docs(api): Improve examples regarding secrets #757

Workflow file for this run

.github/workflows/docker-build.yml at a986453

	name: Docker Build

	on:
	push:
	branches:
	- main
	tags:
	- "[0-9]+.[0-9]+.[0-9]+"
	workflow_dispatch:

	env:
	REGISTRY: ghcr.io

	jobs:
	build:
	name: Build Docker Image
	runs-on: ubuntu-22.04
	permissions:
	packages: write
	strategy:
	matrix:
	# Define the Docker images to build. The job first builds an image using Docker which is used for the ui and for
	# worker base images. Then the job builds an image using Jib. Both steps are optional, e.g., not all Jib builds
	# need a base image, and the ui build does not need a Jib build.
	#
	# If the image is built with Docker:
	# preparationTask (optional): Gradle task to run before building the image.
	# image: Name of the image, used for the Docker image name.
	# context: Path to the Docker context directory.
	# dockerfile: Path of the Dockerfile to use, relative to context.
	# imageVariant (optional): Variant of the image, used for the Docker image tag.
	# buildArgs (optional): Build arguments to pass to the Docker build.
	#
	# If the image is built with Jib:
	# jibImage: Name of the image built by Jib.
	# task: Gradle task to build the image.
	#
	# Optional properties:
	# freeDiskSpace: Whether to free disk space before building the image.
	docker:
	- jibImage: core
	task: :core:jibDockerBuild
	- jibImage: orchestrator
	task: :orchestrator:jibDockerBuild
	- jibImage: kubernetes-jobmonitor
	task: :transport:kubernetes-jobmonitor:jibDockerBuild
	- jibImage: advisor-worker
	task: :workers:advisor:jibDockerBuild
	- image: analyzer-worker-base-image
	buildArgs: TEMURIN_VERSION=21
	context: workers/analyzer/docker
	dockerfile: Analyzer.Dockerfile
	jibImage: analyzer-worker
	imageVariant: jdk21
	task: :workers:analyzer:jibDockerBuild
	freeDiskSpace: true
	- image: analyzer-worker-base-image
	buildArgs: \|
	TEMURIN_VERSION=11
	ANDROID_CMD_VERSION=9862592
	context: workers/analyzer/docker
	dockerfile: Analyzer.Dockerfile
	jibImage: analyzer-worker
	imageVariant: jdk11
	task: :workers:analyzer:jibDockerBuild
	freeDiskSpace: true
	- image: analyzer-worker-base-image
	context: workers/analyzer/docker
	dockerfile: Analyzer.Dockerfile
	jibImage: analyzer-worker
	imageVariant: jdk17
	task: :workers:analyzer:jibDockerBuild
	freeDiskSpace: true
	- image: config-worker-base-image
	context: workers/config/docker
	dockerfile: Config.Dockerfile
	jibImage: config-worker
	task: :workers:config:jibDockerBuild
	- image: evaluator-worker-base-image
	context: workers/evaluator/docker
	dockerfile: Evaluator.Dockerfile
	jibImage: evaluator-worker
	task: :workers:evaluator:jibDockerBuild
	- image: notifier-worker-base-image
	context: workers/notifier/docker
	dockerfile: Notifier.Dockerfile
	jibImage: notifier-worker
	task: :workers:notifier:jibDockerBuild
	- image: reporter-worker-base-image
	context: workers/reporter/docker
	dockerfile: Reporter.Dockerfile
	jibImage: reporter-worker
	task: :workers:reporter:jibDockerBuild
	- image: scanner-worker-base-image
	context: workers/scanner/docker
	dockerfile: Scanner.Dockerfile
	jibImage: scanner-worker
	task: :workers:scanner:jibDockerBuild
	- preparationTask: :core:generateOpenApiSpec
	image: ui
	context: ui
	dockerfile: docker/UI.Dockerfile

	steps:
	- name: Checkout Repository
	uses: actions/checkout@v4

	- name: Free Disk Space
	if: ${{ matrix.docker.freeDiskSpace }}
	uses: ./.github/actions/free-disk-space

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Setup Gradle
	uses: gradle/actions/setup-gradle@v3
	with:
	gradle-home-cache-cleanup: true

	- name: Get ORT-Server Version
	run: \|
	ORT_SERVER_VERSION=$(./gradlew -q properties --property version \| sed -nr 's/version: (.+)/\1/p')
	echo "ORT_SERVER_VERSION=${ORT_SERVER_VERSION}" >> $GITHUB_ENV

	- name: Run Preparation Task ${{ matrix.docker.preparationTask }}
	if: ${{ matrix.docker.preparationTask != '' }}
	run: ./gradlew ${{ matrix.docker.preparationTask }}

