Created
January 8, 2022 17:57
-
-
Save calvinf/9043bd4b5557f2b383159f4ffd64aa81 to your computer and use it in GitHub Desktop.
Github Action for Docker Build and Push to Google Artifact Registry
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| env: | |
| # Github Container registry | |
| REGISTRY: us-docker.pkg.dev | |
| REGISTRY_PATH: ${{ secrets.GCP_PROJECT_ID }}/YOUR_GAR_REGISTRY_NAME | |
| GCP_REGION: us-central1 | |
| SERVICE_NAME: YOUR_SERVICE_NAME | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| # This is used to complete the identity challenge | |
| # with sigstore/fulcio when running outside of PRs. | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| - name: Setup Docker buildx | |
| uses: docker/setup-buildx-action@v1 | |
| # Login against a Docker registry except on PR | |
| - name: Log into registry Google Artifact Registry | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: _json_key_base64 | |
| password: ${{ secrets.GCP_SA_KEY }} | |
| # Extract metadata (tags, labels) for Docker | |
| # https://github.com/docker/metadata-action | |
| - name: Extract Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v3 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.REGISTRY_PATH }}/${{ env.SERVICE_NAME }} | |
| # Build and push Docker image with Buildx (don't push on PR) | |
| # https://github.com/docker/build-push-action | |
| - name: Build and push Docker image | |
| id: build-and-push | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For anyone coming along in 2022+ looking to get Docker builds working with Google Artifact Registry, here's one that will work if you have the appropriate secrets defined in Github Secrets for your repository.
GCP_PROJECT_IDfor your Google Cloud project IDGCP_SA_KEYwith the base64 encoded service account JSON)