Builds a Docker image and pushes it to the private registry of your choosing.
If you're experiencing issues, be sure you are using the latest stable release (currently v6).
.yml
file in the /.github
directory of your reposteps:
- uses: actions/checkout@v3
name: Check out code
- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image
with:
image: repo/image
tags: v1, latest
registry: registry-url.io
dockerfile: Dockerfile.ci
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
Name | Description | Required | Type |
---|---|---|---|
image | Docker image name | Yes | String |
tags | Comma separated docker image tags (see Tagging the image with GitOps) | No | List |
addLatest | Adds the latest tag to the GitOps-generated tags |
No | Boolean |
addTimestamp | Suffixes a build timestamp to the branch-based Docker tag | No | Boolean |
registry | Docker registry host | Yes | String |
dockerfile | Location of Dockerfile (defaults to Dockerfile ) |
No | String |
directory | Directory to pass to docker build command, if not project root |
No | String |
buildArgs | Docker build arguments passed via --build-arg |
No | List |
labels | Docker build labels passed via --label |
No | List |
target | Docker build target passed via --target |
No | String |
platform | Docker build platform passed via --platform |
No | String |
username | Docker registry username | No | String |
password | Docker registry password or token | No | String |
githubOrg | GitHub organization to push image to (if not current) | No | String |
enableBuildKit | Enables Docker BuildKit support | No | Boolean |
multiPlatform | Enables Docker buildx support | No | Boolean |
overrideDriver | Disables setting up docker-container driver (if true , alternative docker driver must be set up) |
No | Boolean |
pushImage | Flag for disabling the login & push steps, set to true by default |
No | Boolean |
Name | Description | Format |
---|---|---|
imageFullName | Full name of the Docker image with registry prefix | registry/owner/image |
imageName | Name of the Docker image with owner prefix | owner/image |
tags | Tags for the Docker image | v1,latest |
It is strongly recommended that you store all Docker credentials as GitHub encrypted secrets. Secrets can be referenced in workflow files using the syntax ${{ secrets.SECRET_NAME }}
.
There is a distinction between secrets at the repository, environment and organization level. In general, you should store secrets at the repository or organization level, depending on your security posture. It is only recommended that you utilize environment-level secrets if your Docker credentials differ per environment (dev, staging, etc.).
DOCKER_USERNAME
) and password (DOCKER_PASSWORD
) as secrets in your GitHub repo.github/workflows/*.yml
fileuses: mr-smithers-excellent/docker-build-push@v6
with:
image: docker-hub-repo/image-name
registry: docker.io
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
.json
file as a secret called DOCKER_PASSWORD
in your GitHub repo.github/workflows/*.yml
file_json_key
uses: mr-smithers-excellent/docker-build-push@v6
with:
image: gcp-project/image-name
registry: gcr.io
username: _json_key
password: ${{ secrets.DOCKER_PASSWORD }}
AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
as secrets in your GitHub repoaws ecr create-repository
before pushing.github/workflows/*.yml
fileuses: mr-smithers-excellent/docker-build-push@v6
with:
image: image-name
registry: [aws-account-number].dkr.ecr.[region].amazonaws.com
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
githubOrg
ghcr.io/OWNER/IMAGE_NAME
formatdocker.pkg.github.com/OWNER/REPOSITORY/IMAGE_NAME
format${{ github.actor }}
or an alternate username for Docker login (with associated token below)uses: mr-smithers-excellent/docker-build-push@v6
with:
image: image-name
registry: ghcr.io
githubOrg: override-org # optional
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}
uses: mr-smithers-excellent/docker-build-push@v6
with:
image: github-repo/image-name
registry: docker.pkg.github.com
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
By default, if you do not pass a tags
input this action will use an algorithm based on the state of your git repo to determine the Docker image tag(s). This is designed to enable developers to more easily use GitOps in their CI/CD pipelines. Below is a table detailing how the GitHub trigger (branch or tag) determines the Docker tag(s).
Trigger | Commit SHA | addLatest | addTimestamp | Docker Tag(s) |
---|---|---|---|---|
/refs/tags/v1.0 | N/A | false | N/A | v1.0 |
/refs/tags/v1.0 | N/A | true | N/A | v1.0,latest |
/refs/heads/dev | 1234567 | false | true | dev-1234567-2021-09-01.195027 |
/refs/heads/dev | 1234567 | true | false | dev-1234567,latest |
/refs/heads/main | 1234567 | false | true | main-1234567-2021-09-01.195027 |
/refs/heads/main | 1234567 | true | false | main-1234567,latest |
/refs/heads/SOME-feature | 1234567 | false | true | some-feature-1234567-2021-09-01.195027 |
/refs/heads/SOME-feature | 1234567 | true | false | some-feature-1234567,latest |
Enables Docker BuildKit
steps:
- uses: actions/checkout@v3
name: Check out code
- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image
with:
image: repo/image
registry: docker.io
enableBuildKit: true
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
Enables multi-platform builds with the default docker-container driver
steps:
- uses: actions/checkout@v3
name: Check out code
- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image
with:
image: repo/image
registry: docker.io
multiPlatform: true
platform: linux/amd64,linux/arm64,linux/arm/v7
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
Enables multi-platform builds with custom driver
steps:
- uses: actions/checkout@v3
name: Check out code
# Required when overrideDriver is set to true
- uses: docker/setup-buildx-action@v2
name: Customize Docker driver
with:
driver-opts: image=moby/buildkit:v0.11.0
- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image
with:
image: repo/image
registry: docker.io
multiPlatform: true
platform: linux/amd64,linux/arm64,linux/arm/v7
overrideDriver: true
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}