	- name: Compute the tags
	run: \|
	VARIANT=${{ matrix.docker.imageVariant \|\| '' }}
	DOCKER_IMAGE_TAG=${{ env.ORT_SERVER_VERSION }}

	if [[ -n $VARIANT ]]; then
	DOCKER_IMAGE_TAG=$DOCKER_IMAGE_TAG-${{ matrix.docker.imageVariant }}
	fi
	echo "DOCKER_IMAGE_TAG=$DOCKER_IMAGE_TAG" >> $GITHUB_ENV

	- name: Compute Tag Suffix
	id: compute-tag-suffix
	run: \|
	if [[ "${{ matrix.docker.imageVariant }}" == "jdk17" \|\| "${{ matrix.docker.imageVariant }}" == "" ]]; then
	# No suffix.
	echo "::set-output name=suffix::"
	else
	echo "::set-output name=suffix::-${{ matrix.docker.imageVariant }}"
	fi

	- name: Extract Docker Metadata for ${{ matrix.docker.image }} Image
	if: ${{ matrix.docker.dockerfile != '' }}
	id: meta-base
	uses: docker/metadata-action@v5
	with:
	images: ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.image }}
	tags: \|
	type=raw,value=${{ env.DOCKER_IMAGE_TAG }}
	type=ref,event=branch,suffix=${{ steps.compute-tag-suffix.outputs.suffix }}
	type=sha,suffix=${{ steps.compute-tag-suffix.outputs.suffix }}
	type=raw,value=latest,enable=${{github.ref == 'refs/heads/main' && matrix.docker.imageVariant != 'jdk11' && matrix.docker.imageVariant != 'jdk21'}}
	type=raw,value=latest-${{ matrix.docker.imageVariant}},enable=${{github.ref == 'refs/heads/main' && matrix.docker.imageVariant != ''}}

	- name: Build ${{ matrix.docker.image }} Image with '${{ matrix.docker.imageVariant \|\| 'default' }}' variant
	if: ${{ matrix.docker.dockerfile != '' }}
	uses: docker/build-push-action@v5
	with:
	context: ${{ matrix.docker.context }}
	file: ${{ matrix.docker.context }}/${{ matrix.docker.dockerfile }}
	build-args: ${{ matrix.docker.buildArgs }}
	push: true
	tags: ${{ steps.meta-base.outputs.tags }}
	labels: ${{ steps.meta-base.outputs.labels }}
	cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.image }}:cache${{ steps.compute-tag-suffix.outputs.suffix }}
	cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.image }}:cache${{ steps.compute-tag-suffix.outputs.suffix }},mode=max

	- name: Extract Docker Metadata for ${{ matrix.docker.jibImage }} Image
	if: ${{ matrix.docker.task != '' }}
	id: meta
	uses: docker/metadata-action@v5
	with:
	tags: \|
	type=raw,value=${{ env.DOCKER_IMAGE_TAG }}
	type=ref,event=branch,suffix=${{ steps.compute-tag-suffix.outputs.suffix }}
	type=sha,suffix=${{ steps.compute-tag-suffix.outputs.suffix }}
	type=raw,value=latest,enable=${{github.ref == 'refs/heads/main' && matrix.docker.imageVariant != 'jdk11' && matrix.docker.imageVariant != 'jdk21'}}
	type=raw,value=latest-${{ matrix.docker.imageVariant}},enable=${{github.ref == 'refs/heads/main' && matrix.docker.imageVariant != ''}}

	- name: Build ${{ matrix.docker.jibImage }} Image with '${{ matrix.docker.imageVariant \|\| 'default' }}' variant
	if: ${{ matrix.docker.task != '' }}
	run: \|
	./gradlew \
	-PdockerBaseImagePrefix=${{ env.REGISTRY }}/${{ github.repository_owner }}/ \
	-PdockerBaseImageTag=${{ env.DOCKER_IMAGE_TAG }} \
	-PdockerImagePrefix=${{ env.REGISTRY }}/${{ github.repository_owner }}/ \
	-PdockerImageTag=${{ env.DOCKER_IMAGE_TAG }} \
	${{ matrix.docker.task }} \
	-Djib.console=plain \
	-Djib.container.labels="$(echo "${{ steps.meta.outputs.labels }}" \| tr '\n' ',' \| sed 's/,$//')" \
	-Djib.to.tags="$(echo "${{ steps.meta.outputs.tags }}" \| tr '\n' ',' \| sed 's/,$//')"
	docker push ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-server-${{ matrix.docker.jibImage }} --all-tags

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

docs(api): Improve examples regarding secrets #757

Workflow file

docs(api): Improve examples regarding secrets #757

Jobs

Run details

Workflow file for this run