feat: update Docker workflow to include DockerHub login and adjust image tagging

milsman2 · milsman2 · commit f7a286649cbc · 2026-02-06T22:24:55.000-06:00
diff --git a/.github/workflows/docker-build-and-scan.yaml b/.github/workflows/docker-build-and-scan.yaml
@@ -35,14 +35,20 @@ jobs:
         uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-      - name: Build Docker Image
-        id: build-image
+      - name: Login to DockerHub
+        if: github.event_name == 'workflow_call'
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Build (and maybe push) Docker image
         uses: docker/build-push-action@v6
         with:
-          context: ${{ inputs.DOCKER_PATH_CONTEXT || env.DOCKER_PATH_CONTEXT }}
-          file: ${{ inputs.DOCKER_BUILD_DOCKERFILE || env.DOCKER_BUILD_DOCKERFILE }}
-          load: ${{ inputs.DOCKER_LOAD_BOOL || env.DOCKER_LOAD_BOOL }}
-          tags: ${{ inputs.DOCKER_TAGS || env.DOCKER_TAGS }}
+          context: ${{ github.event_name == 'workflow_call' && inputs.DOCKER_PATH_CONTEXT || env.DOCKER_PATH_CONTEXT }}
+          file: ${{ github.event_name == 'workflow_call' && inputs.DOCKER_BUILD_DOCKERFILE || env.DOCKER_BUILD_DOCKERFILE }}
+          load: ${{ github.event_name != 'workflow_call' }}
+          push: ${{ github.event_name == 'workflow_call' }}
+          tags: ${{ github.event_name == 'workflow_call' && inputs.DOCKER_TAGS || env.DOCKER_TAGS }}
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@0.33.1
         with:
@@ -52,17 +58,3 @@ jobs:
           ignore-unfixed: true
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
-      - name: Login to DockerHub
-        if: github.event_name == 'workflow_call'
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Push Docker image to DockerHub
-        if: github.event_name == 'workflow_call'
-        uses: docker/build-push-action@v6
-        with:
-          context: ${{ inputs.DOCKER_PATH_CONTEXT || env.DOCKER_PATH_CONTEXT }}
-          file: ${{ inputs.DOCKER_BUILD_DOCKERFILE || env.DOCKER_BUILD_DOCKERFILE }}
-          push: true
-          tags: ${{ inputs.DOCKER_TAGS || env.DOCKER_TAGS }}
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -80,8 +80,9 @@ jobs:
   docker-build-and-scan:
     needs: Semantic-Release
     uses: milsman2/python-app-template/.github/workflows/docker-build-and-scan.yaml@main
+    secrets: inherit
     with:
       DOCKER_PATH_CONTEXT: .
       DOCKER_BUILD_DOCKERFILE: Dockerfile
       DOCKER_LOAD_BOOL: true
-      DOCKER_TAGS: sample-python-app:${{ needs.Semantic-Release.outputs.tag }}
+      DOCKER_TAGS: milsman2/sample-python-app:${{ needs.Semantic-Release.outputs.tag }}
diff --git a/src/sample_python_app/main.py b/src/sample_python_app/main.py
@@ -11,7 +11,7 @@
 def run_app():
     console = Console()
     f = Figlet(font="slant")
-    ascii_art = f.renderText("Hello, Synthwave!")
+    ascii_art = f.renderText(f"Welcome to {settings.APP_NAME}!")
     console.print(f"[bold magenta]{ascii_art}[/bold magenta]")
     logger = setup_logger(mode="silent")
     logger.info(f"Starting {settings.APP_NAME}...")
