PyGeoC/.github/workflows/docker-image.yml at bd2b4be1704e94d24274d0609529bb4b052a56c5 · lreis2415/PyGeoC · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
# Build PyGeoC docker images based on TauDEM_ext

name: Build PyGeoC based on TauDEM_ext

on:
    push:
      branches:
        - 'master'
        - 'dev'
    pull_request:
    workflow_dispatch:

env:
  # Container registry domain, and a name for the Docker image that this workflow builds.
  IMAGE_NAME: pygeoc
  PKG_VER: 0.3.5
  # github container registry
  REGISTRY: ghcr.io
  NAMESPACE: ${{ github.repository_owner }}
  # aliyun ACR
  REGION_ID_ACR: cn-hangzhou
  REGISTRY_ACR: registry.cn-hangzhou.aliyuncs.com
  LOGIN_SERVER: https://registry.cn-hangzhou.aliyuncs.com
  NAMESPACE_ACR: ljzhu-geomodels
  # dockerfiles and tags
  ALPINE_DOCKERFILE: Dockerfile.alpine
  ALPINE_IMAGE_TAG: ${{ github.ref == 'refs/heads/master' && 'alpine' || 'dev-alpine' }}
  UBUNTU_DOCKERFILE: Dockerfile.ubuntu
  UBUNTU_IMAGE_TAG: ${{ github.ref == 'refs/heads/master' && 'ubuntu' || 'dev-ubuntu' }}

jobs:
  deploy-alpine:
    runs-on: ubuntu-22.04
    # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
    permissions:
      contents: read
      packages: write
      attestations: write
      id-token: write

    steps:
      - uses: actions/checkout@v4
      # login alibaba Container Registry
      - name: Login to ACR
        uses: aliyun/acr-login@v1
        with:
          login-server: ${{ env.LOGIN_SERVER }}
          region-id: ${{ env.REGION_ID_ACR }}
          username: ${{ secrets.ACR_USERNAME }}
          password: ${{ secrets.ACR_PASSWORD }}
      # login ghcr.io
      - name: Log in to the Container registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: |
            ${{ env.REGISTRY_ACR }}/${{ env.NAMESPACE_ACR }}/${{ env.IMAGE_NAME }}
            ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}
          tags: |
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}

      # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
      # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
      # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
      # https://github.com/marketplace/actions/docker-setup-buildx
      - uses: docker/setup-buildx-action@v3
      - name: Build based on alpine
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./docker/${{ env.ALPINE_DOCKERFILE }}
          push: true
          platforms: linux/amd64,linux/arm64
          provenance: false
          tags: |
            ${{ env.REGISTRY_ACR }}/${{ env.NAMESPACE_ACR }}/${{ env.IMAGE_NAME }}:${{ env.PKG_VER}}-${{ env.ALPINE_IMAGE_TAG }}
            ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.PKG_VER}}-${{ env.ALPINE_IMAGE_TAG }}
          cache-from: type=gha
          cache-to: type=gha,mode=max

  deploy-ubuntu:
    runs-on: ubuntu-22.04
    # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
    permissions:
      contents: read
      packages: write
      attestations: write
      id-token: write

    steps:
      - uses: actions/checkout@v4
      # login alibaba Container Registry
      - name: Login to ACR
        uses: aliyun/acr-login@v1
        with:
          login-server: ${{ env.LOGIN_SERVER }}
          region-id: ${{ env.REGION_ID_ACR }}
          username: ${{ secrets.ACR_USERNAME }}
          password: ${{ secrets.ACR_PASSWORD }}
      # login ghcr.io
      - name: Log in to the Container registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: |
            ${{ env.REGISTRY_ACR }}/${{ env.NAMESPACE_ACR }}/${{ env.IMAGE_NAME }}
            ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}
          tags: |
            type=ref,event=branch
            type=ref,event=pr
            type=semver,pattern={{version}}
            type=semver,pattern={{major}}.{{minor}}

      # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
      # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
      # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
      # https://github.com/marketplace/actions/docker-setup-buildx
      - uses: docker/setup-buildx-action@v3
      - name: Build based on ubuntu
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./docker/${{ env.UBUNTU_DOCKERFILE }}
          push: true
          platforms: linux/amd64,linux/arm64
          provenance: false
          tags: |
            ${{ env.REGISTRY_ACR }}/${{ env.NAMESPACE_ACR }}/${{ env.IMAGE_NAME }}:${{ env.PKG_VER}}-${{ env.UBUNTU_IMAGE_TAG }}
            ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/${{ env.IMAGE_NAME }}:${{ env.PKG_VER}}-${{ env.UBUNTU_IMAGE_TAG }}
          cache-from: type=gha
          cache-to: type=gha,mode=max