GitHub Action
Openzim Docker Publish Action
A Github Action to automatically build and publish Openzim's images to Both Docker Hub and Github Container Regisry.
On ghcr.io, as for Docker Hub, first part of image name is the user owning the image. The user or organization must have enabled Improved container support first. Users do that in Settings > Feature preview and Organizations in Settings > Packages.
jobs:
build-and-push:
name: Deploy Docker Image
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Build and push
uses: openzim/docker-publish-action@v4
with:
image-name: openzim/zimit
DOCKERIO_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}
DOCKERIO_TOKEN=${{ secrets.DOCKERHUB_PASSWORD }}
GHCR_IO_USERNAME=${{ secrets.GHCR_USERNAME }}
GHCR_IO_TOKEN=${{ secrets.GHCR_TOKEN }}
on-master: latest
name: Docker
on:
push:
branches:
- master
tags:
- v*
workflow_dispatch:
inputs:
version:
description: Specific version to build
required: false
default: ''
jobs:
build-and-push:
name: Deploy Docker Image
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Build and push
uses: openzim/docker-publish-action@v4
with:
image-name: openzim/zimit
registries: |
docker.io
gcr.io
credentials: |
DOCKERIO_USERNAME=${{ secrets.DOCKERHUB_USERNAME }}
DOCKERIO_TOKEN=${{ secrets.DOCKERHUB_PASSWORD }}
GCR_IO_USERNAME=${{ secrets.GOOGLE_USERNAME }}
GCR_IO_TOKEN=${{ secrets.GOOGLE_TOKEN }}
context: sub-folder
on-master: dev
tag-pattern: /^v*([0-9.]+)$/
latest-on-tag: true
restrict-to: openzim/zimit
build-args:
VERSION={tag}
manual-tag: ${{ github.event.inputs.version }}
Note: th top-part on
is just a filter on running that workflow. You can omit it but it's safer to not run it on refs that you know won't trigger anything. See documentation.
Input | Usage |
---|---|
image-name * |
Name of your image on the registry (without the version part). Ex.: openzim/zimit would refer to this image.The same name is pushed to all registries. |
registries |
List of registries to push images to (domain name only). Ex.: docker.io for Docker Hub, ghcr.io , gcr.io , etc.Defaults to docker.io ghcr.io . |
credentials * |
List of credentials for all registries Use the REGISTRY_USERNAME=xxx and REGISTRY_TOKEN=xxx formats to specify.REGISTRY refers to the uppercase registry domain name without . .Ex: GHCRIO_USERNAME=xxx for ghcr.io .Notes: Github token is a PAT with repo, workflow, write:packages permissions.Docker hub token is account password. |
context |
Path in the repository to use as build context Relative to repository root. Ex: dnscache or workers/slave .Defaults to . . |
dockerfile |
Path to the Dockerfile recipe, relative to context Use ../ syntax if dockerfile is outside context.Defaults to Dockerfile . |
build-args |
Arguments for docker build --build-arg Special value {tag} will be replaced with the tag to set.Use the name=value format and separate each by a space or new line. |
platforms |
List of platforms to build-for. Ex.: linux/armv/v7 linux/amd64 .Defaults to linux/amd64 . |
on-master |
Tag to apply for every commit on default branch. Omit it if you don't want to push an image for non-tagged commits. Only applies to commits on your default branch ( master or main ) |
tag-pattern |
Regular expression to match tags with. Only git tags matching this regexp will trigger a build+push to the corresponding docker tag. If not specifying a group, whole git tag is used as is on docker. |
latest-on-tag |
Whether to push to docker tag :latest on every matched tag (see tag-pattern )Also applies to manual-tag .Value must be true or false . Defaults to false . |
manual-tag |
Manual tag override Replaces on-master and tag-pattern if not empty.Also triggers :latest if latest-on-tag is true . |
restrict-to |
Don't push if action is run for a different repository Specify as {owner}/{repository} . |