Merge pull request #356 from Automattic/dependabot/github_actions/pet… #352

Workflow file for this run

.github/workflows/build-push.yml at 0daa8eb

	name: Build and Push Docker Image

	on:
	push:
	branches:
	- trunk
	workflow_dispatch:

	permissions:
	contents: read

	jobs:
	prepare:
	name: Prepare list of images to build
	runs-on: ubuntu-latest
	outputs:
	images: ${{ steps.set-matrix.outputs.images }}
	steps:
	- name: Check out the source code
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

	- name: Set matrix
	id: set-matrix
	run: echo images="$(jq '."x-build"' images/src/*/.devcontainer.json \| jq --slurp -c .)" >> "${GITHUB_OUTPUT}"

	publish-images:
	needs: prepare
	name: 'Publish ${{ matrix.image.name }}'
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	strategy:
	fail-fast: false
	matrix:
	image: ${{ fromJson(needs.prepare.outputs.images) }}
	steps:
	- name: Check out the repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
	with:
	fetch-depth: 0

	- name: Check changed files
	id: changes
	run: \|
	if [ "${{ github.event_name }}" = "push" ]; then
	if [ "${{ github.event.forced }}" = "true" ]; then
	echo needs_build=true >> "${GITHUB_OUTPUT}"
	else
	base="${{ github.event.before }}"
	head="${{ github.event.after }}"
	image="images/src/${{ matrix.image.image-name }}"
	changes="$(git diff --name-only "${base}" "${head}" -- "${image}" \| grep -Fv "${image}/README.md" \|\| true)"
	if [ -n "${changes}" ]; then
	echo needs_build=true >> "${GITHUB_OUTPUT}"
	else
	echo needs_build=false >> "${GITHUB_OUTPUT}"
	fi
	fi
	else
	echo needs_build=true >> "${GITHUB_OUTPUT}"
	fi

	- name: Expose GitHub Runtime
	uses: Automattic/vip-actions/expose-github-runtime@e1faabf165941008de4c0c1381df153e49d8ad2c # v0.6.0

	- name: Set up Docker
	uses: crazy-max/ghaction-setup-docker@78318f8be53384b971671f27d81f5e72526c102d # v3.3.0
	with:
	daemon-config: \|
	{
	"features": {
	"containerd-snapshotter": true
	}
	}

	- name: Set up QEMU
	uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
	if: steps.changes.outputs.needs_build == 'true'

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
	if: steps.changes.outputs.needs_build == 'true'

	- name: Log in to GitHub Docker Registry
	uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
	if: steps.changes.outputs.needs_build == 'true'
	with:
	registry: https://ghcr.io
	username: ${{ github.actor }}}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Lowercase repository name
	run: echo "REPO=$(echo "${{ github.repository }}" \| tr '[:upper:]' '[:lower:]')" >> "${GITHUB_ENV}"

	- name: Set versions
	if: steps.changes.outputs.needs_build == 'true'
	id: set-versions
	run: \|
	echo major="$(echo "${{ matrix.image.image-version }}" \| cut -d. -f1)" >> "${GITHUB_OUTPUT}"
	echo minor="$(echo "${{ matrix.image.image-version }}" \| cut -d. -f2)" >> "${GITHUB_OUTPUT}"
	echo patch="$(echo "${{ matrix.image.image-version }}" \| cut -d. -f3)" >> "${GITHUB_OUTPUT}"

	- name: Check if image already exists
	if: steps.changes.outputs.needs_build == 'true'
	id: exists
	run: \|
	if docker buildx imagetools inspect "ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }}.${{ steps.set-versions.outputs.minor }}.${{ steps.set-versions.outputs.patch }}" > /dev/null 2>&1; then
	echo exists=true >> "${GITHUB_OUTPUT}"
	else
	echo exists=false >> "${GITHUB_OUTPUT}"
	fi

