.github/workflows/docker.yml
name: Docker
on:
pull_request:
push:
branches:
- master
- oidc-api-tokens
permissions:
contents: read
id-token: write
jobs:
build:
name: Docker build (and optional push)
runs-on: ubuntu-22.04
env:
RUBYGEMS_VERSION: 3.5.10
RUBY_VERSION: 3.3.1
steps:
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # master
- name: Cache Docker layers
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-rubygems-${{ hashFiles('**/Gemfile.lock') }}
restore-keys: |
${{ runner.os }}-rubygems-org
- name: Install and start services (needed for image test)
run: docker-compose up -d
- name: Configure AWS credentials from Production account
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
if: github.secret_source != 'None'
with:
role-to-assume: arn:aws:iam::048268392960:role/rubygems-ecr-pusher
aws-region: us-west-2
- name: Login to Amazon ECR
if: github.secret_source != 'None'
uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1
- name: build, test and optionally push docker image
run: ./script/build_docker.sh
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache