Skip to content
.github/workflows/_build-image.yml

fix(ci): move base-image input to inputs #1

Sign in to view logs

fix(ci): move base-image input to inputs

fix(ci): move base-image input to inputs #1

Workflow file for this run

.github/workflows/_build-image.yml at 09589a3
name: Build OCI
on:
workflow_call:
inputs:
image-spec:
type: string
required: true
description: 'The path to the image.json file'
base-image:
type: string
required: false
description: 'The base image reference'

Check failure on line 13 in .github/workflows/_build-image.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/_build-image.yml

Invalid workflow file 

You have an error in your yaml syntax on line 13
outputs:
image-ref:
description: 'The unique image reference'
value: ${{ jobs.build.outputs.image-ref }}
registry:
description: 'The registry which stores the image'
value: ${{ jobs.build-oci.outputs.registry }}
digest:
description: 'The unique digest of the image'
value: ${{ jobs.build-oci.outputs.digest }}
jobs:
build-oci:
runs-on: ubuntu-latest
outputs:
registry: ${{ steps.push.outputs.registry }}
digest: ${{ steps.push.outputs.digest }}
unique-tag: ${{ steps.generate-metadata.outputs.UNIQUE_TAG }}
permissions:
contents: read
id-token: write
packages: write
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Generate Image Metadata
id: generate-metadata
run: |
TAGS=()
TAGS+=(${GITHUB_SHA::8})
DATE_TAG=$(date -u +"%Y%m%d%H%M%S")
TAGS+=($DATE_TAG)
TAGS=$(printf "%s " "${TAGS[@]}")
echo "TAGS=$TAGS" >> $GITHUB_OUTPUT
echo "UNIQUE_TAG=$DATE_TAG" >> $GITHUB_OUTPUT
IMAGE_NAME=$(jq -r '.name' ${{ inputs.image-spec }})
echo "IMAGE_NAME=$IMAGE_NAME" >> $GITHUB_OUTPUT
echo "CONTEXT_DIR=$(dirname ${{ inputs.image-spec }})" >> $GITHUB_OUTPUT
# If a Pull Request and not a base image, use the PR number as the source tag
IS_BASE=$(jq -r '.base' ${{ inputs.image-spec }})
if [[ ${GITHUB_REF:0:10} = "refs/pull/" && $IS_BASE = "false" ]]; then
PR_NUMBER=$(echo $GITHUB_REF | cut -d'/' -f 3)
echo "SOURCE_TAG=pr${PR_NUMBER}" >> $GITHUB_OUTPUT
else
echo "SOURCE_TAG=latest" >> $GITHUB_OUTPUT
fi
echo "IS_BASE=$IS_BASE" >> $GITHUB_OUTPUT
# If IS_BASE is not true, login to GHCR
- name: Login to GHCR
if: ${{ !steps.generate-metadata.outputs.IS_BASE }}
run: echo ${{ secrets.GITHUB_TOKEN }} | podman login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Build Image
id: build
uses: ./.github/actions/build-image
with:
builder: docker
context: ${{ steps.generate-metadata.outputs.CONTEXT_DIR }}
dockerfile: Containerfile
image-name: ${{ steps.generate-metadata.outputs.IMAGE_NAME }}
image-tags: ${{ steps.generate-metadata.outputs.TAGS }}
registry: ghcr.io/${{ github.repository }}
aws-iam-role: ${{ vars.DEPLOY_IAM_ROLE }}
aws-region: ${{ vars.AWS_REGION }}
build-args: |
${{ inputs.base-image && format('BASE_IMAGE={0}', inputs.base-image) || '' }}
SOURCE_TAG=${{ steps.generate-metadata.outputs.SOURCE_TAG }}
- name: Push Image
id: push
uses: ./.github/actions/push-image
with:
builder: docker
image-name: ${{ steps.build.outputs.image }}
image-tags: ${{ steps.build.outputs.tags }}
image-registry: ${{ vars.IMAGE_REGISTRY }}
registry-aws-iam-role: ${{ vars.DEPLOY_IAM_ROLE }}
registry-aws-region: ${{ vars.AWS_REGION }}
deploy-oci:
runs-on: ubuntu-latest
needs: build-oci
steps:
- name: Login to GHCR
run: echo ${{ secrets.GITHUB_TOKEN }} | podman login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Deploy Image
env:
IMAGE_REGISTRY: ${{ needs.build-oci.outputs.registry }}
IMAGE_DIGEST: ${{ needs.build-oci.outputs.digest }}
IMAGE_UNIQUE_TAG: ${{ needs.build-oci.outputs.unique-tag }}
run: |
if [ ${GITHUB_REF:0:10} = "refs/pull/" ]; then
PR_NUMBER=$(echo $GITHUB_REF | cut -d'/' -f 3)
skopeo copy docker://${IMAGE_REGISTRY}@${IMAGE_DIGEST} docker://${IMAGE_REGISTRY}:pr${PR_NUMBER}
else
skopeo copy docker://${IMAGE_REGISTRY}@${IMAGE_DIGEST} docker://${IMAGE_REGISTRY}:latest
fi