Add GitHub Actions workflow to build grade-python images #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and push Docker image | |
| on: | |
| push: | |
| branches: | |
| - '*' | |
| jobs: | |
| prepare: | |
| name: Determine base tag and full tag | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| base_tag: ${{ steps.tags.outputs.base_tag }} | |
| full_tag: ${{ steps.tags.outputs.full_tag }} | |
| steps: | |
| - name: Determine base tag and full tag | |
| id: tags | |
| run: | | |
| if [ "${GITHUB_REF_NAME#*-}" = "${GITHUB_REF_NAME}" ]; then | |
| base=${GITHUB_REF_NAME} | |
| full=$base | |
| echo "base_tag=$base" >> "$GITHUB_OUTPUT" | |
| echo "full_tag=$full" >> "$GITHUB_OUTPUT" | |
| else | |
| main=${GITHUB_REF_NAME%-*} | |
| base=${GITHUB_REF_NAME##*-} | |
| full=$main-$base | |
| if [ "${base#*u}" ]; then | |
| base=${base%%u*} | |
| fi | |
| echo "base_tag=$base" >> "$GITHUB_OUTPUT" | |
| echo "full_tag=$full" >> "$GITHUB_OUTPUT" | |
| fi | |
| build-base: | |
| name: Build base image (${{ matrix.platform }}) | |
| runs-on: ${{ matrix.runner }} | |
| needs: prepare | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - platform: linux/amd64 | |
| runner: ubuntu-24.04 | |
| - platform: linux/arm64 | |
| runner: ubuntu-24.04-arm | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| # Build and push platform-specific digest (no manifest tag yet) | |
| - name: Build and push by digest | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile | |
| platforms: ${{ matrix.platform }} | |
| push: true | |
| build-args: | | |
| BASE_TAG=${{ needs.prepare.outputs.base_tag }} | |
| outputs: type=image,name=apluslms/grade-python,push-by-digest=true,name-canonical=true | |
| # Save the digest so the merge job can find it | |
| - name: Export digest | |
| run: | | |
| mkdir -p /tmp/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "/tmp/digests/${digest#sha256:}" | |
| - name: Upload digest artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digest-base-${{ matrix.platform == 'linux/amd64' && 'amd64' || 'arm64' }} | |
| path: /tmp/digests/* | |
| retention-days: 1 | |
| merge-base: | |
| name: Merge base manifests | |
| runs-on: ubuntu-24.04 | |
| needs: build-base | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: /tmp/digests | |
| pattern: digest-base-* | |
| merge-multiple: true | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Determine tags | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: apluslms/grade-python | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=raw,enable=${{ github.ref == 'refs/heads/master' }},value=latest | |
| type=ref,enable=${{ github.ref != 'refs/heads/master' }},event=branch | |
| - name: Create and push multi-arch manifest | |
| working-directory: /tmp/digests | |
| run: | | |
| docker buildx imagetools create \ | |
| $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf 'apluslms/grade-python@sha256:%s ' *) | |
| build-math: | |
| name: Build math image (${{ matrix.platform }}) | |
| runs-on: ${{ matrix.runner }} | |
| needs: | |
| - prepare | |
| - merge-base | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - platform: linux/amd64 | |
| runner: ubuntu-24.04 | |
| - platform: linux/arm64 | |
| runner: ubuntu-24.04-arm | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| # Build and push platform-specific digest (no manifest tag yet) | |
| - name: Build and push by digest | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| file: Dockerfile.math | |
| platforms: ${{ matrix.platform }} | |
| push: true | |
| build-args: | | |
| FULL_TAG=${{ needs.prepare.outputs.full_tag }} | |
| outputs: type=image,name=apluslms/grade-python,push-by-digest=true,name-canonical=true | |
| # Save the digest so the merge job can find it | |
| - name: Export digest | |
| run: | | |
| mkdir -p /tmp/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "/tmp/digests/${digest#sha256:}" | |
| - name: Upload digest artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digest-math-${{ matrix.platform == 'linux/amd64' && 'amd64' || 'arm64' }} | |
| path: /tmp/digests/* | |
| retention-days: 1 | |
| merge-math: | |
| name: Merge math manifests | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - prepare | |
| - build-math | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: /tmp/digests | |
| pattern: digest-math-* | |
| merge-multiple: true | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Determine tags | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: apluslms/grade-python | |
| flavor: | | |
| latest=false | |
| tags: | | |
| type=raw,enable=${{ github.ref == 'refs/heads/master' }},value=math-latest | |
| type=raw,enable=${{ github.ref != 'refs/heads/master' }},value=math-${{ needs.prepare.outputs.full_tag }} | |
| - name: Create and push multi-arch manifest | |
| working-directory: /tmp/digests | |
| run: | | |
| docker buildx imagetools create \ | |
| $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf 'apluslms/grade-python@sha256:%s ' *) |