ci: add build-docker-image.yml

satoufuyuki · web-flow · commit e0473cac4789 · 2023-03-24T16:23:04.000+07:00
diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
@@ -0,0 +1,83 @@
+name: Build & Push Docker Image to container image registry
+
+on:
+  workflow_call:
+    inputs:
+      ADD_FLAVOR:
+        description: "Whether to add flavor (only -dev atm) to the image tag"
+        type: boolean
+        required: false
+        default: true
+      NO_CACHE:
+        description: "Whether to use build cache"
+        type: boolean
+        required: false
+        default: false
+    secrets:
+      BOT_TOKEN:
+        required: true
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check Out Repo
+        uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+        with:
+          fetch-depth: 2
+
+      #- name: Set up QEMU (We don't need QEMU, because we don't build images for platforms other than linux/amd64, which is our current native arch in our infra
+      #  uses: docker/setup-qemu-action@v1.2.0
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 # v2.4.1
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
+        if: ${{ github.event_name != 'pull_request' }}
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.BOT_TOKEN }}
+
+      - name: Extract tag name
+        id: tags
+        if: ${{ github.event_name == 'release' }}
+        run: echo ::set-output name=name::${GITHUB_REF##*/}
+
+      - name: Extract flavor
+        id: flavor
+        if: ${{ inputs.ADD_FLAVOR == true }}
+        run: if [ "${{ github.event_name }}" = "release" ]; then echo ::set-output name=name::; else echo ::set-output name=name::-dev; fi
+
+      - name: Generate Docker image metadata
+        uses: docker/metadata-action@507c2f2dc502c992ad446e3d7a5dfbe311567a96 # v4.3.0
+        id: img_meta
+        with:
+          flavor: |
+            latest=auto
+            suffix=${{ steps.flavor.outputs.name }}
+          images: ghcr.io/${{ github.repository }}
+          tags: |
+            ${{ steps.tags.outputs.name }}
+            latest
+
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v4.0.0
+        with:
+          context: ./
+          tags: ${{ steps.img_meta.outputs.tags }}
+          labels: ${{ steps.img_meta.outputs.labels }}
+          push: ${{ github.event_name != 'pull_request' }}
+          secrets: |
+            "GH_PKG_AUTH_TOKEN=${{ secrets.BOT_TOKEN }}"
+            "GITHUB_TOKEN=${{ secrets.BOT_TOKEN }}"
+          cache-from: type=gha,mode=max
+          cache-to: type=gha,mode=max
+          no-cache: ${{ inputs.NO_CACHE == true }}
