Skip to content
This repository has been archived by the owner on Sep 18, 2024. It is now read-only.

Commit

Permalink
.github/workflows: Add automated push to Docker Hub
Browse files Browse the repository at this point in the history
Signed-off-by: Timo Reichl <[email protected]>
  • Loading branch information
Timo Reichl committed Jun 15, 2022
1 parent 385ddc3 commit f9dd778
Show file tree
Hide file tree
Showing 3 changed files with 57 additions and 33 deletions.
15 changes: 15 additions & 0 deletions .github/scripts/docker_retag.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
#!/bin/bash

src_image="${1}"
dst_image_ghcr="${2}"
dst_image_docker_hub="${3}"

do_retag() {
local dst_image="${1}"

docker tag ${src_image} ${dst_image}
docker push ${dst_image}
}

do_retag ${dst_image_ghcr}
do_retag ${dst_image_docker_hub}
37 changes: 20 additions & 17 deletions .github/workflows/docker-latest.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,11 @@ on:

env:
DOCKER_BUILDKIT: 1
REGISTRY_IMAGE: "ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}"
REGISTRY_IMAGE: "${{ github.repository_owner }}/${{ github.event.repository.name }}"
GHCR_PREFIX: "ghcr.io"
DOCKER_HUB_PREFIX: "docker.io"
DOCKER_IMAGE_BASE_ORDER: "base srcds hlds"
DOCKER_RETAG_SH: ".github/scripts/docker_retag.sh"

jobs:
build:
Expand All @@ -23,46 +26,46 @@ jobs:
- name: Log in to GHCR
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

- name: Log in to Docker Hub
run: echo "${{ secrets.DOCKERHUB_ACCESS }}" | docker login docker.io -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin

- name: Build and push latest base images
run: |
for docker_base_image_type in ${DOCKER_IMAGE_BASE_ORDER}; do
docker-compose build ${docker_base_image_type}
src_docker_image=${REGISTRY_IMAGE}:${docker_base_image_type}
dst_docker_image=${REGISTRY_IMAGE}:${docker_base_image_type}-latest
docker tag ${src_docker_image} ${dst_docker_image}
docker push ${dst_docker_image}
bash ${DOCKER_RETAG_SH} \
${REGISTRY_IMAGE}:${docker_base_image_type} \
${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_base_image_type}-latest \
${DOCKER_HUB_PREFIX}/${REGISTRY_IMAGE}:${docker_base_image_type}-latest
done
- name: Build and push latest HLDS-based game images
run: |
for docker_hlds_game in $(ls image/games/hlds); do
docker-compose build ${docker_hlds_game}
src_docker_image=${REGISTRY_IMAGE}:${docker_hlds_game}
dst_docker_image=${REGISTRY_IMAGE}:${docker_hlds_game}-latest
docker tag ${src_docker_image} ${dst_docker_image}
docker push ${dst_docker_image}
bash ${DOCKER_RETAG_SH} \
${REGISTRY_IMAGE}:${docker_hlds_game} \
${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_hlds_game}-latest \
${DOCKER_HUB_PREFIX}/${REGISTRY_IMAGE}:${docker_hlds_game}-latest
done
- name: Build and push latest SRCDS-based game images
run: |
for docker_srcds_game in $(ls image/games/srcds); do
docker-compose build ${docker_srcds_game}
src_docker_image=${REGISTRY_IMAGE}:${docker_srcds_game}
dst_docker_image=${REGISTRY_IMAGE}:${docker_srcds_game}-latest
docker tag ${src_docker_image} ${dst_docker_image}
docker push ${dst_docker_image}
bash ${DOCKER_RETAG_SH} \
${REGISTRY_IMAGE}:${docker_srcds_game} \
${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_srcds_game}-latest \
${DOCKER_HUB_PREFIX}/${REGISTRY_IMAGE}:${docker_srcds_game}-latest
done
- name: Run Trivy vulnerability scanner - SRCDS image
uses: aquasecurity/trivy-action@4b9b6fb4ef28b31450391a93ade098bb00de584e
with:
image-ref: "${{ env.REGISTRY_IMAGE }}:srcds-latest"
image-ref: "${{ env.GHCR_PREFIX }}:srcds-latest"
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH,MEDIUM,LOW'
Expand Down
38 changes: 22 additions & 16 deletions .github/workflows/docker-tag.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,11 @@ on:

env:
DOCKER_BUILDKIT: 1
REGISTRY_IMAGE: "ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}"
REGISTRY_IMAGE: "${{ github.repository_owner }}/${{ github.event.repository.name }}"
GHCR_PREFIX: "ghcr.io"
DOCKER_HUB_PREFIX: "docker.io"
DOCKER_IMAGE_BASE_ORDER: "base srcds hlds"
DOCKER_RETAG_SH: ".github/scripts/docker_retag.sh"

jobs:
retag:
Expand All @@ -23,35 +26,38 @@ jobs:
- name: Log in to GHCR
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

- name: Log in to Docker Hub
run: echo "${{ secrets.DOCKERHUB_ACCESS }}" | docker login docker.io -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin

- name: Publish tagged base images
run: |
for docker_base_image_type in ${DOCKER_IMAGE_BASE_ORDER}; do
src_docker_image=${REGISTRY_IMAGE}:${docker_base_image_type}-latest
dst_docker_image=${REGISTRY_IMAGE}:${docker_base_image_type}-${{ github.ref_name }}
docker pull "${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_base_image_type}-latest"
docker pull ${src_docker_image}
docker tag ${src_docker_image} ${dst_docker_image}
docker push ${dst_docker_image}
bash ${DOCKER_RETAG_SH} \
${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_base_image_type}-latest \
${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_base_image_type}-${{ github.ref_name }} \
${DOCKER_HUB_PREFIX}/${REGISTRY_IMAGE}:${docker_base_image_type}-${{ github.ref_name }}
done
- name: Publish tagged HLDS-based game images
run: |
for docker_hlds_game in $(ls image/games/hlds); do
src_docker_image=${REGISTRY_IMAGE}:${docker_hlds_game}-latest
dst_docker_image=${REGISTRY_IMAGE}:${docker_hlds_game}-${{ github.ref_name }}
docker pull "${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_hlds_game}-latest"
docker pull ${src_docker_image}
docker tag ${src_docker_image} ${dst_docker_image}
docker push ${dst_docker_image}
bash ${DOCKER_RETAG_SH} \
${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_hlds_game}-latest \
${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_hlds_game}-${{ github.ref_name }} \
${DOCKER_HUB_PREFIX}/${REGISTRY_IMAGE}:${docker_hlds_game}-${{ github.ref_name }}
done
- name: Publish tagged SRCDS-based game images
run: |
for docker_srcds_game in $(ls image/games/srcds); do
src_docker_image=${REGISTRY_IMAGE}:${docker_srcds_game}-latest
dst_docker_image=${REGISTRY_IMAGE}:${docker_srcds_game}-${{ github.ref_name }}
docker pull "${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_srcds_game}-latest"
docker pull ${src_docker_image}
docker tag ${src_docker_image} ${dst_docker_image}
docker push ${dst_docker_image}
bash ${DOCKER_RETAG_SH} \
${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_srcds_game}-latest \
${GHCR_PREFIX}/${REGISTRY_IMAGE}:${docker_srcds_game}-${{ github.ref_name }} \
${DOCKER_HUB_PREFIX}/${REGISTRY_IMAGE}:${docker_srcds_game}-${{ github.ref_name }}
done

0 comments on commit f9dd778

Please sign in to comment.