Build and Publish Docker Images #27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Publish Docker Images | |
| on: | |
| pull_request: | |
| paths: | |
| - setup.py | |
| - setup.cfg | |
| - pyproject.toml | |
| - MANIFEST.in | |
| - nvitop/version.py | |
| - nvitop-exporter/nvitop_exporter/version.py | |
| - Dockerfile | |
| - nvitop-exporter/Dockerfile | |
| - .github/workflows/docker.yaml | |
| release: | |
| types: | |
| - published | |
| # Allow to trigger the workflow manually | |
| workflow_dispatch: | |
| inputs: | |
| publish: | |
| description: "Publish to GHCR" | |
| type: boolean | |
| default: true | |
| required: false | |
| tag: | |
| description: "Version tag to publish" | |
| type: string | |
| required: true | |
| concurrency: | |
| group: "${{ github.workflow }}-${{ github.ref }}" | |
| cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| attestations: write | |
| env: | |
| IMAGE_REGISTRY: "ghcr.io" | |
| FORCE_COLOR: "1" | |
| CLICOLOR_FORCE: "1" | |
| jobs: | |
| build-and-publish: | |
| name: Build and Publish Docker Images for ${{ matrix.name }} | |
| if: github.repository_owner == 'XuehaiPan' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| strategy: | |
| matrix: | |
| include: | |
| - name: nvitop | |
| context: . | |
| - name: nvitop-exporter | |
| context: ./nvitop-exporter | |
| fail-fast: false | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Test docker build | |
| run: | | |
| docker build --tag test-image:latest ${{ matrix.context }} | |
| docker run --rm test-image:latest --version | |
| docker run --rm test-image:latest --help | |
| - name: Extract version | |
| id: tag | |
| run: | | |
| if [[ "${{ github.event_name }}" == 'release' ]]; then | |
| VERSION="${GITHUB_REF#refs/tags/}" | |
| TAG="${VERSION#v}" | |
| elif [[ "${{ github.event_name }}" == 'workflow_dispatch' ]]; then | |
| TAG="${{ github.event.inputs.tag }}" | |
| else | |
| TAG="pr-${{ github.event.number }}" | |
| fi | |
| echo "image-name=${{ env.IMAGE_REGISTRY }}/${{ github.repository_owner }}/${{ matrix.name }}" | | |
| tr '[:upper:]' '[:lower:]' | tee -a "${GITHUB_OUTPUT}" | |
| echo "image-tag=${TAG}" | tee -a "${GITHUB_OUTPUT}" | |
| - name: Login to Container Registry | |
| if: github.event_name == 'release' || (github.event_name == 'workflow_dispatch' && github.event.inputs.publish == 'true') | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.IMAGE_REGISTRY }} | |
| username: ${{ github.repository_owner }} | |
| password: ${{ github.token }} | |
| - name: Build and push Docker image | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: ${{ matrix.context }} | |
| tags: "${{ steps.tag.outputs.image-name }}:${{ steps.tag.outputs.image-tag }}${{ github.event_name == 'release' && format(',{0}:latest', steps.tag.outputs.image-name) || '' }}" | |
| platforms: linux/amd64,linux/arm64 | |
| pull: true | |
| push: ${{ github.event_name == 'release' || (github.event_name == 'workflow_dispatch' && github.event.inputs.publish == 'true') }} | |
| cache-from: type=gha,scope=${{ matrix.name }} | |
| cache-to: type=gha,mode=max,scope=${{ matrix.name }} | |
| - name: Generate artifact attestation | |
| if: github.event_name == 'release' || (github.event_name == 'workflow_dispatch' && github.event.inputs.publish == 'true') | |
| uses: actions/attest-build-provenance@v3 | |
| with: | |
| subject-name: ${{ steps.tag.outputs.image-name }} | |
| subject-digest: ${{ steps.build.outputs.digest }} | |
| push-to-registry: true |