publish-docker-images #655

Workflow file for this run

.github/workflows/publish-docker-images.yml at 0291b9c

	---
	# This workflow publishes docker images base on .ci/.docker-images.yml`.
	# See docs/INTERNAL_DOCKER_IMAGES.md for further information.
	name: publish-docker-images

	on:
	workflow_dispatch:
	schedule:
	- cron: '0 3 * * 1-5'

	env:
	DOCKER_BUILDKIT: 1
	REGISTRY: docker.elastic.co
	PREFIX: observability-ci

	permissions:
	contents: read

	jobs:
	create-matrix:
	name: Create Matrix
	runs-on: ubuntu-latest
	outputs:
	include: ${{ steps.create-matrix.outputs.include }}
	steps:
	- uses: actions/checkout@v4
	- run: pip install pyyaml
	- name: Create Matrix
	id: create-matrix
	shell: python
	run: \|
	import os
	import json
	import yaml

	images = []
	with open(".ci/.docker-images.yml", "r") as stream:
	images.extend(yaml.safe_load(stream)['images'])
	images_json = json.dumps(images)
	with open(os.environ['GITHUB_OUTPUT'], 'a') as f:
	print(f'include={images_json}', file=f)

	build-test-push:
	name: "${{ matrix.name }}:${{ matrix.tag \|\| 'latest' }}"
	runs-on: ubuntu-latest
	needs: create-matrix
	strategy:
	fail-fast: false
	matrix:
	include: ${{ fromJson(needs.create-matrix.outputs.include )}}
	defaults:
	run:
	working-directory: ${{ matrix.working_directory \|\| '.' }}
	steps:

	- uses: elastic/apm-pipeline-library/.github/actions/github-token@main
	with:
	url: ${{ secrets.VAULT_ADDR }}
	roleId: ${{ secrets.VAULT_ROLE_ID }}
	secretId: ${{ secrets.VAULT_SECRET_ID }}

	- uses: actions/checkout@v4
	with:
	repository: ${{ matrix.repository }}
	token: ${{ env.GITHUB_TOKEN }}
	ref: ${{ matrix.branch }}

	- uses: elastic/apm-pipeline-library/.github/actions/docker-login@main
	with:
	registry: docker.elastic.co
	secret: secret/observability-team/ci/docker-registry/prod
	url: ${{ secrets.VAULT_ADDR }}
	roleId: ${{ secrets.VAULT_ROLE_ID }}
	secretId: ${{ secrets.VAULT_SECRET_ID }}

	- uses: elastic/apm-pipeline-library/.github/actions/docker-login@current
	with:
	registry: docker.io
	secret: secret/observability-team/ci/elastic-observability-dockerhub
	url: ${{ secrets.VAULT_ADDR }}
	roleId: ${{ secrets.VAULT_ROLE_ID }}
	secretId: ${{ secrets.VAULT_SECRET_ID }}

	- name: Prepare
	if: ${{ matrix.prepare_script }}
	run: ${{ matrix.prepare_script }}

	- name: Generate Image Name
	id: generate-image-name
	run: echo "image_name=${{ env.REGISTRY }}/${{ env.PREFIX }}/${{ env.NAME }}:${{ env.TAG }}" >> "$GITHUB_OUTPUT"
	env:
	NAME: ${{ matrix.name }}
	TAG: ${{ matrix.tag \|\| 'latest' }}

	- name: Build
	run: \|
	echo "DEBUG: ${{ matrix.build_script }}"
	if [ -z "${{ matrix.build_script}}" ]; then
	echo "DEBUG: run docker build"
	docker build \
	--cache-from=${{ steps.generate-image-name.outputs.image_name }} \
	${{ matrix.build_opts }} \
	-t ${{ steps.generate-image-name.outputs.image_name }} \
	.
	else
	echo "DEBUG: run build_script"
	bash -c "${{ matrix.build_script }}"
	fi
	env:
	NAME: ${{ matrix.name }}
	TAG: ${{ matrix.tag \|\| 'latest' }}

	- name: Test
	if: ${{ matrix.test_script }}
	run: ${{ matrix.test_script }}

	- name: Push
	if: ${{ matrix.push != 'false' }}
	run: \|
	if [ -z "${{ matrix.push_script }}" ]; then
	docker push ${{ steps.generate-image-name.outputs.image_name }}
	else
	bash -c "${{ matrix.push_script }}"
	fi

	- if: failure()
	uses: elastic/apm-pipeline-library/.github/actions/notify-build-status@current
	with:
	vaultUrl: ${{ secrets.VAULT_ADDR }}
	vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
	vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
	slackChannel: "#observablt-bots"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

publish-docker-images #655

Workflow file

publish-docker-images #655

Jobs

Run details

Workflow file for this run