# docker-build — build a Docker image (999_testing candidates C1/C5). Composite # action (see actions/node-build). Builds against the HOST Docker daemon via the # mounted socket, so the CALLER's job MUST mount it: # # jobs: # image: # runs-on: docker # container: # image: foundation-ci:latest # volumes: [ /var/run/docker.sock:/var/run/docker.sock ] # steps: # - uses: actions/checkout@v4 # - uses: https://forge.olsitec.net/olsitec/foundation/actions/docker-build@master # with: { image: "olsitec/token-service:ci" } # # R5: the host socket is root-equivalent on the forge VM — trusted first-party repos # only until the runner is fenced. Candidates C1 (seaspots-homepage) and C5 # (token-service) also need @olsitec packages from a registry that is not published # yet (Stage-2); their real builds need an npmrc via `build-args` once it exists. name: docker-build description: Build (optionally push) a Docker image via the host daemon. inputs: context: default: "." dockerfile: default: "Dockerfile" image: description: "image ref to tag, e.g. name:tag" required: true build-args: description: "newline-separated KEY=VALUE docker --build-arg pairs" default: "" push: description: "push after build (true/false; registry must exist)" default: "false" runs: using: composite steps: - name: Docker build shell: bash run: | args="" if [ -n "${{ inputs.build-args }}" ]; then while IFS= read -r kv; do [ -z "$kv" ] && continue args="$args --build-arg $kv" done <<'EOF' ${{ inputs.build-args }} EOF fi echo "+ docker build -f ${{ inputs.dockerfile }} -t ${{ inputs.image }} $args ${{ inputs.context }}" docker build -f "${{ inputs.dockerfile }}" -t "${{ inputs.image }}" $args "${{ inputs.context }}" - name: Push if: ${{ inputs.push == 'true' }} shell: bash run: docker push "${{ inputs.image }}"