Opensrp Docker Automated Workflow Integration

This document will cover the ways in which one can create and publish docker image using opensrp docker workflow. The workflow being referred to here can be found here and for web here. We build docker images for both linux/amd64 and linux/arm64 architecture for opensrp server web and linux/amd64 for opensrp web.

Description of various sections of the workflow (using the one for opensrp server web)

  1. on:

    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 on: push: # Publish `master` as Docker `master` tag. # See also https://github.com/crazy-max/ghaction-dor-meta#basic branches: - master # Publish `v1.2.3` tags as releases. tags: - v* pull_request: # Run Tests when changes are made to the Docker file paths: - 'Dockerfile' workflow_dispatch: inputs: customTag: description: "Includes the specified tag to docker image tags" required: false
    1. Here we specify when the workflow should be triggered. On the above scenario we have the workflow being triggered when:

      1. Push - These actions trigger docker build and publishing of the image on DockerHub or Github Container registry.

        1. Commits are pushed to master branch.

        2. Git tag prefixed with v* are pushed to the repository.

      2. Pull Request - When a pull request is created with changes on the Dockerfile a docker build is triggered to ensure that docker build goes smoothly.

      3. Workflow Dispatch (Manual Trigger)

        1. This allows one to manually trigger the workflow to build and publish docker image to the respective repositories. One can choose which branch to use or/and which name to use for the of the docker image, if the tag section is left as blank the branch name will be used.

  2. jobs:

    1. Here we list the jobs or tasks for the workflow. We have two jobs namely: test and push

      1. test: Responsible for testing the docker image build process.

1 2 3 4 5 6 7 8 9 10 11 12 13 jobs: # Run image build test test: runs-on: ubuntu-latest if: github.event_name == 'pull_request' steps: - uses: actions/checkout@v2 with: submodules: recursive - name: Run Build tests run: docker build . --file Dockerfile

ii. push: Responsible for building and publishing opensrp docker image to respective repositories.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 push: runs-on: ubuntu-latest if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' steps: - uses: actions/checkout@v2 with: submodules: recursive - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Cache Docker layers uses: actions/cache@v2.1.6 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1.3.0 - name: Docker meta id: docker_meta uses: crazy-max/ghaction-docker-meta@v1 with: images: opensrp/opensrp-server-web tag-custom: ${{ github.event.inputs.customTag }} - name: Login to DockerHub uses: docker/login-action@v1.10.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry uses: docker/login-action@v1.10.0 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Push to Docker Image Repositories uses: docker/build-push-action@v2.5.0 id: docker_build with: push: true platforms: linux/amd64,linux/arm64 tags: | ${{ steps.docker_meta.outputs.tags }} ghcr.io/${{ steps.docker_meta.outputs.tags }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 - name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - name: Image digest run: echo ${{ steps.docker_build.outputs.digest }}

 

The resultant docker-publish.yml file

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 name: Docker on: push: # Publish `master` as Docker `master` tag. # See also https://github.com/crazy-max/ghaction-docker-meta#basic branches: - master # Publish `v1.2.3` tags as releases. tags: - v* pull_request: # Run Tests when changes are made to the Docker file paths: - 'Dockerfile' workflow_dispatch: inputs: customTag: description: "Includes the specified tag to docker image tags" required: false jobs: # Run image build test test: runs-on: ubuntu-latest if: github.event_name == 'pull_request' steps: - uses: actions/checkout@v2 with: submodules: recursive - name: Run Build tests run: docker build . --file Dockerfile push: runs-on: ubuntu-latest if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' steps: - uses: actions/checkout@v2 with: submodules: recursive - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Cache Docker layers uses: actions/cache@v2.1.6 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1.3.0 - name: Docker meta id: docker_meta uses: crazy-max/ghaction-docker-meta@v1 with: images: opensrp/opensrp-server-web tag-custom: ${{ github.event.inputs.customTag }} - name: Login to DockerHub uses: docker/login-action@v1.10.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry uses: docker/login-action@v1.10.0 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Push to Docker Image Repositories uses: docker/build-push-action@v2.5.0 id: docker_build with: push: true platforms: linux/amd64,linux/arm64 tags: | ${{ steps.docker_meta.outputs.tags }} ghcr.io/${{ steps.docker_meta.outputs.tags }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 - name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - name: Image digest run: echo ${{ steps.docker_build.outputs.digest }}