputs.lowercase }}
target: builder
description: ${{ inputs.description-builder }}
title: ${{ inputs.title-builder }}

- name: Create Manifest (builder_nodejs)
uses: specsnl/github-actions/create-manifest-for-target@1.2.0
uses: specsnl/github-actions/create-manifest-for-target@1.2.1
with:
image-name: ${{ steps.image_name.outputs.lowercase }}
target: builder_nodejs
Expand Down
7 changes: 6 additions & 1 deletion .github/workflows/merge.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,23 +26,28 @@ jobs:
runs-on: ${{ inputs.runs-on }}
if: ${{ github.actor != 'dependabot[bot]' }}
steps:

- name: Checkout
uses: actions/checkout@v6

- name: Image name
id: image_name
uses: ASzc/change-string-case-action@v8
with:
string: ${{ inputs.image-name }}

- name: Log in to the Container registry
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4

- name: Create Manifest
uses: specsnl/github-actions/create-manifest@1.2.0
uses: specsnl/github-actions/create-manifest@1.2.1
with:
image-name: ${{ steps.image_name.outputs.lowercase }}
title: ${{ inputs.title }}
Expand Down
5 changes: 5 additions & 0 deletions build-image/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,13 @@ inputs:
runs:
using: composite
steps:

- name: Prepare
shell: bash
run: |
platform=${{ inputs.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV

- name: Docker meta
id: meta
uses: docker/metadata-action@v6
Expand All @@ -46,6 +48,7 @@ runs:
annotations: |
${{ inputs.title != '' && format('org.opencontainers.image.title={0}', inputs.title) || '' }}
${{ inputs.description != '' && format('org.opencontainers.image.description={0}', inputs.description) || '' }}

- name: Build and push by digest
id: build
uses: docker/build-push-action@v7
Expand All @@ -61,12 +64,14 @@ runs:
cache-from: type=gha,scope=${{ inputs.dockerfile }}-${{ env.PLATFORM_PAIR }}
cache-to: type=gha,mode=max,scope=${{ inputs.dockerfile }}-${{ env.PLATFORM_PAIR }}
secrets: ${{ inputs.secrets }}

- name: Export digest
shell: bash
run: |
mkdir -p ${{ runner.temp }}/digests
digest="${{ steps.build.outputs.digest }}"
touch "${{ runner.temp }}/digests/${digest#sha256:}"

- name: Upload digest
uses: actions/upload-artifact@v7
with:
Expand Down
5 changes: 5 additions & 0 deletions build-target/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ inputs:
runs:
using: composite
steps:

- name: Prepare
shell: bash
run: |
Expand All @@ -42,6 +43,7 @@ runs:

image_name=${{ inputs.image-name }}
echo "SAFE_IMAGE_NAME=${image_name//\//-}" >> $GITHUB_ENV

- name: Docker meta (${{ inputs.target }})
id: meta
uses: docker/metadata-action@v6
Expand All @@ -53,6 +55,7 @@ runs:
annotations: |
${{ inputs.title != '' && format('org.opencontainers.image.title={0}', inputs.title) || '' }}
${{ inputs.description != '' && format('org.opencontainers.image.description={0}', inputs.description) || '' }}

- name: Build and push by digest (${{ inputs.target }})
id: build
uses: docker/build-push-action@v7
Expand All @@ -69,12 +72,14 @@ runs:
cache-from: type=gha,scope=${{ inputs.dockerfile }}-${{ env.PLATFORM_PAIR }}-${{ inputs.target }}
cache-to: type=gha,mode=max,scope=${{ inputs.dockerfile }}-${{ env.PLATFORM_PAIR }}-${{ inputs.target }}
secrets: ${{ inputs.secrets }}

- name: Export digest (${{ inputs.target }})
shell: bash
run: |
mkdir -p ${{ runner.temp }}/digests/${{ env.SAFE_IMAGE_NAME }}/${{ inputs.target }}
digest="${{ steps.build.outputs.digest }}"
touch "${{ runner.temp }}/digests/${{ env.SAFE_IMAGE_NAME }}/${{ inputs.target }}/${digest#sha256:}"

- name: Upload digest (${{ inputs.target }})
uses: actions/upload-artifact@v7
with:
Expand Down
6 changes: 6 additions & 0 deletions create-manifest-for-target/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,22 +26,26 @@ inputs:
runs:
using: composite
steps:

- name: Prepare
shell: bash
run: |
image_name=${{ inputs.image-name }}
echo "SAFE_IMAGE_NAME=${image_name//\//-}" >> $GITHUB_ENV

- name: Download digests (${{ inputs.target }})
uses: actions/download-artifact@v8
with:
path: ${{ runner.temp }}/digests/${{ env.SAFE_IMAGE_NAME }}/${{ inputs.target }}
pattern: digests-${{ env.SAFE_IMAGE_NAME }}-${{ inputs.target }}-*
merge-multiple: true

- name: Raw tag
id: raw_tag
uses: ASzc/change-string-case-action@v8
with:
string: ${{ inputs.raw-tag }}

- name: Docker meta (${{ inputs.target }})
id: meta
uses: docker/metadata-action@v6
Expand All @@ -60,6 +64,7 @@ runs:
annotations: |
${{ inputs.title != '' && format('org.opencontainers.image.title={0}', inputs.title) || '' }}
${{ inputs.description != '' && format('org.opencontainers.image.description={0}', inputs.description) || '' }}

- name: Create manifest list and push (${{ inputs.target }})
working-directory: ${{ runner.temp }}/digests/${{ env.SAFE_IMAGE_NAME }}/${{ inputs.target }}
shell: bash
Expand All @@ -72,6 +77,7 @@ runs:
images=$(printf '${{ inputs.image-name }}@sha256:%s ' *)

docker buildx imagetools create "${tags[@]}" "${annotations[@]}" $images

- name: Inspect image
shell: bash
run: |
Expand Down
4 changes: 4 additions & 0 deletions create-manifest/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,11 +28,13 @@ runs:
path: ${{ runner.temp }}/digests
pattern: digests-*
merge-multiple: true

- name: Raw tag
id: raw_tag
uses: ASzc/change-string-case-action@v8
with:
string: ${{ inputs.raw-tag }}

- name: Docker meta
id: meta
uses: docker/metadata-action@v6
Expand All @@ -50,6 +52,7 @@ runs:
annotations: |
${{ inputs.title != '' && format('org.opencontainers.image.title={0}', inputs.title) || '' }}
${{ inputs.description != '' && format('org.opencontainers.image.description={0}', inputs.description) || '' }}

- name: Create manifest list and push
working-directory: ${{ runner.temp }}/digests
shell: bash
Expand All @@ -62,6 +65,7 @@ runs:
images=$(printf '${{ inputs.image-name }}@sha256:%s ' *)

docker buildx imagetools create "${tags[@]}" "${annotations[@]}" $images

- name: Inspect image
shell: bash
run: |
Expand Down