feat: add GitHub Actions workflows for Docker builds #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ABOUTME: GitHub Actions workflow for building and pushing OpenSPP Docker images | ||
|
Check failure on line 1 in .github/workflows/docker-build.yml
|
||
| # ABOUTME: Builds multi-architecture images and pushes to ACN Nexus registry | ||
| name: Docker Build and Push | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| - master | ||
| - develop | ||
| - 'release/**' | ||
| tags: | ||
| - 'v*' | ||
| - '[0-9]+.[0-9]+.[0-9]+' | ||
| pull_request: | ||
| branches: | ||
| - main | ||
| - master | ||
| - develop | ||
| workflow_dispatch: | ||
| inputs: | ||
| push_images: | ||
| description: 'Push images to registry' | ||
| required: false | ||
| default: 'false' | ||
| type: choice | ||
| options: | ||
| - 'true' | ||
| - 'false' | ||
| env: | ||
| REGISTRY: docker-push.acn.fr | ||
| PUBLIC_REGISTRY: docker.acn.fr | ||
| IMAGE_NAME: openspp/openspp | ||
| jobs: | ||
| build-ubuntu: | ||
| name: Build Ubuntu Image | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@v3 | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| - name: Log in to Nexus Registry | ||
| if: github.event_name != 'pull_request' | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ${{ env.REGISTRY }} | ||
| username: ${{ secrets.NEXUS_USERNAME }} | ||
| password: ${{ secrets.NEXUS_PASSWORD }} | ||
| - name: Extract metadata | ||
| id: meta | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: | | ||
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | ||
| tags: | | ||
| type=ref,event=branch | ||
| type=ref,event=pr | ||
| type=semver,pattern={{version}} | ||
| type=semver,pattern={{major}}.{{minor}} | ||
| type=raw,value=latest,enable={{is_default_branch}} | ||
| type=raw,value=daily,enable={{is_default_branch}} | ||
| type=sha,prefix={{branch}}- | ||
| - name: Build and push Ubuntu image | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| file: ./Dockerfile | ||
| platforms: linux/amd64 | ||
| push: ${{ github.event_name != 'pull_request' }} | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
| cache-from: type=gha | ||
| cache-to: type=gha,mode=max | ||
| build-args: | | ||
| BUILD_DATE=${{ github.event.head_commit.timestamp }} | ||
| VCS_REF=${{ github.sha }} | ||
| VERSION=${{ steps.meta.outputs.version }} | ||
| build-slim: | ||
| name: Build Slim Image | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@v3 | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| - name: Log in to Nexus Registry | ||
| if: github.event_name != 'pull_request' | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ${{ env.REGISTRY }} | ||
| username: ${{ secrets.NEXUS_USERNAME }} | ||
| password: ${{ secrets.NEXUS_PASSWORD }} | ||
| - name: Extract metadata | ||
| id: meta | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: | | ||
| ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | ||
| tags: | | ||
| type=ref,event=branch,suffix=-slim | ||
| type=ref,event=pr,suffix=-slim | ||
| type=semver,pattern={{version}},suffix=-slim | ||
| type=semver,pattern={{major}}.{{minor}},suffix=-slim | ||
| type=raw,value=latest-slim,enable={{is_default_branch}} | ||
| type=raw,value=daily-slim,enable={{is_default_branch}} | ||
| type=sha,prefix={{branch}}-,suffix=-slim | ||
| - name: Build and push Slim image | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| file: ./Dockerfile.slim | ||
| platforms: linux/amd64 | ||
| push: ${{ github.event_name != 'pull_request' }} | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
| cache-from: type=gha | ||
| cache-to: type=gha,mode=max | ||
| build-args: | | ||
| BUILD_DATE=${{ github.event.head_commit.timestamp }} | ||
| VCS_REF=${{ github.sha }} | ||
| VERSION=${{ steps.meta.outputs.version }} | ||
| test-images: | ||
| name: Test Docker Images | ||
| needs: [build-ubuntu, build-slim] | ||
| runs-on: ubuntu-latest | ||
| if: github.event_name == 'pull_request' | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| - name: Build test image (Ubuntu) | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| file: ./Dockerfile | ||
| load: true | ||
| tags: openspp:test-ubuntu | ||
| cache-from: type=gha | ||
| - name: Build test image (Slim) | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| file: ./Dockerfile.slim | ||
| load: true | ||
| tags: openspp:test-slim | ||
| cache-from: type=gha | ||
| - name: Test Ubuntu image | ||
| run: | | ||
| echo "Testing Ubuntu image..." | ||
| docker run --rm openspp:test-ubuntu openspp-server --version | ||
| docker run --rm openspp:test-ubuntu openspp-server --help | grep -q "OpenSPP" | ||
| - name: Test Slim image | ||
| run: | | ||
| echo "Testing Slim image..." | ||
| docker run --rm openspp:test-slim openspp-server --version | ||
| docker run --rm openspp:test-slim openspp-server --help | grep -q "OpenSPP" | ||
| - name: Test health endpoint | ||
| run: | | ||
| echo "Starting container for health check..." | ||
| docker run -d --name openspp-test -p 8069:8069 openspp:test-ubuntu | ||
| sleep 60 | ||
| curl -f http://localhost:8069/web/health || (docker logs openspp-test && exit 1) | ||
| docker stop openspp-test | ||
| docker rm openspp-test | ||
| update-manifests: | ||
| name: Update Kubernetes Manifests | ||
| needs: [build-ubuntu, build-slim] | ||
| runs-on: ubuntu-latest | ||
| if: startsWith(github.ref, 'refs/tags/') | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
| - name: Update deployment manifests | ||
| run: | | ||
| TAG=${GITHUB_REF#refs/tags/} | ||
| echo "Updating manifests for tag: $TAG" | ||
| # Update image tags in deployment files | ||
| find deployments -name "*.yaml" -type f -exec \ | ||
| sed -i "s|image: .*openspp:.*|image: ${{ env.PUBLIC_REGISTRY }}/${{ env.IMAGE_NAME }}:${TAG}|g" {} \; | ||
| - name: Commit and push changes | ||
| run: | | ||
| git config --local user.email "action@github.com" | ||
| git config --local user.name "GitHub Action" | ||
| git add deployments/ | ||
| git diff --staged --quiet || git commit -m "Update deployment manifests for ${GITHUB_REF#refs/tags/}" | ||
| git push | ||
| notify: | ||
| name: Send Notifications | ||
| needs: [build-ubuntu, build-slim] | ||
| runs-on: ubuntu-latest | ||
| if: always() && github.event_name != 'pull_request' | ||
| steps: | ||
| - name: Notify Slack | ||
| if: secrets.SLACK_WEBHOOK != '' | ||
| uses: 8398a7/action-slack@v3 | ||
| with: | ||
| status: ${{ job.status }} | ||
| text: | | ||
| OpenSPP Docker Build ${{ job.status }} | ||
| Branch: ${{ github.ref }} | ||
| Commit: ${{ github.sha }} | ||
| Images pushed to: ${{ env.PUBLIC_REGISTRY }}/${{ env.IMAGE_NAME }} | ||
| webhook_url: ${{ secrets.SLACK_WEBHOOK }} | ||
| env: | ||
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} | ||
