-
Notifications
You must be signed in to change notification settings - Fork 326
75 lines (61 loc) · 3.16 KB
/
docker-push.yml
File metadata and controls
75 lines (61 loc) · 3.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
name: Pull and Push Docker Image
on:
workflow_dispatch:
inputs:
image_tag:
description: "Docker image tag to pull from Docker Hub"
required: true
type: string
jobs:
push:
environment: build
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- uses: actions/checkout@v4
- id: gcp-auth
name: Google authentication
uses: google-github-actions/auth@v2
with:
token_format: "access_token"
service_account: artifact-writer@${{ vars.GCP_PROJECT_ID }}.iam.gserviceaccount.com
workload_identity_provider: ${{ vars.GCPV2_GITHUB_WORKLOAD_IDENTITY_PROVIDER }}
- name: Generate versioned tag
id: versioned-tag
run: |
base_tag="${{ github.event.inputs.image_tag }}"
registry="${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.GAR_REPOSITORY }}"
# Configure gcloud auth using the token
echo "${{ steps.gcp-auth.outputs.access_token }}" | docker login -u oauth2accesstoken --password-stdin ${{ vars.GAR_LOCATION }}-docker.pkg.dev
# Find the highest version number for this base tag
version_number=1
while true; do
versioned_tag="${base_tag}-${version_number}"
# Check if image exists in registry
if gcloud container images describe "${registry}/bugbug-http-service:${versioned_tag}" --quiet >/dev/null 2>&1; then
version_number=$((version_number + 1))
else
break
fi
done
echo "versioned_tag=$versioned_tag" >> $GITHUB_OUTPUT
- name: Pull web image
run: docker pull mozilla/bugbug-http-service:${{ github.event.inputs.image_tag }}
- name: Pull worker image
run: docker pull mozilla/bugbug-http-service-bg-worker:${{ github.event.inputs.image_tag }}
- name: Log in to GAR for push
uses: docker/login-action@v2
with:
registry: ${{ vars.GAR_LOCATION }}-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.gcp-auth.outputs.access_token }}
- name: Tag web image
run: docker tag mozilla/bugbug-http-service:${{ github.event.inputs.image_tag }} ${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.GAR_REPOSITORY }}/bugbug-http-service:${{ steps.versioned-tag.outputs.versioned_tag }}
- name: Push web image
run: docker push ${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.GAR_REPOSITORY }}/bugbug-http-service:${{ steps.versioned-tag.outputs.versioned_tag }}
- name: Tag worker image
run: docker tag mozilla/bugbug-http-service-bg-worker:${{ github.event.inputs.image_tag }} ${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.GAR_REPOSITORY }}/bugbug-http-service-bg-worker:${{ steps.versioned-tag.outputs.versioned_tag }}
- name: Push worker image
run: docker push ${{ vars.GAR_LOCATION }}-docker.pkg.dev/${{ vars.GCP_PROJECT_ID }}/${{ vars.GAR_REPOSITORY }}/bugbug-http-service-bg-worker:${{ steps.versioned-tag.outputs.versioned_tag }}