Skip to content
Build Docs Toolbox Image

Für Umzug auf docs-as-code-toolkit vorbereitet #18

Sign in to view logs

Für Umzug auf docs-as-code-toolkit vorbereitet

Für Umzug auf docs-as-code-toolkit vorbereitet #18

Workflow file for this run

.github/workflows/create-docs-toolbox-image.yml at 591574d
name: Build Docs Toolbox Image
on:
push:
branches: [ main ]
tags:
- '*'
workflow_dispatch:
jobs:
build-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set image name
id: image
shell: bash
run: |
IMAGE_NAME="ghcr.io/${GITHUB_REPOSITORY_OWNER}/docs-toolbox"
echo "image_name=${IMAGE_NAME}" >> "$GITHUB_OUTPUT"
- name: Compute tags
id: meta
shell: bash
run: |
set -euo pipefail
IMAGE="${{ steps.image.outputs.image_name }}"
DOCKERFILE_HASH="$(sha256sum Dockerfile | awk '{print $1}' | cut -c1-12)"
HASH_TAG="df-${DOCKERFILE_HASH}"
TAGS="${IMAGE}:${HASH_TAG}"
HAS_GIT_TAG=false
GIT_TAG=""
if git tag --points-at HEAD | grep -q .; then
GIT_TAG="$(git tag --points-at HEAD | head -n1)"
HAS_GIT_TAG=true
TAGS="${TAGS},${IMAGE}:${GIT_TAG},${IMAGE}:latest"
fi
echo "dockerfile_hash=${DOCKERFILE_HASH}" >> "$GITHUB_OUTPUT"
echo "hash_tag=${HASH_TAG}" >> "$GITHUB_OUTPUT"
echo "has_git_tag=${HAS_GIT_TAG}" >> "$GITHUB_OUTPUT"
echo "git_tag=${GIT_TAG}" >> "$GITHUB_OUTPUT"
echo "tags=${TAGS}" >> "$GITHUB_OUTPUT"
echo "Using tags: ${TAGS}"
- name: Extract description from README marker block
id: readme
shell: bash
run: |
set -euo pipefail
FALLBACK="A lightweight Docker image for running Docs-as-Code pipelines in a fully reproducible environment — locally and in CI."
if [[ ! -f README.md ]]; then
echo "description=${FALLBACK}" >> "$GITHUB_OUTPUT"
exit 0
fi
DESC="$(
awk '
/<!-- image-description:start -->/ { capture=1; next }
/<!-- image-description:end -->/ { capture=0; exit }
capture { print }
' README.md
)"
# Falls Marker fehlen oder leer sind -> Fallback
if [[ -z "${DESC//[[:space:]]/}" ]]; then
DESC="$FALLBACK"
fi
# Auf eine Zeile reduzieren
DESC="$(printf '%s' "$DESC" | tr '\n' ' ')"
DESC="$(printf '%s' "$DESC" | sed -E 's/[[:space:]]+/ /g; s/^ //; s/ $//')"
# Ein bisschen Markdown entschärfen
DESC="$(printf '%s' "$DESC" | sed -E 's/\[([^\]]+)\]\([^)]+\)/\1/g')"
DESC="$(printf '%s' "$DESC" | sed -E 's/`([^`]+)`/\1/g')"
# Für GITHUB_OUTPUT / Shell sicherer machen
DESC="$(printf '%s' "$DESC" | sed 's/\\/\\\\/g; s/"/\\"/g')"
# GHCR description max. 512 Zeichen
DESC="$(printf '%.512s' "$DESC")"
echo "description=${DESC}" >> "$GITHUB_OUTPUT"
echo "Description: ${DESC}"
- name: Login to GHCR
run: echo "${{ secrets.GHCR_PAT }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push image
shell: bash
run: |
set -euo pipefail
IMAGE="${{ steps.image.outputs.image_name }}"
TAGS="${{ steps.meta.outputs.tags }}"
DESCRIPTION="${{ steps.readme.outputs.description }}"
TAG_ARGS=""
IFS=',' read -ra TAG_ARRAY <<< "$TAGS"
for tag in "${TAG_ARRAY[@]}"; do
TAG_ARGS="$TAG_ARGS -t $tag"
done
docker buildx build \
--platform linux/amd64,linux/arm64 \
--cache-from=type=registry,ref=$IMAGE:cache \
--cache-to=type=registry,ref=$IMAGE:cache,mode=max \
$TAG_ARGS \
--annotation "index:org.opencontainers.image.description=$DESCRIPTION" \
--annotation "index:org.opencontainers.image.source=https://github.com/${GITHUB_REPOSITORY}" \
--push .
- name: Print summary
shell: bash
run: |
echo "Dockerfile hash tag: ${{ steps.meta.outputs.hash_tag }}"
echo "Description: ${{ steps.readme.outputs.description }}"
if [[ "${{ steps.meta.outputs.has_git_tag }}" == "true" ]]; then
echo "Git tag: ${{ steps.meta.outputs.git_tag }}"
echo "latest tag was also published"
else
echo "No Git tag on HEAD, so no latest tag published"
fi