Deploy image to docker optionally, as well as GHCR (#97)

To migrate deployment of Production Crawler to CD Azure from Microsoft owned Azure. Changes to workflow app-build-and-deploy Enables the optional docker image publish to Docker Hub, conditional on providing Input docker-hub-username secret DOCKERHUB_TOKEN Without these the action only deploys to ghcr --------- Co-authored-by: E. Lynette Rayle <[email protected]>
clearlydefined · Oct 4, 2024 · 15aec70 · 15aec70
1 parent bfb99d7
commit 15aec70
Show file tree

Hide file tree

Showing 5 changed files with 60 additions and 27 deletions.
diff --git a/.github/workflows/app-build-and-deploy.yml b/.github/workflows/app-build-and-deploy.yml
@@ -23,6 +23,9 @@ on:
       PRODUCTION_DEPLOYERS:
         description: 'Name of the team that defines who can deploy to production - Defined in org action secrets'
         required: true
+      DOCKERHUB_TOKEN: 
+        description: 'Token to be used if publishing image to dockerhub, input.docker-hub-username must also be provided'
+        required: false
 
     inputs:
       deploy-env:
@@ -49,8 +52,11 @@ on:
         description: 'optionally pass in build args to the Docker build command (e.g. "MY_VAR=my_value")'
         required: false
         type: string
+      docker-hub-username:
+        description: 'optionally pass to publish image to docker-hub'
+        required: false
+        type: string
 
-
 jobs:
   determine-trigger:
     name: Determine if this was triggered by a release or workflow_dispatch
@@ -79,7 +85,7 @@ jobs:
         uses: actions/[email protected]
         with:
           repository: 'clearlydefined/operations'
-          ref: 'v3.0.0'
+          ref: 'v3.1.0'
           path: 'operations'
       - name: Get version from package-lock.json
         id: get_version
@@ -101,11 +107,13 @@ jobs:
     secrets:
       DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
       PRODUCTION_DEPLOYERS: ${{ secrets.PRODUCTION_DEPLOYERS }}
+      DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} 
     with:
       deploy-env: ${{ inputs.deploy-env }}
       application-type: ${{ inputs.application-type }}
       application-version: ${{ needs.get-version.outputs.version }}
       build-args: ${{ inputs.docker-build-args }}
+      docker-hub-username: ${{ inputs.docker-hub-username }}
 
   deploy-primary-app-to-azure:
     name: Deploy to primary Azure app

diff --git a/.github/workflows/app-build-docker-image.yml b/.github/workflows/app-build-docker-image.yml
@@ -10,6 +10,10 @@ on:
       PRODUCTION_DEPLOYERS:
         description: 'Name of the team that defines who can deploy to production - Defined in org action secrets'
         required: true
+      DOCKERHUB_TOKEN: 
+        description: 'Token to be used if publishing image to dockerhub, input.docker-hub-username must also be provided'
+        required: false
+
 
     inputs:
       deploy-env:
@@ -28,6 +32,10 @@ on:
         description: 'optionally pass in build args to the Docker build command (e.g. "MY_VAR=my_value")'
         required: false
         type: string
+      docker-hub-username:
+        description: 'optionally pass to publish image to docker-hub'
+        required: false
+        type: string
 
     outputs:
       docker-image-name-with-tag: 
@@ -42,36 +50,52 @@ jobs:
       DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }}
       PRODUCTION_DEPLOYERS: ${{ secrets.PRODUCTION_DEPLOYERS }}
 
-  determine-image-name:
+  build-image-names:
     name: Determine Image Name
     runs-on: ubuntu-latest
-    outputs:
-      docker-image-name-with-tag: "${{ env.DOCKER_IMAGE_NAME_WITH_TAG }}"
+    outputs: 
+      names-with-tags: ${{ env.DOCKER_IMAGE_TAGS }}
     steps:
       - name: Checkout this repo
         uses: actions/[email protected]
         with:
           repository: 'clearlydefined/operations'
-          ref: 'v3.0.0'
+          ref: '3.1.0'
           path: 'operations'
-      - name: Determine Docker Image Name
-        id: determine_image_name
+      - name: Determine Image Name
+        id: determine-image-name
         run: |
           echo "BUILD_ARGS=${{ inputs.build-args }}"
           script_log=$(./operations/scripts/app-workflows/determine-image-name.sh \
-            "${{ github.repository }}" \
+            "${{ github.event.repository.name  }}" \
             "${{ inputs.deploy-env }}" \
             "${{ inputs.application-version }}") || (echo "$script_log" && exit 1)
           echo -e "---- script log\n$script_log\n----"; \
           image_name=$(echo "$script_log" | tail -n 1)
-          echo "DOCKER_IMAGE_NAME_WITH_TAG=$image_name" >> $GITHUB_ENV
+          echo "IMAGE_NAME=$image_name" >> $GITHUB_ENV
+      - name: Add ghcr.io 
+        id: add-ghcr
+        run: |
+          echo "DOCKER_IMAGE_TAGS=ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}" >> $GITHUB_ENV
+      - name: add-dockerhub
+        if: ${{ inputs.docker-hub-username != '' }}
+        id: add-dockerhub
+        run: |
+          echo "DOCKER_IMAGE_TAGS=${{ env.DOCKER_IMAGE_TAGS }},${{ inputs.docker-hub-username }}/${{ env.IMAGE_NAME }}" >> $GITHUB_ENV
+
 
   build-docker-image:
     name: Build Image
     runs-on: ubuntu-latest
-    needs: [check-deployable, determine-image-name]
+    needs: [check-deployable, build-image-names]
     steps:
       - uses: actions/[email protected]
+      - name: Log into Docker Hub
+        if: ${{ inputs.docker-hub-username != '' }}
+        uses: docker/[email protected]
+        with:
+          username: ${{ inputs.docker-hub-username }} 
+          password: ${{ secrets.DOCKERHUB_TOKEN }} 
 
