Skip to content
name: Build, scan and push minimal development environment container
env:
REGISTRY: ghcr.io
GITHUB_REPOSITORY: airtai/nbdev-mkdocs
IMAGE: ghcr.io/airtai/nbdev-mkdocs
IMAGE_TF: ghcr.io/airtai/nbdev-mkdocs-tensorflow-2.12.0
on:
push:
branches: ["main", "dev", "build-tensorflow-image"]
jobs:
docker_build_deploy:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
defaults:
run:
working-directory: docker
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup trivy
run: |
sudo apt-get install wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy
- name: Run build script
run: ./build_docker.sh
- name: Log in to the Container registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push only if branch name is main or dev
if: github.ref_name == 'main' || github.ref_name == 'dev'
run: |
docker images
echo docker push $IMAGE --all-tags
docker push $IMAGE --all-tags
docker_build_deploy_tensorflow:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
defaults:
run:
working-directory: docker
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup trivy
run: |
sudo apt-get install wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy
- name: Run build script
run: ./build_docker_tensorflow.sh
- name: Log in to the Container registry
uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push only if branch name is main or dev
if: github.ref_name == 'main' || github.ref_name == 'dev'
run: |
docker images
echo docker push --all-tags $IMAGE_TF
docker push --all-tags $IMAGE_TF