foundation/actions/docker-build/action.yml

57 lines
2 KiB
YAML
Raw Normal View History

# docker-build — build a Docker image (999_testing candidates C1/C5). Composite
# action (see actions/node-build). Builds against the HOST Docker daemon via the
# mounted socket, so the CALLER's job MUST mount it:
#
# jobs:
# image:
# runs-on: docker
# container:
# image: foundation-ci:latest
# volumes: [ /var/run/docker.sock:/var/run/docker.sock ]
# steps:
# - uses: actions/checkout@v4
# - uses: https://forge.olsitec.net/olsitec/foundation/actions/docker-build@master
# with: { image: "olsitec/token-service:ci" }
#
# R5: the host socket is root-equivalent on the forge VM — trusted first-party repos
# only until the runner is fenced. Candidates C1 (seaspots-homepage) and C5
# (token-service) also need @olsitec packages from a registry that is not published
# yet (Stage-2); their real builds need an npmrc via `build-args` once it exists.
name: docker-build
description: Build (optionally push) a Docker image via the host daemon.
inputs:
context:
default: "."
dockerfile:
default: "Dockerfile"
image:
description: "image ref to tag, e.g. name:tag"
required: true
build-args:
description: "newline-separated KEY=VALUE docker --build-arg pairs"
default: ""
push:
description: "push after build (true/false; registry must exist)"
default: "false"
runs:
using: composite
steps:
- name: Docker build
shell: bash
run: |
args=""
if [ -n "${{ inputs.build-args }}" ]; then
while IFS= read -r kv; do
[ -z "$kv" ] && continue
args="$args --build-arg $kv"
done <<'EOF'
${{ inputs.build-args }}
EOF
fi
echo "+ docker build -f ${{ inputs.dockerfile }} -t ${{ inputs.image }} $args ${{ inputs.context }}"
docker build -f "${{ inputs.dockerfile }}" -t "${{ inputs.image }}" $args "${{ inputs.context }}"
- name: Push
if: ${{ inputs.push == 'true' }}
shell: bash
run: docker push "${{ inputs.image }}"