This document will cover the ways in which one can create and publish docker image using opensrp docker workflow. The workflow being referred to here can be found here and for web here. We build docker images for both linux/amd64 and linux/arm64 architecture for opensrp server web and linux/amd64 for opensrp web.
Description of various sections of the workflow (using the one for opensrp server web)
on:
on: push: # Publish `master` as Docker `master` tag. # See also https://github.com/crazy-max/ghaction-dor-meta#basic branches: - master # Publish `v1.2.3` tags as releases. tags: - v* pull_request: # Run Tests when changes are made to the Docker file paths: - 'Dockerfile' workflow_dispatch: inputs: customTag: description: "Includes the specified tag to docker image tags" required: falseHere we specify when the workflow should be triggered. On the above scenario we have the workflow being triggered when:
Push - These actions trigger docker build and publishing of the image on DockerHub or Github Container registry.
Commits are pushed to master branch.
Git tag prefixed with
v*are pushed to the repository.
Pull Request - When a pull request is created with changes on the Dockerfile a docker build is triggered to ensure that docker build goes smoothly.
Workflow Dispatch (Manual Trigger)
This allows one to manually trigger the workflow to build and publish docker image to the respective repositories. One can choose which branch to use or which name to use for the of the docker image, if the tag section is left as blank the branch name can be used.
jobs:
Here we list the jobs or tasks for the workflow. We have two jobs namely: test and push
test: Responsible for testing the docker image build process.
jobs:
# Run image build test
test:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Run Build tests
run: docker build . --file Dockerfile
ii. push: Responsible for building and publishing opensrp docker image to respective repositories.
push:
runs-on: ubuntu-latest
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Cache Docker layers
uses: actions/cache@v2.1.6
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1.3.0
- name: Docker meta
id: docker_meta
uses: crazy-max/ghaction-docker-meta@v1
with:
images: opensrp/opensrp-server-web
tag-custom: ${{ github.event.inputs.customTag }}
- name: Login to DockerHub
uses: docker/login-action@v1.10.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1.10.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push to Docker Image Repositories
uses: docker/build-push-action@v2.5.0
id: docker_build
with:
push: true
platforms: linux/amd64,linux/arm64
tags: |
${{ steps.docker_meta.outputs.tags }}
ghcr.io/${{ steps.docker_meta.outputs.tags }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
The resultant docker-publish.yml file
name: Docker
on:
push:
# Publish `master` as Docker `master` tag.
# See also https://github.com/crazy-max/ghaction-docker-meta#basic
branches:
- master
# Publish `v1.2.3` tags as releases.
tags:
- v*
pull_request:
# Run Tests when changes are made to the Docker file
paths:
- 'Dockerfile'
workflow_dispatch:
inputs:
customTag:
description: "Includes the specified tag to docker image tags"
required: false
jobs:
# Run image build test
test:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Run Build tests
run: docker build . --file Dockerfile
push:
runs-on: ubuntu-latest
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
steps:
- uses: actions/checkout@v2
with:
submodules: recursive
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Cache Docker layers
uses: actions/cache@v2.1.6
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1.3.0
- name: Docker meta
id: docker_meta
uses: crazy-max/ghaction-docker-meta@v1
with:
images: opensrp/opensrp-server-web
tag-custom: ${{ github.event.inputs.customTag }}
- name: Login to DockerHub
uses: docker/login-action@v1.10.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1.10.0
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push to Docker Image Repositories
uses: docker/build-push-action@v2.5.0
id: docker_build
with:
push: true
platforms: linux/amd64,linux/arm64
tags: |
${{ steps.docker_meta.outputs.tags }}
ghcr.io/${{ steps.docker_meta.outputs.tags }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}