Build and Push Docker Images #248
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Push Docker Images | |
on: workflow_dispatch | |
env: | |
PYTHON_IMAGE: python:3.9-slim-buster | |
LOCAL_IMAGE_FRONTEND: localhost:5000/lms-frontend-webpack:latest | |
LOCAL_IMAGE_DJANGO: localhost:5000/lms-backend-django:latest | |
YC_REMOTE_IMAGE_BACKEND_DJANGO: cr.yandex/crp117orrt9bf62s55e2/backend-django:${{ github.run_number }} | |
YC_REMOTE_IMAGE_BACKEND_NGINX: cr.yandex/crp117orrt9bf62s55e2/backend-nginx:${{ github.run_number }} | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
services: | |
# https://docs.docker.com/registry/deploying/#run-a-local-registry | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
path: lms-backend | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v1 | |
with: | |
version: v0.9.1 | |
provenance: false | |
driver-opts: network=host | |
- name: Inspect python base image | |
id: digests | |
run: | | |
docker pull ${{ env.PYTHON_IMAGE }} | |
echo "::set-output name=PYTHON_IMAGE::$(docker inspect docker.io/library/${{ env.PYTHON_IMAGE }} | jq -r '.[0].RepoDigests[0]' | cut -d'@' -f2)" | |
- name: Build Cache - Frontend | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-webpack-cache | |
key: ${{ runner.os }}-webpack-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-webpack-buildx | |
- name: Build Cache - Django | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-django-cache | |
key: ${{ runner.os }}-django-buildx-${{ hashFiles('**/Pipfile.lock') }}-${{ steps.digests.outputs.PYTHON_IMAGE }} | |
restore-keys: | | |
${{ runner.os }}-django-buildx | |
- name: Checkout frontend repo | |
uses: actions/checkout@v2 | |
with: | |
repository: cscenter/site-frontend | |
ssh-key: ${{ secrets.FRONTEND_DEPLOY_KEY }} | |
path: lms-frontend | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-central-1 | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- name: Login to Yandex Cloud Container Registry | |
id: login-ycr | |
uses: docker/login-action@v1 | |
with: | |
registry: cr.yandex | |
username: json_key | |
# https://cloud.yandex.ru/docs/container-registry/operations/authentication#sa-json | |
password: ${{ secrets.YC_REGISTRY_JSON_CREDENTIALS }} | |
- name: Debug | |
run: | | |
docker images | |
docker buildx ls | |
- name: Build frontend image | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./lms-frontend | |
file: ./lms-frontend/Dockerfile | |
push: true | |
load: false | |
builder: ${{ steps.buildx.outputs.name }} | |
build-args: | | |
WEBPACK_ENVIRONMENT=prod | |
SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} | |
tags: ${{ env.LOCAL_IMAGE_FRONTEND }} | |
cache-from: type=local,src=/tmp/.buildx-webpack-cache | |
cache-to: type=local,mode=max,dest=/tmp/.buildx-webpack-cache-new | |
- name: Debug | |
run: | | |
docker images | |
docker buildx ls | |
- name: Build image with django dependencies | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./lms-backend/ | |
file: ./lms-backend/docker-files/app/common.Dockerfile | |
push: true | |
builder: ${{ steps.buildx.outputs.name }} | |
tags: ${{ env.LOCAL_IMAGE_DJANGO }} | |
cache-from: type=local,src=/tmp/.buildx-django-cache | |
cache-to: type=local,mode=max,dest=/tmp/.buildx-django-cache-new | |
- name: Build final backend app image | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./lms-backend/ | |
file: ./lms-backend/docker-files/app/Dockerfile | |
push: true | |
load: false | |
builder: ${{ steps.buildx.outputs.name }} | |
build-args: | | |
WEBPACK_ENVIRONMENT=prod | |
DJANGO_STATIC_ROOT=/var/www/static/ | |
SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} | |
FRONTEND_IMAGE=${{ env.LOCAL_IMAGE_FRONTEND }} | |
BASE_IMAGE=${{ env.LOCAL_IMAGE_DJANGO }} | |
tags: ${{ env.YC_REMOTE_IMAGE_BACKEND_DJANGO }} | |
- name: Build backend nginx image | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./lms-backend/docker-files/nginx/ | |
file: ./lms-backend/docker-files/nginx/Dockerfile | |
push: true | |
load: false | |
builder: ${{ steps.buildx.outputs.name }} | |
build-args: | | |
DJANGO_STATIC_ROOT=/var/www/static/ | |
DJANGO_IMAGE=${{ env.YC_REMOTE_IMAGE_BACKEND_DJANGO }} | |
tags: ${{ env.YC_REMOTE_IMAGE_BACKEND_NGINX }} | |
- name: Debug | |
run: docker images | |
# https://github.com/docker/build-push-action/issues/252 | |
- name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-webpack-cache /tmp/.buildx-django-cache | |
mv /tmp/.buildx-webpack-cache-new /tmp/.buildx-webpack-cache | |
mv /tmp/.buildx-django-cache-new /tmp/.buildx-django-cache |