	- name: Install @devcontainers/cli
	run: npm install -g @devcontainers/cli
	if: ${{ steps.changes.outputs.needs_build == 'true' && steps.exists.outputs.exists != 'true' }}

	- name: Build image
	run: \|
	devcontainer build \
	--workspace-folder images/src/${{ matrix.image.image-name }} \
	--platform linux/amd64,linux/arm64 \
	--image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }}.${{ steps.set-versions.outputs.minor }}.${{ steps.set-versions.outputs.patch }} \
	--image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }}.${{ steps.set-versions.outputs.minor }} \
	--image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:${{ steps.set-versions.outputs.major }} \
	--image-name=ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}:latest \
	--output type=docker \
	--cache-from type=gha \
	--cache-to type=gha,mode=max
	if: ${{ steps.changes.outputs.needs_build == 'true' && steps.exists.outputs.exists != 'true' }}

	- name: Publish image
	run: docker push --all-tags ghcr.io/${{ env.REPO }}/${{ matrix.image.image-name }}
	if: ${{ steps.changes.outputs.needs_build == 'true' && steps.exists.outputs.exists != 'true' }}

	publish-features:
	name: Publish features
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	steps:
	- name: Check out the repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
	with:
	fetch-depth: 0

	- name: Check changed files
	id: changes
	run: \|
	if [ "${{ github.event_name }}" = "push" ]; then
	base="${{ github.event.before }}"
	head="${{ github.event.after }}"
	path="features/src"
	changes="$(git diff --name-only "${base}" "${head}" -- "${path}" \| grep -Fv "/README.md" \|\| true)"
	if [ -n "${changes}" ]; then
	echo needs_build=true >> "${GITHUB_OUTPUT}"
	else
	echo needs_build=false >> "${GITHUB_OUTPUT}"
	fi
	else
	echo needs_build=true >> "${GITHUB_OUTPUT}"
	fi

	- name: Log in to GitHub Docker Registry
	uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
	with:
	registry: https://ghcr.io
	username: ${{ github.actor }}}
	password: ${{ secrets.GITHUB_TOKEN }}
	if: steps.changes.outputs.needs_build == 'true'

	- name: Install @devcontainers/cli
	run: npm install -g @devcontainers/cli
	if: steps.changes.outputs.needs_build == 'true'

	- name: Publish features
	run: devcontainer features publish features/src --namespace "${{ github.repository }}"
	if: steps.changes.outputs.needs_build == 'true'

	publish-templates:
	name: Publish templates
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	steps:
	- name: Check out the repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
	with:
	fetch-depth: 0

	- name: Check changed files
	id: changes
	run: \|
	if [ "${{ github.event_name }}" = "push" ]; then
	base="${{ github.event.before }}"
	head="${{ github.event.after }}"
	path="templates/src"
	changes="$(git diff --name-only "${base}" "${head}" -- "${path}" \| grep -Fv "/README.md" \|\| true)"
	if [ -n "${changes}" ]; then
	echo needs_build=true >> "${GITHUB_OUTPUT}"
	else
	echo needs_build=false >> "${GITHUB_OUTPUT}"
	fi
	else
	echo needs_build=true >> "${GITHUB_OUTPUT}"
	fi

	- name: Log in to GitHub Docker Registry
	uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
	with:
	registry: https://ghcr.io
	username: ${{ github.actor }}}
	password: ${{ secrets.GITHUB_TOKEN }}
	if: steps.changes.outputs.needs_build == 'true'

	- name: Install @devcontainers/cli
	run: npm install -g @devcontainers/cli
	if: steps.changes.outputs.needs_build == 'true'

	- name: Publish templates
	run: devcontainer templates publish templates/src --namespace "${{ github.repository }}"
	if: steps.changes.outputs.needs_build == 'true'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #356 from Automattic/dependabot/github_actions/pet… #352

Workflow file

Merge pull request #356 from Automattic/dependabot/github_actions/pet… #352

Jobs

Run details

Workflow file for this run