-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Github action to publish to ACR (#194)
- Loading branch information
1 parent
dad750f
commit 8eae0e9
Showing
1 changed file
with
75 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| # This Github Action will build and publish images to Azure Container Registry(ACR), from where the published images will be | ||
| # automatically pushed to the trusted registry, Microsoft Container Registry(MCR). | ||
|
|
||
| name: Building and Pushing to MCR | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| releaseTag: | ||
| description: 'Release tag to publish images, defaults to the latest one' | ||
| type: string | ||
|
|
||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
|
|
||
| env: | ||
| # `public` indicates images to MCR wil be publicly available, and will be removed in the final MCR images | ||
| REGISTRY_REPO: public/aks/fleet | ||
|
|
||
| jobs: | ||
| prepare-variables: | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| release_tag: ${{ steps.vars.outputs.release_tag }} | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: 'Set output variables' | ||
| id: vars | ||
| run: | | ||
| # set the image version | ||
| RELEASE_TAG=${{ inputs.releaseTag }} | ||
| if [ -z "$RELEASE_TAG" ]; then | ||
| RELEASE_TAG=`git describe --tags $(git rev-list --tags --max-count=1)` | ||
| echo "The user input release tag is empty, will use the latest tag $RELEASE_TAG." | ||
| fi | ||
| echo "::set-output name=release_tag::$RELEASE_TAG" | ||
| # NOTE: As exporting a variable from a secret is not possible, the shared variable registry obtained | ||
| # from AZURE_REGISTRY secret is not exported from here. | ||
| publish-images: | ||
| runs-on: ubuntu-latest | ||
| needs: prepare-variables | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| with: | ||
| ref: ${{ needs.prepare-variables.outputs.release_tag }} | ||
| - name: 'OIDC Login to Azure Public Cloud' | ||
| uses: azure/login@v1 | ||
| with: | ||
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | ||
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | ||
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | ||
| - name: 'Login the ACR' | ||
| run: az acr login -n ${{ secrets.AZURE_REGISTRY }} | ||
| - name: Build and publish hub-agent | ||
| run: | | ||
| make docker-build-hub-agent | ||
| env: | ||
| HUB_AGENT_IMAGE_VERSION: ${{ needs.prepare-variables.outputs.release_tag }} | ||
| REGISTRY: ${{ secrets.AZURE_REGISTRY }}/${{ env.REGISTRY_REPO}} | ||
| - name: Build and publish member-agent | ||
| run: | | ||
| make docker-build-member-agent | ||
| env: | ||
| MEMBER_AGENT_IMAGE_VERSION: ${{ needs.prepare-variables.outputs.release_tag }} | ||
| REGISTRY: ${{ secrets.AZURE_REGISTRY }}/${{ env.REGISTRY_REPO}} | ||
| - name: Build and publish refresh-token | ||
| run: | | ||
| make docker-build-refresh-token | ||
| env: | ||
| REFRESH_TOKEN_IMAGE_VERSION: ${{ needs.prepare-variables.outputs.release_tag }} | ||
| REGISTRY: ${{ secrets.AZURE_REGISTRY }}/${{ env.REGISTRY_REPO}} |