push-docker.yml
1 name: Push Docker Image (Manual Dispatch) 2 3 on: 4 workflow_dispatch: 5 inputs: 6 ref-to-checkout: 7 description: "The ref to checkout" 8 required: true 9 type: string 10 default: "main" 11 version: 12 description: "The version tag for the Docker image (e.g., 1.0.0). If not provided, it will attempt to use the latest git tag." 13 required: false 14 type: string 15 default: "" 16 17 destination: 18 description: "The destination to push the Docker image to" 19 required: false 20 type: choice 21 default: "ECR" 22 options: 23 - ECR 24 - DockerHub 25 push_latest: 26 description: 'Whether to also tag and push as "latest"' 27 required: false 28 type: boolean 29 default: false 30 update_manifest: 31 description: "Whether to update the image manifest" 32 required: false 33 type: boolean 34 default: false 35 36 permissions: 37 contents: read 38 id-token: write 39 40 jobs: 41 build_and_push: 42 runs-on: ubuntu-latest 43 steps: 44 - name: Checkout repository 45 uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 46 with: 47 fetch-depth: 0 48 fetch-tags: true 49 ref: ${{ github.event.inputs.ref-to-checkout }} 50 51 - name: Get Commit Hash 52 id: get_commit_hash 53 run: | 54 echo "commit_hash=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT 55 echo "short_sha=${GITHUB_SHA:0:10}" >> $GITHUB_OUTPUT 56 57 - name: Get Version from hatch 58 id: get_version 59 run: | 60 python3 -m pip install hatch virtualenv==20.26.6 61 echo "version=$(hatch version)" >> $GITHUB_OUTPUT 62 echo "Found version: $(hatch version)" 63 64 - name: Push to DockerHub 65 if: github.event.inputs.destination == 'DockerHub' 66 uses: ./.github/actions/push-docker 67 with: 68 version_tag: ${{ steps.get_version.outputs.version }} 69 push_latest: ${{ github.event.inputs.push_latest }} 70 docker_username: ${{ secrets.DOCKER_USERNAME }} 71 docker_password: ${{ secrets.DOCKER_PASSWORD }} 72 73 - name: Setup Qemu 74 if: github.event.inputs.destination == 'ECR' 75 uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 76 77 - name: Setup Docker Buildx 78 if: github.event.inputs.destination == 'ECR' 79 uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0 80 81 - name: Configure AWS credentials 82 if: github.event.inputs.destination == 'ECR' 83 uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1 84 with: 85 aws-access-key-id: ${{ secrets.SAM_AWS_ACCESS_KEY_ID }} 86 aws-secret-access-key: ${{ secrets.SAM_AWS_SECRET_ACCESS_KEY }} 87 aws-region: ${{ secrets.AWS_DEFAULT_REGION }} 88 89 - name: Login to Amazon ECR 90 if: github.event.inputs.destination == 'ECR' 91 id: login-ecr 92 uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1 93 94 - name: Create ECR Tags 95 if: github.event.inputs.destination == 'ECR' 96 id: ecr_tags 97 shell: bash 98 run: | 99 registry="${{ github.event.inputs.destination == 'ECR' && secrets.SAM_AWS_ECR_REGISTRY || 'solace' }}" 100 version="${{ steps.get_version.outputs.version }}" 101 short_sha="${{ steps.get_commit_hash.outputs.short_sha }}" 102 ref_name="${{ github.event.inputs.ref-to-checkout }}" 103 104 # Create tags array 105 tags="${registry}/solace-agent-mesh:${version}" 106 tags="${tags},${registry}/solace-agent-mesh:${version}-${short_sha}" 107 tags="${tags},${registry}/solace-agent-mesh:${ref_name}" 108 tags="${tags},${registry}/solace-agent-mesh:${ref_name}-${short_sha}" 109 110 if [[ "${{ github.event.inputs.push_latest }}" == "true" ]]; then 111 tags="${tags},${registry}/solace-agent-mesh:latest" 112 fi 113 114 echo "tags=${tags}" >> $GITHUB_OUTPUT 115 echo "Created ECR tags: ${tags}" 116 117 - name: Build and Push to ECR 118 if: github.event.inputs.destination == 'ECR' 119 uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0 120 with: 121 context: . 122 file: Dockerfile 123 platforms: linux/amd64,linux/arm64 124 tags: ${{ steps.ecr_tags.outputs.tags }} 125 push: true 126 cache-from: type=gha 127 cache-to: type=gha 128 129 - name: Update Release Manifest 130 if: github.event.inputs.destination == 'ECR' && github.event.inputs.update_manifest == 'true' 131 env: 132 AWS_ACCESS_KEY_ID: ${{ secrets.SAM_AWS_ACCESS_KEY_ID }} 133 AWS_SECRET_ACCESS_KEY: ${{ secrets.SAM_AWS_SECRET_ACCESS_KEY }} 134 AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} 135 run: | 136 # Set release manifest variables 137 export release_version="${{ steps.get_version.outputs.version }}-${{ steps.get_commit_hash.outputs.short_sha }}" 138 export version="${{ steps.get_version.outputs.version }}" 139 export image_tag="${{ steps.get_version.outputs.version }}-${{ steps.get_commit_hash.outputs.short_sha }}" 140 export chart_version="n/a" 141 export sha="${{ steps.get_commit_hash.outputs.commit_hash }}" 142 export squad="ai" 143 export repository="solace-agent-mesh" 144 export release_tag="${{ github.event.inputs.ref-to-checkout }}" 145 146 # Update DynamoDB manifest 147 aws dynamodb update-item \ 148 --table-name solace-cloud-manifest \ 149 --key "{\"squad\":{\"S\":\"${squad}\"},\"repository\": {\"S\": \"${repository}\"} }"\ 150 --update-expression "SET dev = :r" \ 151 --expression-attribute-values \ 152 """{\":r\": 153 {\"M\": 154 { 155 \"version\":{\"S\":\"${version}\"}, 156 \"image_tag\":{\"S\":\"${image_tag}\"}, 157 \"chart_version\": {\"S\": \"${chart_version}\"}, 158 \"sha\": {\"S\": \"${sha}\"}, 159 \"release_version\": {\"S\": \"${release_version}\"} 160 } 161 } 162 }"""