66 - ' **'
77 workflow_dispatch :
88
9- env :
10- DOCKER_METADATA_SET_OUTPUT_ENV : ' true'
119
1210jobs :
13- build :
14- runs-on : ${{ matrix.runner }}
15- outputs :
16- build-image-arm : ${{ steps.gen-output.outputs.image-arm64 }}
17- build-image-x64 : ${{ steps.gen-output.outputs.image-x64 }}
18- strategy :
19- fail-fast : false
20- matrix :
21- runner :
22- - ubuntu-24.04
23- - ubuntu-24.04-arm
24- steps :
25- - name : Checkout code
26- uses : actions/checkout@v4
27-
28- - name : Set up Docker Buildx
29- uses : docker/setup-buildx-action@v3
30-
31- - name : Login to GitHub Container Registry
32- uses : docker/login-action@v3
33- with :
34- registry : ghcr.io
35- username : ${{ github.actor }}
36- password : ${{ secrets.GITHUB_TOKEN }}
37-
38- - name : Docker meta
39- id : meta
40- uses : docker/metadata-action@v5
41- with :
42- images : ghcr.io/${{ github.repository }}
43- # note Specifies a single tag to ensure the default doesn't add more than one.
44- # The actual tag is not used, this is just used to sanitize the registry name
45- # and produce labels.
46- tags : type=sha
47-
48- - name : Sanitize registry repository name
49- id : get-reg
50- run : |
51- echo "registry=$(echo '${{ steps.meta.outputs.tags }}' | cut -f1 -d:)" | tee -a "$GITHUB_OUTPUT"
52-
53- - name : Build/push the arch-specific image
54- id : build
55- uses : docker/build-push-action@v6
56- with :
57- # @todo GHA caching needs tuning, these tend not to hit. Perhaps switch to type=registry?
58- cache-from : type=gha
59- cache-to : type=gha,mode=max
60- labels : ${{ steps.meta.outputs.labels }}
61- provenance : mode=max
62- sbom : true
63- tags : ${{ steps.get-reg.outputs.registry }}
64- outputs : type=image,push-by-digest=true,push=true
65-
66- - name : Write arch-specific image digest to outputs
67- id : gen-output
68- run : |
69- echo "image-${RUNNER_ARCH,,}=${{ steps.get-reg.outputs.registry }}@${{ steps.build.outputs.digest }}" | tee -a "$GITHUB_OUTPUT"
70-
71- merge :
72- runs-on : ubuntu-24.04
73- needs :
74- - build
75- env :
76- DOCKER_APP_IMAGE_ARM64 : ${{ needs.build.outputs.build-image-arm }}
77- DOCKER_APP_IMAGE_X64 : ${{ needs.build.outputs.build-image-x64 }}
78- outputs :
79- build-image : ${{ steps.meta.outputs.tags }}
80- steps :
81- - name : Checkout code
82- uses : actions/checkout@v4
83-
84- - name : Set up Docker Buildx
85- uses : docker/setup-buildx-action@v3
86-
87- - name : Login to GitHub Container Registry
88- uses : docker/login-action@v3
89- with :
90- registry : ghcr.io
91- username : ${{ github.actor }}
92- password : ${{ secrets.GITHUB_TOKEN }}
93-
94- - name : Docker meta
95- id : meta
96- uses : docker/metadata-action@v5
97- with :
98- images : ghcr.io/${{ github.repository }}
99- tags : |
100- type=sha,suffix=-build-${{ github.run_id }}_${{ github.run_attempt }}
101-
102- - name : Push the multi-platform image
103- run : |
104- docker buildx imagetools create \
105- --tag "$DOCKER_METADATA_OUTPUT_TAGS" \
106- "$DOCKER_APP_IMAGE_ARM64" "$DOCKER_APP_IMAGE_X64"
11+ docker-build :
12+ uses : BerkeleyLibrary/.github/.github/workflows/docker-build.yml@v2.0.0
13+ with :
14+ image : ghcr.io/${{ github.repository }}
15+ secrets : inherit
10716
10817 test :
10918 runs-on : ubuntu-latest
11019 needs :
111- - merge
20+ - docker-build
11221 container :
113- image : ${{ needs.merge .outputs.build- image }}
22+ image : ${{ needs.docker-build .outputs.image }}
11423 defaults :
11524 run :
11625 working-directory : /opt/app
@@ -121,58 +30,51 @@ jobs:
12130 POSTGRES_USER : root
12231 POSTGRES_PASSWORD : root
12332 steps :
33+ - name : Checkout code
34+ uses : actions/checkout@v6
35+
36+ - name : Set up Docker Compose
37+ uses : docker/setup-compose-action@v2
38+
39+ - name : Login to GitHub Container Registry
40+ uses : docker/login-action@v4
41+ with :
42+ registry : ghcr.io
43+ username : ${{ github.actor }}
44+ password : ${{ secrets.GITHUB_TOKEN }}
45+
46+ - name : Setup the stack
47+ run : |
48+ docker compose up --wait
12449 - name : Run tests
12550 env :
12651 RAILS_ENV : test
127- run : bundle exec rake check -t
52+ run : docker compose exec bundle exec rake check -t
12853
12954 - name : Run style checks
130- run : bundle exec rubocop
55+ run : docker compose exec bundle exec rubocop
13156
13257 - name : Validate database migrations
13358 env :
13459 RAILS_ENV : production
13560 SECRET_KEY_BASE : dummy_test_secret_key_base
13661 DISABLE_DATABASE_ENVIRONMENT_CHECK : 1
137- run : bundle exec rails --trace db:drop db:create db:migrate
62+ run : docker compose exec bundle exec rails --trace db:drop db:create db:migrate
13863
13964 - name : Upload artifacts
14065 if : ${{ always() }}
141- uses : actions/upload-artifact@v4
66+ uses : actions/upload-artifact@v7
14267 with :
14368 name : artifacts
14469 path : artifacts/**
14570
14671 push :
147- runs-on : ubuntu-24.04
14872 needs :
149- - merge
73+ - docker-build
15074 - test
151- env :
152- DOCKER_APP_IMAGE : ${{ needs.merge.outputs.build-image }}
153- steps :
154- - name : Checkout code
155- uses : actions/checkout@v4
156-
157- - name : Login to GitHub Container Registry
158- uses : docker/login-action@v3
159- with :
160- registry : ghcr.io
161- username : ${{ github.actor }}
162- password : ${{ secrets.GITHUB_TOKEN }}
163-
164- - name : Produce permanent image tags
165- id : branch-meta
166- uses : docker/metadata-action@v5
167- with :
168- images : ghcr.io/${{ github.repository }}
169- tags : |
170- type=sha
171- type=ref,event=branch
172- type=raw,value=latest,enable={{is_default_branch}}
173-
174- - name : Retag and push the image
175- run : |
176- docker pull "$DOCKER_APP_IMAGE"
177- echo "$DOCKER_METADATA_OUTPUT_TAGS" | tr ' ' '\n' | xargs -n1 docker tag "$DOCKER_APP_IMAGE"
178- docker push --all-tags "$(echo "$DOCKER_APP_IMAGE" | cut -f1 -d:)"
75+ uses : BerkeleyLibrary/.github/.github/workflows/docker-push.yml@v2.0.0
76+ with :
77+ image : ghcr.io/${{ github.repository }}
78+ build-image-arm64 : ${{ needs.docker-build.outputs.image-arm64 }}
79+ build-image-x64 : ${{ needs.docker-build.outputs.image-x64 }}
80+ secrets : inherit
0 commit comments