Create maven-build-docker-image.yml

dotCMS · Dec 3, 2023 · c588fe9 · c588fe9
1 parent 3252485
commit c588fe9
Showing 1 changed file with 213 additions and 0 deletions.
diff --git a/.github/workflows/maven-build-docker-image.yml b/.github/workflows/maven-build-docker-image.yml
@@ -0,0 +1,213 @@
+name: Maven Build Docker Image
+on:
+  workflow_call:
+    inputs:
+      ref:
+        description: 'Ref to checkout'
+        required: true
+        type: string
+      docker_platforms:
+        description: 'Docker platforms to build the image on'
+        required: true
+        type: string
+        default: 'linux/amd64'
+      docker_context_cache_key:
+        description: 'Cache key for the docker context'
+        required: true
+        type: string
+      docker_registry:
+        description: 'Docker registry to push the image to'
+        required: true
+        type: choice
+        options:
+          - DOCKER.IO
+          - GHCR.IO
+          - BOTH
+        default: 'DOCKER.IO'
+jobs:
+  build_push_image:
+    name: Build and Push Image
+    runs-on: ubuntu-latest
+    env:
+      JAVA_VERSION: 11
+      JAVA_DISTRO: temurin
+      JVM_TEST_MAVEN_OPTS: '-e -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn'
+      DOCKER_BUILD_CONTEXT: /home/runner/work/_temp/core-build
+    outputs:
+      tags: ${{ steps.meta.outputs.tags }}
+    if: success()
+    steps:
+      - name: Checkout core
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ inputs.ref }}
+
+      - name: Restore Docker Context
+        id: restore-docker-context
+        uses: actions/cache/restore@v3
+        with:
+          path: ${{ env.DOCKER_BUILD_CONTEXT }}/context
+          key: ${{ inputs.docker_context_cache_key }}
+        if: inputs.docker_context_cache_key != ''
+
+      - name: Build Status
+        id: build-status
+        run: |
+          rebuild=false
+          if [[ -z "${{ inputs.docker_context_cache_key }}" || ! -d ${DOCKER_BUILD_CONTEXT}/context ]]; then
+            rebuild=true
+          fi
+          
+          echo "rebuild=${rebuild}" >> $GITHUB_OUTPUT
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          java-version: ${{ env.JAVA_VERSION }}
+          distribution: ${{ env.JAVA_DISTRO }}
+        if: steps.build-status.outputs.rebuild == 'true'
+
+      - name: Build Core
+        run: |
+          mkdir -p ${DOCKER_BUILD_CONTEXT}/context
+          ./mvnw -ntp \
+            ${JVM_TEST_MAVEN_OPTS} \
+            -Dprod=true \
+            -Ddocker.buildArchiveOnly=${DOCKER_BUILD_CONTEXT} \
+            -DskipTests=true \
+            -DskipITs=true \
+            clean install \
+            --file pom.xml \
+            --show-version
+          rc=$?
+          if [[ $rc != 0 ]]; then
+            echo "Build failed with exit code $rc"
+            exit $rc
+          fi
+        if: steps.build-status.outputs.rebuild == 'true'
+
+      - name: Set Common Vars
+        id: set-common-vars
+        run: |
+          build_version=master
+          build_properties=${DOCKER_BUILD_CONTEXT}/context/maven/dotserver/tomcat-9.0.60/webapps/ROOT/WEB-INF/classes/build.properties
+          
+          if [[ -f ${build_properties} ]]; then
+            version=$(cat ${build_properties} | grep version | cut -d'=' -f2)
+            if [[ ! ${version} =~ ^[0-9]{1}.[0-9]{1}.[0-9]{1}-SNAPSHOT$ ]]; then
+              build_version=${build_version}
+            fi
+          
+            build_hash=$(cat ${build_properties} | grep revision | cut -d'=' -f2)
+            if [[ ! ${build_hash} =~ ^[0-9a-f]{7}$ ]]; then
+              build_hash=$(git log -1 --pretty=%h)
+              build_hash=${build_hash::7}
+            fi
+          fi
+          
+          build_id=${{ inputs.ref }}
+          
+          is_trunk=false
