chore: add timelocked owner (#49) #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "[Nethermind] Taiko Protocol - Docker build and push" | |
on: | |
workflow_dispatch: | |
push: | |
branches: [main] | |
tags: | |
- "taiko-protocol-v*" | |
paths: | |
- "packages/protocol/**" | |
env: | |
DOCKER_REGISTRY: nethermind.jfrog.io | |
DOCKER_USERNAME: modular | |
DOCKER_REPOSITORY_DEV: modular-oci-local-dev/taiko-protocol | |
DOCKER_REPOSITORY_STAGING: modular-oci-local-staging/taiko-protocol | |
jobs: | |
build: | |
name: Build and push docker image | |
runs-on: ubuntu-latest | |
if: github.repository == 'NethermindEth/surge-taiko-mono' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.DOCKER_REGISTRY }} | |
username: ${{ env.DOCKER_USERNAME }} | |
password: ${{ secrets.ARTIFACTORY_MODULAR_TOKEN_DEVELOPER }} | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ env.DOCKER_REGISTRY }}/${{ env.DOCKER_REPOSITORY_DEV }} | |
tags: | | |
type=raw,value=latest | |
type=ref,event=branch | |
type=ref,event=pr | |
type=ref,event=tag | |
type=sha | |
- name: Build and push by digest | |
id: build | |
uses: docker/build-push-action@v5 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
context: ./packages/protocol | |
file: ./packages/protocol/Dockerfile | |
push: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
- uses: oras-project/setup-oras@v1 | |
- run: oras version | |
- name: Login to registry with oras | |
run: | | |
oras login ${{ env.DOCKER_REGISTRY }} \ | |
-u ${{ env.DOCKER_USERNAME }} \ | |
-p ${{ secrets.ARTIFACTORY_MODULAR_TOKEN_DEVELOPER }} | |
- name: Promote to Staging | |
run: | | |
# Read tags line by line using a while loop | |
echo "${{ steps.meta.outputs.tags }}" | while IFS= read -r tag; do | |
echo "Current tag: $tag" | |
# Trim any whitespace from the tag | |
tag=$(echo "$tag" | xargs) | |
# Extract the tag suffix (everything after the last colon) | |
tag_suffix="${tag##*:}" | |
# Construct source and destination tags | |
source_image="${DOCKER_REGISTRY}/${DOCKER_REPOSITORY_DEV}:${tag_suffix}" | |
staging_image="${DOCKER_REGISTRY}/${DOCKER_REPOSITORY_STAGING}:${tag_suffix}" | |
echo "Promoting ${source_image} to ${staging_image}" | |
oras cp -r "${source_image}" "${staging_image}" | |
done | |
- name: Summary | |
run: | | |
echo "## Docker build completed :green_circle:" >> $GITHUB_STEP_SUMMARY | |
echo "### Tags" >> $GITHUB_STEP_SUMMARY | |
echo "${{ steps.meta.outputs.tags }}" | while IFS= read -r TAG; do | |
echo "- $TAG" >> $GITHUB_STEP_SUMMARY | |
done | |
echo "### Notes" >> $GITHUB_STEP_SUMMARY | |
echo "- The images have also been pushed to ${DOCKER_REPOSITORY_STAGING} repo" >> $GITHUB_STEP_SUMMARY |