Improve registry workflow

Signed-off-by: Arthur Diniz <[email protected]>

.github/workflows/lint.yml

@@ -14,7 +14,9 @@ jobs:
     - uses: actions/checkout@master
 
     - name: hadolint
-      uses: burdzwastaken/hadolint-action@master
+      uses: hadolint/hadolint-action@v1.5.0
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        HADOLINT_ACTION_DOCKERFILE_FOLDER: .
+        HADOLINT_ACTION_DOCKERFILE_FOLDER: .
+      with:
+        ignore: 'DL3018'

.github/workflows/registry.yml

@@ -1,14 +1,34 @@
-name: Publish Docker image
+name: Build and Push Docker image
 
 on:
   push:
     tags:
       - '*'
 
 jobs:
-  push_to_ecr:
-    name: Push Docker image to ECR
+  build:
+    name: Build
     runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Build and export
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          tags: dnxsolutions/ecs-deploy:latest
+          outputs: type=docker,dest=/tmp/ecs-deploy.tar
+      - name: Upload artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: ecs-deploy
+          path: /tmp/ecs-deploy.tar
+  ecr:
+    name: Push to ECR
+    runs-on: ubuntu-latest
+    needs: build
     container: dnxsolutions/aws:2.1.6-dnx1
     steps:
       - name: Check out the repo
@@ -22,15 +42,87 @@ jobs:
       - name: Get the tag
         id: get_tag
         run: echo ::set-output name=tag::${GITHUB_REF#refs/tags/}
-      - name: Build, tag, and push image to Amazon public ECR
+      - name: Download docker artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: ecs-deploy
+          path: /tmp
+      - name: Load, tag, and push image
         env:
           ECR_REGISTRY: public.ecr.aws
-          ECR_REPOSITORY: v9i6s3d6/ecs-deploy
+          ECR_REPOSITORY: dnxsolutions/ecs-deploy
           IMAGE_TAG: ${{ steps.get_tag.outputs.tag }}
         run: |
           apk add docker
           aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
-          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
+          docker load --input /tmp/ecs-deploy.tar
+          docker image ls -a
+          docker tag $ECR_REPOSITORY:latest $ECR_REGISTRY/$ECR_REPOSITORY:latest
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
+          docker tag $ECR_REPOSITORY:latest $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
           docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-          docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:latest
-          docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
+
+  docker-hub:
+    name: Push to Docker Hub
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DNX_DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DNX_DOCKERHUB_TOKEN }}
+      - name: Get the tag
+        id: get_tag
+        run: echo ::set-output name=tag::${GITHUB_REF#refs/tags/}
+      - name: Download artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: ecs-deploy
+          path: /tmp
+      - name: Load, tag, and push image
+        env:
+          DOCKERHUB_REPOSITORY: dnxsolutions/ecs-deploy
+          IMAGE_TAG: ${{ steps.get_tag.outputs.tag }}
+        run: |
+          docker load --input /tmp/ecs-deploy.tar
+          docker image ls -a
+          docker push $DOCKERHUB_REPOSITORY:latest
+          docker tag $DOCKERHUB_REPOSITORY:latest $DOCKERHUB_REPOSITORY:$IMAGE_TAG
+          docker push $DOCKERHUB_REPOSITORY:$IMAGE_TAG
+
+  ghcr:
+    name: Push to GitHub Registry
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Get the tag
+        id: get_tag
+        run: echo ::set-output name=tag::${GITHUB_REF#refs/tags/}
+      - name: Download artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: ecs-deploy
+          path: /tmp
+      - name: Load, tag, and push image
+        env:
+          BASE_REPOSITORY: dnxsolutions/ecs-deploy
+          GHCR_REPOSITORY: ghcr.io/dnxlabs/ecs-deploy
+          IMAGE_TAG: ${{ steps.get_tag.outputs.tag }}
+        run: |
+          docker load --input /tmp/ecs-deploy.tar
+          docker image ls -a
+          docker tag $BASE_REPOSITORY:latest $GHCR_REPOSITORY:latest
+          docker push $GHCR_REPOSITORY:latest
+          docker tag $GHCR_REPOSITORY:latest $GHCR_REPOSITORY:$IMAGE_TAG
+          docker push $GHCR_REPOSITORY:$IMAGE_TAG

Dockerfile

@@ -1,9 +1,9 @@
 FROM dnxsolutions/aws:2.1.9-dnx1
 
-COPY src .
+WORKDIR /work
 
-RUN chmod +x *.sh *.py
+COPY src .
 
 ENTRYPOINT [ "/bin/bash", "-c" ]
 
-CMD [ "/work/deploy.sh" ]
+CMD [ "/work/deploy.sh" ]

Makefile

@@ -0,0 +1,10 @@
+IMAGE_NAME ?= dnxsolutions/ecs-deploy:latest
+
+build:
+	docker build -t $(IMAGE_NAME) .
+
+shell:
+	docker run --rm -it --entrypoint=/bin/bash -v ~/.aws:/root/.aws -v $(PWD):/opt/app $(IMAGE_NAME)
+
+lint:
+	docker run --rm -i -v $(PWD)/hadolint.yaml:/.config/hadolint.yaml hadolint/hadolint < Dockerfile

hadolint.yaml

@@ -0,0 +1,2 @@
+ignored:
+  - DL3018