+          if [[ "${build_id}" == 'master' || ${build_id} =~ ^[0-9]{2}.[0-9]{2}.[0-9]{2}_lts$ ]]; then
+            is_trunk=true
+          fi
+          
+          is_lts=false
+          if [[ ${build_version} =~ ^[0-9]{2}.[0-9]{2}.[0-9]{2}_lts(_v[0-9]{2})?$ ]]; then
+            is_lts=true
+          fi
+          
+          version=${build_version}
+          is_snapshot=false
+          is_release=false
+          is_latest=false
+          is_custom=false
+          
+          if [[ ${build_version} =~ ^[0-9]{1}.[0-9]{1}.[0-9]{1}-SNAPSHOT$ ]]; then
+            if [[ "${is_trunk}" == 'true' ]]; then
+              is_snapshot=true
+              version=${build_id}
+            fi
+          elif [[ ${build_version} =~ ^[0-9]{2}.[0-9]{2}.[0-9]{2}$ ]]; then
+            is_release=true
+            is_latest=true
+          elif [[ ${build_version} =~ ^[0-9]{2}.[0-9]{2}.[0-9]{2}_lts$ ]]; then
+            is_snapshot=true
+            version=${build_id}
+          elif [[ ${build_version} =~ ^[0-9]{2}.[0-9]{2}.[0-9]{2}_lts_v[0-9]{2}$ ]]; then
+            is_release=true
+          else
+            is_custom=true
+            version=${build_id}
+          fi
+          
+          echo "version=${version}" >> $GITHUB_OUTPUT
+          echo "build_hash=${build_hash}" >> $GITHUB_OUTPUT
+          echo "build_id=${build_id}" >> $GITHUB_OUTPUT
+          echo "is_trunk=${is_trunk}" >> $GITHUB_OUTPUT
+          echo "is_lts=${is_lts}" >> $GITHUB_OUTPUT
+          echo "is_snapshot=${is_snapshot}" >> $GITHUB_OUTPUT
+          echo "is_release=${is_release}" >> $GITHUB_OUTPUT
+          echo "is_latest=${is_latest}" >> $GITHUB_OUTPUT
+          echo "is_custom=${is_custom}" >> $GITHUB_OUTPUT
+
+      # Tag detected means release
+      - name: Docker Metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            dotcms/dotcms
+          tags: |
+            type=raw,value=${{ steps.set-common-vars.outputs.version }}_{{sha}},enable=true
+            type=raw,value=${{ steps.set-common-vars.outputs.version }}_SNAPSHOT,enable=${{ steps.set-common-vars.outputs.is_snapshot == true }}
+            type=raw,value=${{ steps.set-common-vars.outputs.version }},enable=${{ steps.set-common-vars.outputs.is_release == true }}
+            type=raw,value=latest,enable=${{ steps.set-common-vars.outputs.is_latest == true }}
+            type=raw,value={{sha}},enable=${{ steps.set-common-vars.outputs.is_latest == true }}
+
+      - name: Debug Docker Metadata
+        run: |
+          echo "${{ fromJSON(steps.meta.outputs.json) }}"
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3.0.0
+        with:
+          image: tonistiigi/binfmt:latest
+          platforms: ${{ input.docker_platforms }}
+
+      - name: Docker Setup Buildx
+        id: docker-setup-buildx
+        uses: docker/setup-buildx-action@v3.0.0
+        with:
+          version: latest
+          platforms: ${{ inputs.docker_platforms }}
+          driver-opts: |
+            image=moby/buildkit:v0.12.2
+
+      - name: Docker Hub login
+        uses: docker/login-action@v3.0.0
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_TOKEN }}
+        if: docker_registry == 'DOCKER.IO' || docker_registry == 'BOTH'
+
+      - name: GHCR login
+        uses: docker/login-action@v3.0.0
+        with:
+          registry: ghcr.io
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.GHCR_TOKEN }}
+        if: docker_registry == 'GHCR.IO' || docker_registry == 'BOTH'
+
+      - name: Build Docker Image
+        uses: docker/build-push-action@v5
+        with:
+          context: ${{ env.DOCKER_BUILD_CONTEXT }}/context
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: ${{ inputs.docker_platforms }}
+          pull: true
+          push: true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+        if: success()