-
Notifications
You must be signed in to change notification settings - Fork 0
162 lines (135 loc) · 5.21 KB
/
docker-publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
name: Docker
on:
push:
# Publish `main` as Docker `latest` image.
branches:
- main
# Publish `v1.2.3` tags as releases.
tags:
- v*
# Run tests for any PRs.
pull_request:
env:
IMAGE_NAME: bioinformatics
jobs:
# Push image to GitHub Packages.
# See also https://docs.docker.com/docker-hub/builds/
push:
runs-on: ubuntu-latest
if: github.event_name == 'push'
steps:
- uses: actions/checkout@v4
with:
lfs: true
- name: Checkout LFS objects
run: git lfs checkout
- name: Set Date
run: echo "TODAYS_DATE=$(date +'%Y%m%d')" >> $GITHUB_ENV
- name: Prepare tags
id: prep
run: |
# Docker Registries
GHCR_IMAGE_NAME="ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}"
DOCKER_HUB_IMAGE_NAME="${{ github.repository_owner }}/${{ env.IMAGE_NAME }}"
TAGS=""
FINAL_TAGS=""
# Identify Tags
# Type of tags:
# 1. Scenario 1 - x.y.z.patchedYYYYMMDD
# 2. Scenario 2 - Semver Tags x.y.z
# 3. Scenario 3 - Main Branch
# 4. Scenario 4 - Branches
if [[ $GITHUB_REF == refs/tags/* ]]; then
# If this is a tag push, use the tag name (stripping 'refs/tags/')
FULL_TAG=${GITHUB_REF#refs/tags/}
# Remove leading 'v' from tag if present
if [[ $FULL_TAG == v* ]]; then
FULL_TAG=${FULL_TAG#v}
fi
# Scenario 1 - x.y.z.patchedYYYYMMDD
# Tags
# 1. x.y.z.patchedYYYYMMDD
# 2. x.y.z
# 3. x.y
# 4. x
if [[ $FULL_TAG =~ (.*)\.patched[0-9]+ ]]; then
# Extract the base tag without the .patched segment
BASE_TAG=${BASH_REMATCH[1]}
if [[ $BASE_TAG =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
MAJOR=${BASH_REMATCH[1]}
MINOR=${BASH_REMATCH[2]}
PATCH=${BASH_REMATCH[3]}
TAGS="$FULL_TAG,$BASE_TAG,$MAJOR.$MINOR.$PATCH,$MAJOR.$MINOR,$MAJOR"
fi
else
# Scenario 2 - Semver Tags x.y.z
# Tags
# 1. x.y.z
# 2. x.y
# 3. x
if [[ $FULL_TAG =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
MAJOR=${BASH_REMATCH[1]}
MINOR=${BASH_REMATCH[2]}
PATCH=${BASH_REMATCH[3]}
TAGS="$MAJOR.$MINOR.$PATCH,$MAJOR.$MINOR,$MAJOR"
fi
fi
elif [[ $GITHUB_REF == refs/heads/main ]]; then
# Scenario 3 - Main Branch
# If this is a push to main, use 'latest'
TAGS="latest"
else
# Scenario 4 - Branches
# Otherwise, use the branch name, replacing non-alphanumeric characters with underscores
TAG=$(echo ${GITHUB_REF#refs/heads/} | sed 's/[^a-zA-Z0-9]/_/g')
TAGS=$TAG
fi
# For each tag, prepend the registry name and output a newline-separated list
for tag in $(echo "$TAGS" | tr ',' '\n'); do
FINAL_TAGS="$FINAL_TAGS $GHCR_IMAGE_NAME:$tag,"
FINAL_TAGS="$FINAL_TAGS $DOCKER_HUB_IMAGE_NAME:$tag,"
done
FINAL_TAGS=${FINAL_TAGS%,}
echo "tags=${FINAL_TAGS}" >> $GITHUB_OUTPUT
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
labels:
org.opencontainers.image.title=${{ env.IMAGE_NAME }}
org.opencontainers.image.description=Bioinformatics Tools
org.opencontainers.image.vendor=Englander Institute for Precision Medicine
maintainer=Andrea Sboner <ans2077@med.cornell.edu>
org.opencontainers.image.authors=Andrea Sboner <ans2077@med.cornell.edu>
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log into GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ secrets.GHCR_SVC_ACCOUNT }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Login to EIPM DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.EIPM_DOCKER_HUB_USERNAME }}
password: ${{ secrets.EIPM_DOCKER_HUB_TOKEN }}
- name: Build and push to Docker Hub and GitHub Container Registry
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64
file: ./Dockerfile
sbom: true
push: true
provenance: mode=max
tags: ${{ steps.prep.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:cache
cache-to: type=registry,ref=ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:cache,mode=max