name: Publish Docker Image to GCR on: push: branches: [dev,main] paths: ['.github/ci-docker-publish.yml', 'programs/**', 'client/**', 'keeper/**', 'liquidator/**'] workflow_call: secrets: GCR_PROJECT: required: true GCR_SA_KEY: required: true workflow_dispatch: env: PROJECT_ID: ${{ secrets.GCR_PROJECT }} IMAGE: mango-v4 jobs: build: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 with: submodules: recursive # Use docker buildx - name: Use docker buildx uses: docker/setup-buildx-action@v2 id: buildx with: install: true buildkitd-flags: --debug # Login to Google Cloud - name: 'Login to Google Cloud' uses: 'google-github-actions/auth@v0' id: auth with: token_format: 'access_token' credentials_json: '${{ secrets.GCR_SA_KEY }}' # Login to GCR - name: Login to GCR uses: docker/login-action@v2 with: registry: username: oauth2accesstoken password: ${{ steps.auth.outputs.access_token }} # Build and push the base image, leveraging layer caching - name: Build and Push Base Image uses: docker/build-push-action@v2 with: context: . push: true tags: |${{ env.PROJECT_ID }}/${{ env.IMAGE }}:${{ github.sha }}${{ env.PROJECT_ID }}/${{ env.IMAGE }}:latest cache-from: type=gha cache-to: type=gha,mode=max # Build and push the liquidator runtime image - name: Build and Push Liquidator uses: docker/build-push-action@v2 with: file: liquidator/Dockerfile.liquidator context: . push: true tags: |${{ env.PROJECT_ID }}/${{ env.IMAGE }}-liquidator:${{ github.sha }}${{ env.PROJECT_ID }}/${{ env.IMAGE }}-liquidator:latest # Build and push the keeper runtime image - name: Build and Push Keeper uses: docker/build-push-action@v2 with: file: keeper/Dockerfile.keeper context: . push: true tags: |${{ env.PROJECT_ID }}/${{ env.IMAGE }}-keeper:${{ github.sha }}${{ env.PROJECT_ID }}/${{ env.IMAGE }}-keeper:latest