Skip to content

Latest commit

 

History

History
94 lines (75 loc) · 4.3 KB

README.md

File metadata and controls

94 lines (75 loc) · 4.3 KB

Docker Build & Push Action

GitHub Actions status

Builds a Docker image and pushes it to the private registry of your choosing.

Basic usage

  • Ensure you run the checkout action before using this action
  • Add the following to a workflow .yml file in the /.github directory of your repo
steps:
  - uses: actions/[email protected]

  - uses: mr-smithers-excellent/docker-build-push@v2
    with:
      image: repo/image
      tag: latest
      registry: registry-url.io
      dockerfile: Dockerfile.ci
      username: ${{ secrets.DOCKER_USERNAME }}
      password: ${{ secrets.DOCKER_PASSWORD }}

Inputs

Name Description Required
image Docker image name Yes
tag Docker image tag (see Tagging the image with GitOps) No
registry Docker registry host Yes
dockerfile Location of Dockerfile (defaults to Dockerfile) No
buildArgs Docker build arguments in format KEY=VALUE,KEY=VALUE No
username Docker registry username No
password Docker registry password or token No

Examples

Docker Hub

  • Save your Docker Hub username (DOCKER_USERNAME) and password (DOCKER_PASSWORD) as secrets in your GitHub repo
  • Modify sample below and include in your workflow .github/workflows/*.yml file
uses: mr-smithers-excellent/docker-build-push@v2
with:
  image: docker-hub-repo/image-name
  registry: docker.io
  username: ${{ secrets.DOCKER_USERNAME }}
  password: ${{ secrets.DOCKER_PASSWORD }}

Google Container Registry (GCR)

  • Create a service account with the ability to push to GCR (see configuring access control)
  • Create and download JSON key for new service account
  • Save content of .json file as a secret called DOCKER_PASSWORD in your GitHub repo
  • Modify sample below and include in your workflow .github/workflows/*.yml file
  • Ensure you set the username to _json_key
uses: mr-smithers-excellent/docker-build-push@v2
with:
  image: gcp-project/image-name
  registry: gcr.io
  username: _json_key 
  password: ${{ secrets.DOCKER_PASSWORD }} 

AWS Elastic Container Registry (ECR)

  • Create an IAM user with the ability to push to ECR (see example policies)
  • Create and download access keys
  • Save AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as secrets in your GitHub repo
  • Modify sample below and include in your workflow .github/workflows/*.yml file
uses: mr-smithers-excellent/docker-build-push@v2
with:
  image: image-name
  registry: [aws-account-number].dkr.ecr.[region].amazonaws.com
env:
  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

Tagging the image using GitOps

By default, if you do not pass a tag input this action will use an algorithm based on the state of your git repo to determine the Docker image tag. This is designed to enable developers to more easily use GitOps in their CI/CD pipelines. Below is a table detailing how the GitHub trigger (branch or tag) determines the Docker tag.

Trigger Commit SHA Docker Tag
/refs/tags/v1.0 N/A v1.0
/refs/heads/master 1234567 dev-1234567
/refs/heads/SOME-feature 1234567 some-feature-1234567