mirror of
https://github.com/certbot/certbot.git
synced 2026-06-11 01:30:14 -04:00
81 lines
2.4 KiB
YAML
81 lines
2.4 KiB
YAML
name: Deploy docker images
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
dockerTag:
|
|
required: true
|
|
description: 'tag to assign docker images'
|
|
type: string
|
|
secrets:
|
|
DOCKERHUB_TOKEN:
|
|
required: true
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
env:
|
|
DOCKER_TAG: "${{ inputs.dockerTag }}"
|
|
|
|
jobs:
|
|
# The credentials used in the following jobs are for the shared
|
|
# certbotbot account on Docker Hub.
|
|
# They are located under the certbot organization settings,
|
|
# under Secrets and Variables -> Actions.
|
|
# DOCKERHUB_USERNAME is saved as a variable.
|
|
# DOCKERHUB_TOKEN is a secret, and it is a PAT created by
|
|
# following the instructions at
|
|
# https://docs.docker.com/security/access-tokens/
|
|
# with Read and Write permissions. The access token can be deleted
|
|
# on Docker Hub if these credentials need to be revoked.
|
|
# The password is a PAT following the advice given by
|
|
# https://github.com/docker/login-action?tab=readme-ov-file#docker-hub
|
|
publish_docker_by_arch:
|
|
name: Publish docker by arch
|
|
runs-on:
|
|
- 'ubuntu-24.04'
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
DOCKER_ARCH:
|
|
- arm32v6
|
|
- arm64v8
|
|
- amd64
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v6.0.2
|
|
with:
|
|
persist-credentials: false
|
|
- name: Retrieve Docker images
|
|
uses: actions/download-artifact@v8.0.1
|
|
with:
|
|
name: docker_${{ matrix.DOCKER_ARCH }}
|
|
path: "${{ github.workspace }}"
|
|
- name: Load Docker images
|
|
run: docker load --input ${{ github.workspace }}/images.tar
|
|
shell: bash
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v4.1.0
|
|
with:
|
|
username: "${{ vars.DOCKERHUB_USERNAME }}"
|
|
password: "${{ secrets.DOCKERHUB_TOKEN }}"
|
|
- name: Deploy the Docker images by architecture
|
|
run: tools/docker/deploy_images.sh "$DOCKER_TAG" ${{ matrix.DOCKER_ARCH }}
|
|
shell: bash
|
|
publish_docker_multiarch:
|
|
name: Publish docker multiarch
|
|
needs: publish_docker_by_arch
|
|
runs-on:
|
|
- 'ubuntu-24.04'
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v6.0.2
|
|
with:
|
|
persist-credentials: false
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v4.1.0
|
|
with:
|
|
username: "${{ vars.DOCKERHUB_USERNAME }}"
|
|
password: "${{ secrets.DOCKERHUB_TOKEN }}"
|
|
- name: Deploy the Docker multiarch manifests
|
|
run: tools/docker/deploy_manifests.sh "$DOCKER_TAG" all
|
|
shell: bash
|