|
| 1 | +name: Test Docker |
| 2 | + |
| 3 | +on: |
| 4 | + push: |
| 5 | + branches: |
| 6 | + - main |
| 7 | + pull_request: |
| 8 | + branches: |
| 9 | + - main |
| 10 | + - 'feature/**' |
| 11 | + |
| 12 | +permissions: |
| 13 | + contents: read |
| 14 | + |
| 15 | +concurrency: |
| 16 | + group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} |
| 17 | + cancel-in-progress: true |
| 18 | + |
| 19 | +jobs: |
| 20 | + test-docker: |
| 21 | + runs-on: ubuntu-latest |
| 22 | + |
| 23 | + steps: |
| 24 | + - name: Checkout code |
| 25 | + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 |
| 26 | + with: |
| 27 | + persist-credentials: false |
| 28 | + |
| 29 | + - name: Lint Dockerfile |
| 30 | + uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 |
| 31 | + |
| 32 | + - name: Build Docker image |
| 33 | + run: docker build -t "drevops/git-artifact:test" . |
| 34 | + |
| 35 | + - name: Test that the image packages and pushes an artifact |
| 36 | + run: | |
| 37 | + set -ex |
| 38 | +
|
| 39 | + src="${RUNNER_TEMP}/src" |
| 40 | + dst="${RUNNER_TEMP}/dst.git" |
| 41 | +
|
| 42 | + # Prepare a source repository with a tracked file. |
| 43 | + mkdir -p "${src}" |
| 44 | + git -C "${src}" init -b main |
| 45 | + git -C "${src}" config user.name "Test" |
| 46 | + git -C "${src}" config user.email "test@example.com" |
| 47 | + echo "artifact content" > "${src}/file.txt" |
| 48 | + git -C "${src}" add -A |
| 49 | + git -C "${src}" commit -m "Initial commit" |
| 50 | +
|
| 51 | + # Prepare a bare destination repository to receive the artifact. |
| 52 | + git init --bare -b main "${dst}" |
| 53 | +
|
| 54 | + # Package and push the artifact from inside the container. The source |
| 55 | + # is mounted at the WORKDIR and the destination is mounted as a local |
| 56 | + # remote. The commit identity is supplied via the environment (the |
| 57 | + # image trusts mounted repositories via a baked-in safe.directory). |
| 58 | + docker run --rm \ |
| 59 | + -e GIT_AUTHOR_NAME="Test" \ |
| 60 | + -e GIT_AUTHOR_EMAIL="test@example.com" \ |
| 61 | + -e GIT_COMMITTER_NAME="Test" \ |
| 62 | + -e GIT_COMMITTER_EMAIL="test@example.com" \ |
| 63 | + -v "${src}":/app \ |
| 64 | + -v "${dst}":/dst.git \ |
| 65 | + drevops/git-artifact:test \ |
| 66 | + /dst.git --branch=artifact --mode=force-push -vvv |
| 67 | +
|
| 68 | + # Assert the file landed on the destination branch. |
| 69 | + git -C "${dst}" show artifact:file.txt | grep -q "artifact content" |
| 70 | +
|
| 71 | + push-canary-to-registry: |
| 72 | + if: github.event_name == 'push' |
| 73 | + runs-on: ubuntu-latest |
| 74 | + |
| 75 | + needs: |
| 76 | + - test-docker |
| 77 | + |
| 78 | + steps: |
| 79 | + - name: Checkout code |
| 80 | + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 |
| 81 | + with: |
| 82 | + persist-credentials: false |
| 83 | + |
| 84 | + - name: Set up QEMU |
| 85 | + uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3 # v4 |
| 86 | + |
| 87 | + - name: Set up Docker Buildx |
| 88 | + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4 |
| 89 | + |
| 90 | + - name: Log in to Docker Hub |
| 91 | + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4 |
| 92 | + with: |
| 93 | + username: ${{ secrets.DOCKER_USER }} |
| 94 | + password: ${{ secrets.DOCKER_PASS }} |
| 95 | + |
| 96 | + - name: Extract metadata (tags, labels) for Docker |
| 97 | + id: meta |
| 98 | + uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6 |
| 99 | + with: |
| 100 | + images: drevops/git-artifact |
| 101 | + |
| 102 | + - name: Build and push Docker image |
| 103 | + uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7 |
| 104 | + with: |
| 105 | + context: . |
| 106 | + push: true |
| 107 | + tags: drevops/git-artifact:canary |
| 108 | + labels: ${{ steps.meta.outputs.labels }} |
| 109 | + platforms: linux/amd64,linux/arm64 |
0 commit comments