I'm assuming that you already have a working GitHub CI/CD workflow for building whatever it is that you're building, and I'm only going to focus on the Docker-specific changes that need to be made.
You'll want to set up the following workflows:
- Upon "pull_request" for the "master" branch, build the Docker image (to make sure that the process works), but don't actually publish it.
- Upon "push" for the "master" branch, build the Docker image and publish it as "latest".
- Upon "release" for the "master" branch, build the Docker image and publish it with the release's tag.
Before you get started, you'll need to create a Dockerhub "access token" to use for your account. You can do this under "Account Settings" → "Security" → "Access Tokens".
Workflow updates
Upon "pull_request"
This workflow happens every time a commit is made to a pull request. While we want to ensure that our Docker image is built so that we know that the process works, we don't actually want to publish that image (at least I don't; you might have a use for it).
To build the Docker image, just add the following to your "steps" section:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build
uses: docker/build-push-action@v3
with:
context: .
push: false
tags: YOUR_GROUP/YOUR_REPO:latest
Simple enough.
The "docker/setup-buildx-action" action does whatever magic needs to happen for Docker stuff to work in the pipeline, and the "docker/build-push-action" builds the image from your Dockerfile and pushes the image. Because we're setting "push: false", it won't actually push.
Upon "merge" into "master"
This workflow happens every time a PR is merged into the "master" branch. In this case, we want to do everything that we did for the "pull_request" case, but we also want to push the image.
The changes here are that we'll set "push: true" and also specify our Dockerhub username and password.
To build and push the Docker image, just add the following to your "steps" section:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: YOUR_GROUP/YOUR_REPO:latest
Boom.
The new action "docker/login-action" logs into Dockerhub with your username and password, which is necessary to actually push the image.
Upon "release"
This workflow happens every time a release is created. This is generally similar to "merge" case, except instead of using the "latest" label, we'll be using the release's tag.
To build and push the Docker image, just add the following to your "steps" section:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: YOUR_GROUP/YOUR_REPO:${{ github.event.release.tag_name }}
And that's it. The "github.event.release.tag_name" variable holds the name of the Git tag, which is what we'll use for the Docker label.
No comments:
Post a Comment