Publish Production Docker Image #8

Workflow file for this run

.github/workflows/publish-prod-docker.yml at 6793fb5

	name: Publish Production Docker Image

	on:
	workflow_dispatch:
	inputs:
	branch_name:
	description: "Branch to build from (must be main). Used if no git_tag or commit_hash is provided."
	required: false
	type: string
	default: "main"
	commit_hash:
	description: "Specific commit SHA to build (optional). Overrides branch_name for checkout if provided. git_tag takes precedence over this."
	required: false
	type: string
	git_tag:
	description: "Specific Git tag to build (e.g., v1.6.0). Overrides commit_hash and branch_name for checkout."
	required: false
	type: string
	tag_latest:
	description: "Automatically tag the image with 'latest' tag in addition to the primary tag."
	required: false
	type: boolean
	default: false

	jobs:
	publish-prod-build:
	name: Publish production docker image to dockerhub
	runs-on: "ubuntu-latest"
	steps:
	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Checkout code
	id: checkout_code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	ref: ${{ github.event.inputs.git_tag && format('refs/tags/{0}', github.event.inputs.git_tag) \|\| github.event.inputs.commit_hash \|\| github.event.inputs.branch_name }}

	- name: Determine Tags and Build Args
	id: vars
	run: \|
	SHORT_SHA=$(git rev-parse --short HEAD)
	PRIMARY_DOCKER_TAG=""
	BRANCH_FOR_CONTEXT=""
	RELEASE_TAG_ARG=""

	if [[ -z "${{ github.event.inputs.git_tag }}" && -z "${{ github.event.inputs.commit_hash }}" ]]; then
	if [[ "${{ github.event.inputs.branch_name }}" != "main" ]]; then
	echo "Error: Production builds without a git_tag or commit_hash must be from the main branch."
	exit 1
	fi
	fi

	if [[ -n "${{ github.event.inputs.git_tag }}" ]]; then
	echo "Source: Git Tag (${{ github.event.inputs.git_tag }})"
	PRIMARY_DOCKER_TAG="${{ github.event.inputs.git_tag }}"
	RELEASE_TAG_ARG="${{ github.event.inputs.git_tag }}"
	# BRANCH_FOR_CONTEXT remains empty for git_tag builds to ensure no short SHA tag is added by meta
	elif [[ -n "${{ github.event.inputs.commit_hash }}" ]]; then
	echo "Source: Commit SHA (${{ github.event.inputs.commit_hash }})"
	RAW_BRANCH_CTX="${{ github.event.inputs.branch_name }}" # Should be main for prod if specified with commit
	SANITIZED_BRANCH_CTX=$(echo "$RAW_BRANCH_CTX" \| sed 's\|/\|-\|g' \| tr -cs 'a-zA-Z0-9.-_' '-' \| sed 's/--\+/-/g' \| sed 's/^-//;s/-$//')
	if [[ -n "$SANITIZED_BRANCH_CTX" ]]; then
	PRIMARY_DOCKER_TAG="$SANITIZED_BRANCH_CTX-$SHORT_SHA"
	BRANCH_FOR_CONTEXT="$SANITIZED_BRANCH_CTX"
	RELEASE_TAG_ARG="$SANITIZED_BRANCH_CTX-$SHORT_SHA"
	else
	# This case should ideally not be hit if branch validation is effective
	PRIMARY_DOCKER_TAG="$SHORT_SHA"
	RELEASE_TAG_ARG="$SHORT_SHA"
	fi
	else
	# Source: Branch Name (no git_tag, no commit_hash, must be 'main' due to earlier check)
	RAW_BRANCH_NAME="${{ github.event.inputs.branch_name }}"
	echo "Source: Branch ($RAW_BRANCH_NAME)"
	SANITIZED_BRANCH_NAME=$(echo "$RAW_BRANCH_NAME" \| sed 's\|/\|-\|g' \| tr -cs 'a-zA-Z0-9.-_' '-' \| sed 's/--\+/-/g' \| sed 's/^-//;s/-$//')
	PRIMARY_DOCKER_TAG="$SANITIZED_BRANCH_NAME-$SHORT_SHA"
	BRANCH_FOR_CONTEXT="$SANITIZED_BRANCH_NAME"
	RELEASE_TAG_ARG="$SANITIZED_BRANCH_NAME-$SHORT_SHA"
	fi

	echo "PRIMARY_DOCKER_TAG=${PRIMARY_DOCKER_TAG}" >> $GITHUB_OUTPUT
	echo "SHORT_SHA=${SHORT_SHA}" >> $GITHUB_OUTPUT
	echo "BRANCH_FOR_CONTEXT=${BRANCH_FOR_CONTEXT}" >> $GITHUB_OUTPUT
	echo "RELEASE_TAG_ARG=${RELEASE_TAG_ARG}" >> $GITHUB_OUTPUT

	echo "Checked out commit short SHA: $SHORT_SHA"
	echo "Primary Docker tag will be: $PRIMARY_DOCKER_TAG"
	echo "Branch context for tagging (if any): $BRANCH_FOR_CONTEXT"
	echo "RELEASE_TAG build argument will be: $RELEASE_TAG_ARG"
	shell: bash

	- name: Print Determined Tags and Args
	run: \|
	echo "---- Debug: Values from vars step (Production Workflow) ----"
	echo "Primary Docker Tag: ${{ steps.vars.outputs.PRIMARY_DOCKER_TAG }}"
	echo "Short SHA: ${{ steps.vars.outputs.SHORT_SHA }}"
	echo "Branch for Context: ${{ steps.vars.outputs.BRANCH_FOR_CONTEXT }}"
	echo "Release Tag Arg for Build: ${{ steps.vars.outputs.RELEASE_TAG_ARG }}"
	echo "Tag Latest: ${{ inputs.tag_latest }}"
	if [[ "${{ inputs.tag_latest }}" == "true" ]]; then
	echo "✅ Latest tag will be applied: avaprotocol/ap-avs:latest"
	else
	echo "❌ Latest tag will NOT be applied (default production behavior)"
	fi
	echo "---- End Debug ----"
	shell: bash

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	with:
	platforms: "linux/arm64"

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	with:
	platforms: linux/amd64,linux/arm64

	- name: Docker meta
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: avaprotocol/ap-avs # Production image name
	tags: \|
	# Primary tag (e.g., v1.6.0 or main-<sha>)
	type=raw,value=${{ steps.vars.outputs.PRIMARY_DOCKER_TAG }}

	# Conditionally add latest tag based on input
	${{ inputs.tag_latest && 'type=raw,value=latest' \|\| '# Latest tag disabled' }}

	- name: Build and push production docker image
	uses: docker/build-push-action@v6
	with:
	build-args: \|
	RELEASE_TAG=${{ steps.vars.outputs.RELEASE_TAG_ARG }}
	COMMIT_SHA=${{ steps.vars.outputs.SHORT_SHA }}
	platforms: linux/amd64,linux/arm64
	context: .
	file: dockerfiles/operator.Dockerfile # Assuming prod also uses operator.Dockerfile
	push: true
	tags: ${{ steps.meta.outputs.tags }}
	labels: ${{ steps.meta.outputs.labels }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Publish Production Docker Image #8

Workflow file

Publish Production Docker Image #8

Uh oh!

Jobs

Run details

Workflow file for this run