urcomputeringpal/actions-docker

GitHub Actions for common Docker workflows

actions-docker

Opinionated GitHub Actions for common Docker workflows

Opinions (expressed via default environment variables)

• REGISTRY=gcr.io
• IMAGE=$GITHUB_REPOSITORY
  • (Expects a Google Cloud Project named after your GitHub username)
• TAG=$GITHUB_SHA
• DEFAULT_BRANCH_TAG=true

Usage

Google Container Registry Setup

• If you haven't already, create a Google Cloud Project named after your GitHub username and follow the Container Registry Quickstart.
• Create a Service Account named after your GitHub repository.
• Add the Cloud Build Service Account role to this Service Account.
• Generate a key for this Service Account. Download a JSON key when prompted.
• Create a Secret on your repository named GCLOUD_SERVICE_ACCOUNT_KEY (Settings > Secrets) with the contents of:

echo -n "$(cat path-to/downloaded-key/4a276e9e5862.json)" | base64

• That's it! The GitHub Actions in this repository read this Secret and provide the correct values to the Docker daemon by default if present. If a Secret isn't present, build may succeed but push will return an error!

Build and push images for each commit

Add the following to .github/workflow:

workflow { "build and push images for each commit"
  on = "push"
  resolves = "docker push"
}

action "docker build" {
  uses = "urcomputeringpal/actions-docker@master"
  args = "build"
  secrets = ["GCLOUD_SERVICE_ACCOUNT_KEY"]
}

action "docker push" {
  uses = "urcomputeringpal/actions-docker@master"
  needs = "docker build"
  args = "push"
  secrets = ["GCLOUD_SERVICE_ACCOUNT_KEY"]
}

GC stale images

TODO