toph/ci-actions
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
ci-actions/docker-build/action.yaml
Christopher Mühl ac56aac0a7
feat: add docker-build reusable action 
Add reusable action for building and pushing Docker images with:
- S3 build cache support (SeaweedFS)
- Optional Nix/Attic cache configuration
- Auto-tagging based on branches, PRs, and semver tags
- Multi-registry support

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-03-04 12:05:31 +01:00

138 lines
4.1 KiB
YAML
Raw Permalink Blame History

name: Build and Push Docker Image
description: Build and push a Docker image with S3 caching and Nix cache support
inputs:
context:
description: 'Build context path'
required: false
default: '.'
dockerfile:
description: 'Path to Dockerfile'
required: true
image-name:
description: 'Full image name (e.g., git.toph.so/user/repo or git.toph.so/user/repo/image)'
required: true
registry:
description: 'Docker registry'
required: false
default: 'git.toph.so'
registry-username:
description: 'Registry username'
required: false
default: ${{ gitea.actor }}
registry-password:
description: 'Registry password/token'
required: true
push:
description: 'Push image to registry'
required: false
default: 'true'
tags:
description: 'Custom tags (newline-separated), overrides auto-tagging'
required: false
s3-cache-bucket:
description: 'S3 bucket for Docker build cache'
required: false
default: 'docker-cache'
s3-endpoint:
description: 'S3 endpoint URL'
required: false
default: 'https://s3.toph.so'
enable-nix-cache:
description: 'Configure Nix binary cache for builds using Nix'
required: false
default: 'false'
attic-endpoint:
description: 'Attic/Nix cache endpoint'
required: false
default: 'https://cache.toph.so'
runs:
using: composite
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Configure Nix cache
if: inputs.enable-nix-cache == 'true'
shell: bash
run: |
mkdir -p ~/.config/nix
cat > ~/.config/nix/nix.conf <<EOF
extra-substituters = https://cache.nixos.org/ ${{ inputs.attic-endpoint }}/ci ${{ inputs.attic-endpoint }}/toph
extra-trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ci:db8ZBxd5cjqoGzOYThRQcxj4XnaqHJZBZw1phCQOiz8= toph:E/oP7KyljH/yprI5LArxNPpSlQCdo29sMOkh3jm53Yg=
experimental-features = nix-command flakes
EOF
- name: Log in to registry
if: inputs.push == 'true'
uses: docker/login-action@v3
with:
registry: ${{ inputs.registry }}
username: ${{ inputs.registry-username }}
password: ${{ inputs.registry-password }}
- name: Generate tags
id: tags
shell: bash
run: |
if [ -n "${{ inputs.tags }}" ]; then
# Use custom tags if provided
echo "tags=${{ inputs.tags }}" >> $GITHUB_OUTPUT
else
# Auto-generate tags based on event type
TAGS=""
IMAGE_BASE="${{ inputs.image-name }}"
# Branch name tag
if [ "${{ github.event_name }}" = "push" ]; then
BRANCH_NAME="${GITHUB_REF#refs/heads/}"
TAGS="${TAGS}${IMAGE_BASE}:${BRANCH_NAME}\n"
fi
# PR tag
if [ "${{ github.event_name }}" = "pull_request" ]; then
TAGS="${TAGS}${IMAGE_BASE}:pr-${{ github.event.pull_request.number }}\n"
fi
# Tag-based versioning
if [[ "${{ github.ref }}" == refs/tags/v* ]]; then
VERSION="${GITHUB_REF#refs/tags/v}"
TAGS="${TAGS}${IMAGE_BASE}:${VERSION}\n"
MAJOR="${VERSION%%.*}"
MINOR="${VERSION#*.}"
MINOR="${MINOR%%.*}"
TAGS="${TAGS}${IMAGE_BASE}:${MAJOR}.${MINOR}\n"
TAGS="${TAGS}${IMAGE_BASE}:${MAJOR}\n"
TAGS="${TAGS}${IMAGE_BASE}:latest\n"
fi
# SHA tag
SHORT_SHA="${GITHUB_SHA:0:7}"
TAGS="${TAGS}${IMAGE_BASE}:${SHORT_SHA}"
echo -e "tags<<EOF" >> $GITHUB_OUTPUT
echo -e "$TAGS" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
fi
- name: Build and push
uses: docker/build-push-action@v5
with:
context: ${{ inputs.context }}
file: ${{ inputs.dockerfile }}
push: ${{ inputs.push }}
tags: ${{ steps.tags.outputs.tags }}
cache-from: type=s3,region=auto,bucket=${{ inputs.s3-cache-bucket }},endpoint_url=${{ inputs.s3-endpoint }}
cache-to: type=s3,region=auto,bucket=${{ inputs.s3-cache-bucket }},endpoint_url=${{ inputs.s3-endpoint }},mode=max
Reference in a new issue View git blame Copy permalink