extralit/.github/workflows/extralit-frontend.build-push-dev-frontend-docker.yml at develop · Extralit/extralit · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
name: Build Extralit Docker image

on:
  workflow_call:
    inputs:
      download-python-package:
        description: "True if python package should be downloaded"
        type: boolean
        default: false
      image-name:
        description: "Name of the image to build"
        required: true
        type: string
      dockerfile:
        description: "Path to the Dockerfile to build"
        required: true
        type: string
      platforms:
        description: "Platforms to build for"
        required: true
        type: string
      build-args:
        description: "Build arguments"
        required: false
        type: string
        default: ""
      readme:
        description: "Path to the README file"
        required: false
        type: string
        default: "README.md"
    outputs:
      version:
        description: "Version of the Docker image"
        value: ${{ jobs.build.outputs.version }}
      google-docker-image:
        description: The name of the Docker image uploaded to Google Artifact Registry.
        value: ${{ jobs.build.outputs.google-docker-image }}

jobs:
  build:
    name: Build Docker image
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: extralit-frontend

    # Grant permissions to `GITHUB_TOKEN` for Google Cloud Workload Identity Provider
    permissions:
      contents: read
      id-token: write

    outputs:
      version: ${{ steps.docker-image-tag-from-ref.outputs.docker-image-tag }}
    steps:
      - uses: actions/checkout@v4

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: "18"

      - name: Build Frontend
        run: |
          npm install
          npm run build

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Get Docker image tag from GITHUB_REF
        id: docker-image-tag-from-ref
        uses: ./.github/actions/docker-image-tag-from-ref

      - name: Generate Docker tags
        id: generate-docker-tags
        run: |
          DOCKER_HUB_TAG="$IMAGE_NAME:$DOCKER_IMAGE_TAG"

          echo "tags=$DOCKER_HUB_TAG" >> $GITHUB_OUTPUT
        env:
          IMAGE_NAME: ${{ inputs.image-name }}
          DOCKER_IMAGE_TAG: ${{ steps.docker-image-tag-from-ref.outputs.docker-image-tag }}

      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.AR_DOCKER_USERNAME }}
          password: ${{ secrets.AR_DOCKER_PASSWORD }}

      # Authenticate in GCP using Workload Identity Federation, so we can push the Docker image to the Google Cloud Artifact Registry
      # - name: Authenticate to Google Cloud
      #   id: google-auth
      #   uses: "google-github-actions/auth@v1"
      #   with:
      #     token_format: access_token
      #     workload_identity_provider: ${{ secrets.GOOGLE_CLOUD_WIP }}
      #     service_account: ${{ secrets.GOOGLE_CLOUD_SERVICE_ACCOUNT }}

      # - name: Login to Google Artifact Registry
      #   uses: docker/login-action@v2
      #   with:
      #     registry: europe-docker.pkg.dev
      #     username: oauth2accesstoken
      #     password: ${{ steps.google-auth.outputs.access_token }}

      - name: Build and push
        uses: docker/build-push-action@v4
        with:
          context: extralit-frontend
          file: ${{ inputs.dockerfile }}
          platforms: ${{ inputs.platforms }}
          tags: ${{ steps.generate-docker-tags.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          build-args: ${{ inputs.build-args }}
          push: true