Skip to content

Setup proxy with buildx #67

Setup proxy with buildx

Setup proxy with buildx #67

name: Build Docker Image
on:
push:
branches:
- main
# pull_request_target:
pull_request:
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
# authorize:
# environment:
# ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
# runs-on: ubuntu-latest
# steps:
# - run: true
build-docker-image:
# needs: authorize
strategy:
matrix:
runner: [public, ubuntu-latest]
runs-on: ${{ matrix.runner }}
steps:
- name: Maximize build space
uses: easimon/maximize-build-space@master
if: matrix.runner == 'ubuntu-latest'
with:
root-reserve-mb: 512
swap-size-mb: 1024
remove-dotnet: 'true'
- uses: actions/checkout@v3
# try to create a tag
- uses: SebRollen/toml-action@v1.0.2
id: read_version
with:
file: "pyproject.toml"
field: "tool.poetry.version"
- uses: rickstaa/action-create-tag@v1
id: "tag_create"
if: (github.ref_name == github.event.repository.default_branch) && !contains(steps.read_version.outputs.value, '-')
with:
tag: ${{ steps.read_version.outputs.value }}
# build & push docker image
- name: Set proxy
run: |
echo "http_proxy=$http_proxy" >> $GITHUB_ENV
echo "https_proxy=$https_proxy" >> $GITHUB_ENV
echo "no_proxy=$no_proxy" >> $GITHUB_ENV
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# with:
# driver-opts: |
# env.http_proxy=${{ env.http_proxy }}
# env.https_proxy=${{ env.http_proxy }}
# buildkitd-flags: --debug
- name: Extract docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ matrix.runner == 'public' && format('{0}/ci/{1}', secrets.DEFAULT_REGISTRY, github.repository) || '' }}
${{ matrix.runner == 'public' && format('{0}/ci/{1}', secrets.PUBLIC_REGISTRY, github.repository) || '' }}
${{ matrix.runner == 'ubuntu-latest' && format('ghcr.io/{0}', github.repository) || '' }}
tags: |
# set latest tag for default branch
type=raw,value=latest,enable={{is_default_branch}}
type=raw,value=${{ steps.read_version.outputs.value }},enable={{is_default_branch}}
# pull request event
type=ref,event=pr
- name: Extract more docker meta
id: more-meta
shell: bash
run: |
PRIMARY_TAG=$(echo '${{ steps.meta.outputs.tags }}' | head -n 1)
echo "PRIMARY_TAG=$PRIMARY_TAG" >> "$GITHUB_OUTPUT"
echo "PRIMARY_TAG_SHORT=$(echo $PRIMARY_TAG | cut -d ':' -f1)" >> "$GITHUB_OUTPUT"
- name: Login to default container registry
uses: docker/login-action@v2
with:
registry: ${{ secrets.DEFAULT_REGISTRY }}
username: ${{ secrets.DEFAULT_REGISTRY_USER }}
password: ${{ secrets.DEFAULT_REGISTRY_PASSWORD }}
- name: Login to public container registry
uses: docker/login-action@v2
with:
registry: ${{ secrets.PUBLIC_REGISTRY }}
username: ${{ secrets.PUBLIC_REGISTRY_USER }}
password: ${{ secrets.PUBLIC_REGISTRY_PASSWORD }}
- name: Login to ghcr.io
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
id: build-image
uses: docker/build-push-action@v5
with:
build-args: |
${{ matrix.runner == 'public' && format('REGISTRY={0}/ci', secrets.DEFAULT_REGISTRY) || ''}}
HTTP_PROXY=${{ env.http_proxy }}
HTTPS_PROXY=${{ env.https_proxy }}
NO_PROXY=${{ env.no_proxy }}
push: true
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=registry,ref=${{ steps.more-meta.outputs.PRIMARY_TAG_SHORT }}:buildcache
cache-to: ${{ format('refs/heads/{0}', github.event.repository.default_branch) == github.ref && format('type=registry,image-manifest=true,ref={0}:buildcache,mode=max', steps.more-meta.outputs.PRIMARY_TAG_SHORT) || '' }}