|
59 | 59 | id: build-image |
60 | 60 | env: |
61 | 61 | GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} |
| 62 | + # WARNING: This workflow accesses a non-default secret. Ensure this secret is |
| 63 | + # required and that it is stored securely in the repository or organization settings. |
| 64 | + NPM_AZURE_KEY: ${{ secrets.NPM_AZURE_KEY }} |
62 | 65 | run: | |
63 | 66 | if [ ! -f "Dockerfile" ]; then |
64 | 67 | echo "❌ No Dockerfile found - cannot build" |
|
68 | 71 | echo "Building Docker image..." |
69 | 72 | REPO_NAME=$(basename $(pwd)) |
70 | 73 |
|
| 74 | + # Strategy 0: platform-ui - build with NPM Azure Key via buildx secret |
| 75 | + if [ "${{ github.event.repository.name }}" = "platform-ui" ]; then |
| 76 | + echo "Detected platform-ui - building with NPM Azure Key secret" |
| 77 | + trap 'rm -f .npmrc.tmp' EXIT |
| 78 | + printf '%s' "$NPM_AZURE_KEY" > .npmrc.tmp |
| 79 | + docker buildx create --use |
| 80 | + docker buildx build \ |
| 81 | + --secret id=npmrc,src=.npmrc.tmp \ |
| 82 | + --load \ |
| 83 | + --platform linux/amd64 \ |
| 84 | + --build-arg GITHUB_TOKEN="$GITHUB_TOKEN" \ |
| 85 | + --build-arg GIT_SHA="${{ github.sha }}" \ |
| 86 | + --build-arg APP_VERSION="${{ github.ref_name }}" \ |
| 87 | + --build-arg DATE="$(date -u +%Y-%m-%dT%H:%M:%SZ)" \ |
| 88 | + -t "${REPO_NAME}:latest" . |
| 89 | + IMAGES="${REPO_NAME}:latest" |
| 90 | +
|
71 | 91 | # Strategy 1: Check for build-docker.sh script (e.g., dsm-erchef) |
72 | | - if [ -f "build-docker.sh" ]; then |
| 92 | + elif [ -f "build-docker.sh" ]; then |
73 | 93 | echo "Found build-docker.sh script - using it to build images" |
74 | 94 | chmod +x build-docker.sh |
75 | 95 | GITHUB_TOKEN="${{ secrets.GH_TOKEN }}" ./build-docker.sh |
|
0 commit comments