Build and Push Docker Image #49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Push Docker Image | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Version tag from FastBCP (ex: v0.28.0)' | |
| required: true | |
| schedule: | |
| # Rebuild every Monday at 3 AM UTC to get latest base image updates | |
| - cron: '0 3 * * 1' | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: eu-west-1 | |
| - name: Log in to Docker Hub (push) | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Log in to DHI registry (pull base image) | |
| run: | | |
| echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login dhi.io \ | |
| -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Get versions to build | |
| id: versions | |
| run: | | |
| # Get all existing tags from Docker Hub | |
| ALL_VERSIONS=$(curl -s "https://hub.docker.com/v2/repositories/aetp/fastbcp/tags/?page_size=100" | \ | |
| jq -r '.results[].name' | grep '^v[0-9]' | sort -V) | |
| # Find the latest version of each minor branch (e.g., latest 0.28.x, 0.27.x, etc.) | |
| LATEST_PER_MINOR=$(echo "$ALL_VERSIONS" | \ | |
| sed 's/v\([0-9]*\.[0-9]*\)\.[0-9]*/\1/' | \ | |
| uniq | \ | |
| while read minor; do | |
| echo "$ALL_VERSIONS" | grep "^v${minor}\." | tail -n 1 | |
| done | tr '\n' ' ') | |
| if [ "${{ github.event_name }}" = "schedule" ]; then | |
| echo "Scheduled build: rebuilding latest of each minor branch" | |
| echo "Versions to rebuild: $LATEST_PER_MINOR" | |
| echo "versions=$LATEST_PER_MINOR" >> $GITHUB_OUTPUT | |
| echo "new_version=" >> $GITHUB_OUTPUT | |
| else | |
| echo "Manual build: building new version + latest of each minor branch" | |
| NEW_VERSION="${{ github.event.inputs.version }}" | |
| echo "New version: $NEW_VERSION" | |
| echo "Latest versions per minor branch to rebuild: $LATEST_PER_MINOR" | |
| echo "versions=$LATEST_PER_MINOR" >> $GITHUB_OUTPUT | |
| echo "new_version=$NEW_VERSION" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Build and push all versions | |
| env: | |
| S3_BASE_PATH: ${{ secrets.AWS_S3_FASTBCP_PATH }} | |
| run: | | |
| NEW_VERSION="${{ steps.versions.outputs.new_version }}" | |
| VERSIONS="${{ steps.versions.outputs.versions }}" | |
| # Build/rebuild existing versions first (oldest to newest) | |
| for VERSION in $VERSIONS; do | |
| # Skip if this is the new version (will be built last) | |
| if [ "$VERSION" = "$NEW_VERSION" ]; then | |
| echo "Skipping $VERSION (will be built as new version at the end)" | |
| continue | |
| fi | |
| echo "================================================" | |
| echo "Building version: $VERSION" | |
| echo "================================================" | |
| # Download FastBCP binary | |
| FILE="FastBCP-linux-x64-${VERSION}.zip" | |
| S3_PATH="${S3_BASE_PATH}${FILE}" | |
| echo "Checking if ${S3_PATH} exists..." | |
| if ! aws s3 ls "${S3_PATH}" >/dev/null 2>&1; then | |
| echo "⚠️ Warning: ${S3_PATH} not found, skipping..." | |
| continue | |
| fi | |
| echo "Downloading ${FILE}..." | |
| aws s3 cp "${S3_PATH}" FastBCP.zip | |
| unzip -o FastBCP.zip -d ./FastBCP_extracted | |
| rm FastBCP.zip | |
| mv -f ./FastBCP_extracted/FastBCP ./FastBCP | |
| chmod +x ./FastBCP | |
| # Build and push (version tag only, no 'latest') | |
| docker buildx build \ | |
| --push \ | |
| --platform linux/amd64 \ | |
| --tag aetp/fastbcp:${VERSION} \ | |
| --provenance=true \ | |
| --sbom=true \ | |
| --no-cache \ | |
| . | |
| echo "✅ Successfully built and pushed: ${VERSION}" | |
| # Cleanup | |
| rm -rf ./FastBCP ./FastBCP_extracted | |
| done | |
| # Build the new version last (manual builds only) | |
| if [ -n "$NEW_VERSION" ]; then | |
| echo "================================================" | |
| echo "Building NEW version: $NEW_VERSION (will be tagged as latest)" | |
| echo "================================================" | |
| FILE="FastBCP-linux-x64-${NEW_VERSION}.zip" | |
| S3_PATH="${S3_BASE_PATH}${FILE}" | |
| echo "Checking if ${S3_PATH} exists..." | |
| aws s3 ls "${S3_PATH}" >/dev/null | |
| echo "Downloading ${FILE}..." | |
| aws s3 cp "${S3_PATH}" FastBCP.zip | |
| unzip -o FastBCP.zip -d ./FastBCP_extracted | |
| rm FastBCP.zip | |
| mv -f ./FastBCP_extracted/FastBCP ./FastBCP | |
| chmod +x ./FastBCP | |
| # Build new version with 'latest' tag | |
| docker buildx build \ | |
| --push \ | |
| --platform linux/amd64 \ | |
| --tag aetp/fastbcp:${NEW_VERSION} \ | |
| --tag aetp/fastbcp:latest \ | |
| --provenance=true \ | |
| --sbom=true \ | |
| --no-cache \ | |
| . | |
| echo "✅ Successfully built and pushed: ${NEW_VERSION} (+ latest)" | |
| rm -rf ./FastBCP ./FastBCP_extracted | |
| fi | |
| # For scheduled builds, update latest with the most recent version | |
| if [ "${{ github.event_name }}" = "schedule" ] && [ -n "$VERSIONS" ]; then | |
| LATEST_VERSION=$(echo "$VERSIONS" | tr ' ' '\n' | tail -n 1) | |
| echo "Tagging latest with ${LATEST_VERSION}..." | |
| docker buildx imagetools create \ | |
| aetp/fastbcp:${LATEST_VERSION} \ | |
| --tag aetp/fastbcp:latest | |
| fi | |
| - name: Smoke test | |
| run: | | |
| set -eux | |
| docker run --rm aetp/fastbcp:latest >/dev/null | |
| echo "✅ FastBCP runs" |