       - name: Log into ghcr registry
         uses: docker/[email protected]
@@ -91,7 +115,8 @@ jobs:
             APP_VERSION=${{ inputs.application-version }}
             BUILD_SHA=${{ github.sha }}
             ${{ inputs.build-args }}
-          tags: ${{ needs.determine-image-name.outputs.docker-image-name-with-tag }}
+          tags: |
+            ${{ needs.build-image-names.outputs.names-with-tags }}
           labels: |
             env=${{ inputs.deploy-env }}
             type=${{ inputs.application-type }}          
diff --git a/.github/workflows/app-is-deployable.yml b/.github/workflows/app-is-deployable.yml
@@ -26,7 +26,7 @@ jobs:
         uses: actions/[email protected]
         with:
           repository: 'clearlydefined/operations'
-          ref: 'v3.0.0'
+          ref: 'v3.1.0'
           path: 'operations'
       - id: confirm-dev
         shell: bash
@@ -47,7 +47,7 @@ jobs:
         uses: actions/[email protected]
         with:
           repository: 'clearlydefined/operations'
-          ref: 'v3.0.0'
+          ref: '3.1.0'
           path: 'operations'
 
       - name: Get organization ID

diff --git a/scripts/app-workflows/determine-image-name.sh b/scripts/app-workflows/determine-image-name.sh
@@ -1,22 +1,22 @@
 #!/bin/bash
 
 # Inputs
-#   $1 - repo: the orgname/reponame where the image will be published (e.g. 'clearlydefined/service')
+#   $1 - repo_name: the reponame where the image will be published (e.g. 'service')
 #   $2 - deploy_env: environment to deploy (i.e. dev | prod) - used as a label for the Docker image
 #   $3 - image-tag: the tag to use for the image (e.g. prod: v1.2.0, dev: v1.2.0+dev:1D3F567890)
 #
 # Outputs
-#   image_name_with_tag: the full image name with tag (e.g. ghcr.io/clearlydefined/service:v1.2.0)
+#   image_name_with_tag: the full image name with tag (e.g. service:v1.2.0, service-dev:v1.2.0+dev:1D3F567890)
 
-repo="$1"
+repo_name="$1"
 deploy_env="$2"
 image_tag="$3"
 
-image_base_name="ghcr.io/$repo" # e.g. ghcr.io/clearlydefined/service
+image_name_with_tag=""
 if [[ "$deploy_env" == 'prod' ]] ; then
-    image_name_with_tag="$image_base_name:$image_tag"
+    image_name_with_tag="$repo_name:$image_tag"
 elif [[ "$deploy_env" == 'dev' ]] ; then
-    image_name_with_tag="$image_base_name-dev:$image_tag"
+    image_name_with_tag="$repo_name-dev:$image_tag"
 else
     echo "ERROR: Invalid deploy environment: $deploy_env. Must be 'dev' or 'prod'"
     exit 1

diff --git a/tests/scripts/app-workflows/test-determine-image-name.bats b/tests/scripts/app-workflows/test-determine-image-name.bats
@@ -3,21 +3,21 @@
 load 'test_helpers'
 
 @test "deploy to dev environment" {
-  run ./scripts/app-workflows/determine-image-name.sh test-org/test-repo dev test-tag
+  run ./scripts/app-workflows/determine-image-name.sh test-repo dev test-tag
   test_value 0 "$status"
-  test_value "determine_image_name -> outputs -> image_name_with_tag: ghcr.io/test-org/test-repo-dev:test-tag" "${lines[0]}"
-  test_value ghcr.io/test-org/test-repo-dev:test-tag "${lines[1]}"
+  test_value "determine_image_name -> outputs -> image_name_with_tag: test-repo-dev:test-tag" "${lines[0]}"
+  test_value test-repo-dev:test-tag "${lines[1]}"
 }
 
 @test "deploy to prod environment" {
-  run ./scripts/app-workflows/determine-image-name.sh test-org/test-repo prod test-tag
+  run ./scripts/app-workflows/determine-image-name.sh test-repo prod test-tag
   test_value 0 "$status"
-  test_value "determine_image_name -> outputs -> image_name_with_tag: ghcr.io/test-org/test-repo:test-tag" "${lines[0]}"
-  test_value ghcr.io/test-org/test-repo:test-tag "${lines[1]}"
+  test_value "determine_image_name -> outputs -> image_name_with_tag: test-repo:test-tag" "${lines[0]}"
+  test_value test-repo:test-tag "${lines[1]}"
 }
 
 @test "invalid deploy environment" {
-  run ./scripts/app-workflows/determine-image-name.sh test-org/test-repo BAD_ENV test-tag
+  run ./scripts/app-workflows/determine-image-name.sh test-repo BAD_ENV test-tag
   test_value 1 "$status"
   test_value "ERROR: Invalid deploy environment: BAD_ENV. Must be 'dev' or 'prod'" "${lines[0]}"
 }