Merge pull request #14 from blackskad/docker-image-version

Add version argument and push docker image to ghcr on semver tags
tmeire · Aug 26, 2024 · a38e981 · a38e981
2 parents 0db4b2a + 8903a70
commit a38e981
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 12 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -9,7 +9,15 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
+    groups:
+      otel-dependencies:
+        patterns:
+          - "go.opentelemetry.io/*"
   - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "daily"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -2,6 +2,9 @@ name: build
 
 on:
   push:
+    branches:
+    tags:
+      - v*
   pull_request:
     branches:
       - main
@@ -14,6 +17,14 @@ jobs:
   docker:
     runs-on: ubuntu-latest
     steps:
+      - name: Detect version
+        run: |-
+          VERSION="development"
+          if [[ "${{ github.ref_type }}" == "tag" ]]; then
+            VERSION=${{ github.ref_name }}
+          fi
+          echo "VERSION=$VERSION" >> "$GITHUB_ENV"
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
@@ -22,17 +33,21 @@ jobs:
         with:
           target: test
           push: false
+          build-args: |
+            VERSION=${{ env.VERSION }}
 
-      # - name: Login to Docker Hub
-      #   uses: docker/login-action@v3
-      #   with:
-      #     username: ${{ secrets.DOCKERHUB_USERNAME }}
-      #     password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Build production image
         uses: docker/build-push-action@v6
         with:
           target: production
-          push: false
-          # push: true
-          # tags: blackskad/go-web-scaffold:latest
+          push: ${{ github.ref_type == 'tag' }}
+          build-args: |
+            VERSION=${{ env.VERSION }}
+          tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }}
diff --git a/README.md b/README.md
@@ -22,14 +22,26 @@ While the app can be build and run with plain Go commands, it's intended to be b
 
 To allow you to easily run the service locally without much local config, a docker-compose.yaml file is included. This file will include everything to run a minimal stack.
 
-### CI pipeline - GitHub only
+### GitHub CI pipeline
 
-The project contains a GitHub Actions configuration file to run the docker build stages on `push` and `pull_requests`. It will first run the `test` stage, then it run the `production` stage.
+The project contains a GitHub Actions configuration file to run the docker build stages on `push` to any branch and semver tags, and on `pull_requests` against the `main` branch. It will first run the `test` stage, then it run the `production` stage.
 
-While it will build the production image, the workflow is not configured to push the image to a docker image registry. You will have to uncomment the docker login job, change the `push` argument for the production job to `true`, and set a proper image tag.
+When the pipeline runs for a semver tag, the tag will be embedded in the binary as the application version and the image will be pushed to ghcr. None of the other runs will push a docker image.
+
+While it is recommended to follow [trunk-based development](https://trunkbaseddevelopment.com/), it is not enforced by the build system in any way.
 
 In your GitHub repository, there is an option to configure rulesets for your main branch. Within the ruleset, the success of the build workflow can be made required for each pull requests. For more information, please see the [GitHub documentation](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets#require-status-checks-to-pass-before-merging).
 
+
+### Versioning
+
+The CI pipeline is set up to manage  with a semantic versioning scheme.
+
+* The `main` branch, or trunk is where all the development happens for the next release.
+* When a new release should be made, create a new branch `release-${MAJOR}.${MINOR}` and push it to GitHub. Once pushed, a new tag `v${MAJOR}.${MINOR}.0-rc.0` will automatically be created. Once tagged, a new build will kick off for that tag that publishes a docker image with the same tag.
+* Every time a new release is made, push a new, empty commit with an incremented tag to the release branch. Every semver tag will kick off
+
+
 ### App configuration
 
 The main configuration will be done through environment variables. The environment package will parse the environment variables into a struct that can then be passed around through the service.
@@ -38,7 +50,6 @@ The main configuration will be done through environment variables. The environme
 
 The service always runs with pprof enabled on port 6060. This allows you to fetch runtime profiling information on `http://localhost:6060/debug/pprof`
 
-
 ### Observability
 
 #### Metrics