Skip to content

Ensure CI image

Ensure CI image #1

name: Ensure CI image
on:
workflow_dispatch:
env:
IMAGE_REGISTRY: ghcr.io
CI_DOCKERFILE_DIR: ./ci # Relative to project root
CI_DOCKERFILE_PATH: Dockerfile # Relative to CI_DOCKERFILE_DIR
CI_DOCKERFILE_MOST_RECENT_SHA: # Determined dynamically later on
jobs:
calculate-latest-label:
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
ci_dockerfile_latest_sha: ${{ steps.calculate_latest_sha.outputs.ci_dockerfile_latest_sha }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Calculate label for CI image
id: calculate_latest_sha
env:
IMAGE_NAME: ${{ github.repository }}
run: |
dockerfile_path=${CI_DOCKERFILE_DIR}/${CI_DOCKERFILE_PATH}
[[ ! -f ${dockerfile_path} ]] && echo "Could not find Dockerfile at ${dockerfile_path}" 1>&2 && exit 1
echo "ci_dockerfile_latest_sha=$(git log --max-count 1 --pretty=format:%H "${dockerfile_path}")" >> $GITHUB_OUTPUT
build-and-push-ci-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
needs:
- calculate-latest-label
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Login to GitHub container registry
uses: docker/login-action@v3
with:
registry: ${{ env.IMAGE_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata
uses: docker/metadata-action@v5
id: meta
with:
images: ${{ env.IMAGE_REGISTRY }}/${{ github.repository }}-ci
tags: |
type=raw,value=${{ needs.calculate-latest-label.outputs.ci_dockerfile_latest_sha }}
type=raw,value=${{ github.ref_name }}-latest
- name: Build and push CI image
uses: docker/build-push-action@v5
with:
push: true
context: ${{ env.CI_DOCKERFILE_DIR }}/..
file: ${{ env.CI_DOCKERFILE_DIR }}/${{ env.CI_DOCKERFILE_PATH }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}