name: Build and publish docker artifacts on: push: branches: [ main, develop ] tags: - '[0-9]+.[0-9]+.[0-9]+*' pull_request: types: [ opened, synchronize ] paths: - 'Earthfile' - '.github/workflows/docker-builds.yaml' - 'services/credential-server-ui/**' - 'services/credential-server/**' workflow_dispatch: env: PRIVATE_DOCKER_REGISTRY_URL: ${{ secrets.GITLAB_DOCKER_REGISTRY_URL }} PRIVATE_DOCKER_REGISTRY_USER: Deploy-Token PRIVATE_DOCKER_REGISTRY_PASS: ${{ secrets.GITLAB_PKG_REGISTRY_TOKEN }} DOCKER_PUSH: true jobs: publish: permissions: contents: read packages: write runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: ⛮ cf-gha-baseline uses: cardano-foundation/cf-gha-workflows/./actions/cf-gha-baseline@main with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PRIVATE_DOCKER_REGISTRY_URL: ${{ env.PRIVATE_DOCKER_REGISTRY_URL }} PRIVATE_DOCKER_REGISTRY_USER: ${{ env.PRIVATE_DOCKER_REGISTRY_USER }} PRIVATE_DOCKER_REGISTRY_PASS: ${{ env.PRIVATE_DOCKER_REGISTRY_PASS }} HUB_DOCKER_COM_USER: ${{ secrets.HUB_DOCKER_COM_USER }} HUB_DOCKER_COM_PASS: ${{ secrets.HUB_DOCKER_COM_PASS }} DOCKER_REGISTRIES: "${{ secrets.DOCKER_REGISTRIES }}" - name: Set docker image targets based on path changes from last commit id: metadata run: | if [ ${{github.event_name}} == "pull_request" ] then GIT_BRANCH_SHORT_COMMIT=$(git rev-parse --short ${{ github.event.pull_request.head.sha }}) # set earthly docker image targets based on changed paths set +e DOCKER_IMAGES_TARGETS="$( \ ( git log --pretty=format:'%h' -n 1 Earthfile | grep -q ${GIT_BRANCH_SHORT_COMMIT} ) && \ ( git log --patch -n1 Earthfile | grep -q "ARG.*global.*KERIA_GIT" ) && \ echo idw-keria )" DOCKER_IMAGES_TARGETS="$DOCKER_IMAGES_TARGETS $( \ ( git log --pretty=format:'%h' -n 1 Earthfile | grep -q ${GIT_BRANCH_SHORT_COMMIT} ) && \ ( git log --patch -n1 Earthfile | grep -q "ARG.*global.*KERI_DOCKER" ) && \ echo idw-witness )" DOCKER_IMAGES_TARGETS="$DOCKER_IMAGES_TARGETS $( \ ( git log --pretty=format:'%h' -n 1 services/credential-server | grep -q ${GIT_BRANCH_SHORT_COMMIT} ) && \ echo cred-issuance )" DOCKER_IMAGES_TARGETS="$DOCKER_IMAGES_TARGETS $( \ ( git log --pretty=format:'%h' -n 1 services/credential-server-ui | grep -q ${GIT_BRANCH_SHORT_COMMIT} ) && \ echo cred-issuance-ui )" set -e STRIPPED_DOCKER_IMAGES_TARGETS=$(echo $DOCKER_IMAGES_TARGETS | tr -s ' ' | sed -e 's|^ ||' -e 's| $||') if [ ! -z "${STRIPPED_DOCKER_IMAGES_TARGETS}" ]; then echo "DOCKER_IMAGES_TARGETS=${STRIPPED_DOCKER_IMAGES_TARGETS}" | tee -a "$GITHUB_ENV" | tee -a "$GITHUB_OUTPUT" fi fi - name: 🌍 earthly (docker build and push) run: | # For PR builds, we skip any earthly build if there are no changes on any known target-related file, for branch builds, we just build everything if [ ${{github.event_name}} == "pull_request" ] then if [ ! -z "${DOCKER_IMAGES_TARGETS}" ] then earthly +docker-publish \ --PUSH=true \ --DOCKER_REGISTRIES="${{ secrets.DOCKER_REGISTRIES }}" \ --DOCKER_IMAGES_EXTRA_TAGS="${EARTHLY_DOCKER_IMAGES_EXTRA_TAGS}" \ --DOCKER_IMAGES_TARGETS="${DOCKER_IMAGES_TARGETS}" else echo "[+] No changes on any known target-related file, skipping earthly build..." fi else if [ ${{github.event_name}} == "workflow_dispatch" ]; then FORCE_BUILD="--FORCE_BUILD=true"; fi earthly +docker-publish \ ${FORCE_BUILD} \ --PUSH=true \ --DOCKER_REGISTRIES="${{ secrets.DOCKER_REGISTRIES }}" \ --DOCKER_IMAGES_EXTRA_TAGS="${EARTHLY_DOCKER_IMAGES_EXTRA_TAGS}" fi