build-and-publish-head:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop' # Running this job only for develop branch
steps:
- uses: actions/checkout@v2 # Checking out the repo
- name: Build and Publish head Docker image
uses: VaultVulp/gp-docker-action@1.1.12
with:
github-token: ${{ secrets.GITHUB_TOKEN }} # Provide GITHUB_TOKEN to login into the GitHub Packages
image-name: my-cool-service # Provide Docker image name
image-tag: head # Provide Docker image tagbuild-and-publish-latest:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master' # Running this job only for master branch
steps:
- uses: actions/checkout@v2 # Checking out the repo
- name: Build and Publish latest Docker image
uses: VaultVulp/gp-docker-action@1.1.12
with:
github-token: ${{ secrets.GITHUB_TOKEN }} # Provide GITHUB_TOKEN to login into the GitHub Packages
image-name: my-cool-service # Provide only Docker image name, tag will be automatically set to latest
dockerfile: Dockerfile_serverbuild-and-publish-tag:
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/') # Running this job only for tags
steps:
- uses: actions/checkout@v2
- name: Build and Publish Tag Docker image
uses: VaultVulp/gp-docker-action@1.1.12
with:
github-token: ${{ secrets.GITHUB_TOKEN }} # Provide GITHUB_TOKEN to login into the GitHub Packages
image-name: my-cool-service # Provide only Docker image name
extract-git-tag: true # Provide flag to extract Docker image tag from git referencebuild-and-publish-dev:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop' # Running this job only for develop branch
steps:
- uses: actions/checkout@v2 # Checking out the repo
- name: Build and Publish head Docker image
uses: VaultVulp/gp-docker-action@1.1.12
with:
github-token: ${{ secrets.GITHUB_TOKEN }} # Provide GITHUB_TOKEN to login into the GitHub Packages
image-name: my-cool-service # Provide Docker image name
build-context: ./dev # Provide path to the folder with the Dockerfilepull-and-build-dev:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop' # Running this job only for develop branch
steps:
- uses: actions/checkout@v2 # Checking out the repo
- name: Build and Publish head Docker image
uses: VaultVulp/gp-docker-action@1.1.12
with:
github-token: ${{ secrets.GITHUB_TOKEN }} # Provide GITHUB_TOKEN to login into the GitHub Packages
image-name: my-cool-service # Provide Docker image name
pull-image: true # Raise the flag to try to pull imagebuild-with-custom-args:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop' # Running this job only for develop branch
steps:
- uses: actions/checkout@v2 # Checking out the repo
- name: Build with --build-arg(s)
uses: VaultVulp/gp-docker-action@1.1.12
with:
github-token: ${{ secrets.GITHUB_TOKEN }} # Provide GITHUB_TOKEN to login into the GitHub Packages
image-name: my-cool-service # Provide Docker image name
custom-args: --build-arg some=value --build-arg some_other=value # Pass some additional arguments to the docker build commandYou will encounter the following log message in your GitHub Actions Pipelines:
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /github/home/.docker/config.json.
Login Succeeded
I would like to encourage you, that I do not store your secrets, passwords, token, or any other information.
This warning informs you about the fact, that this Action passes your GitHub token via the command line argument:
docker login -u publisher -p ${DOCKER_TOKEN} docker.pkg.github.comIn a non-safe environment, this could raise a security issue, but this is not the case. We are passing a temporary authorization token, which will become useless once the pipeline is complete. It will also require additional code to extract this token from the environment or docker internals, that this Action does not have.