Merge pull request #9711 from DSpace/dependabot/maven/dspace-api/dnsj… #173
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # DSpace Docker image build for hub.docker.com | |
| name: Docker images | |
| # Run this Build for all pushes to 'main' or maintenance branches, or tagged releases. | |
| # Also run for PRs to ensure PR doesn't break Docker build process | |
| # NOTE: uses "reusable-docker-build.yml" to actually build each of the Docker images. | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - 'dspace-**' | |
| tags: | |
| - 'dspace-**' | |
| pull_request: | |
| permissions: | |
| contents: read # to fetch code (actions/checkout) | |
| jobs: | |
| #################################################### | |
| # Build/Push the 'dspace/dspace-dependencies' image. | |
| # This image is used by all other DSpace build jobs. | |
| #################################################### | |
| dspace-dependencies: | |
| # Ensure this job never runs on forked repos. It's only executed for 'dspace/dspace' | |
| if: github.repository == 'dspace/dspace' | |
| uses: ./.github/workflows/reusable-docker-build.yml | |
| with: | |
| build_id: dspace-dependencies | |
| image_name: dspace/dspace-dependencies | |
| dockerfile_path: ./Dockerfile.dependencies | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_ACCESS_TOKEN: ${{ secrets.DOCKER_ACCESS_TOKEN }} | |
| ####################################### | |
| # Build/Push the 'dspace/dspace' image | |
| ####################################### | |
| dspace: | |
| # Ensure this job never runs on forked repos. It's only executed for 'dspace/dspace' | |
| if: github.repository == 'dspace/dspace' | |
| # Must run after 'dspace-dependencies' job above | |
| needs: dspace-dependencies | |
| uses: ./.github/workflows/reusable-docker-build.yml | |
| with: | |
| build_id: dspace-prod | |
| image_name: dspace/dspace | |
| dockerfile_path: ./Dockerfile | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_ACCESS_TOKEN: ${{ secrets.DOCKER_ACCESS_TOKEN }} | |
| # Enable redeploy of sandbox & demo if the branch for this image matches the deployment branch of | |
| # these sites as specified in reusable-docker-build.xml | |
| REDEPLOY_SANDBOX_URL: ${{ secrets.REDEPLOY_SANDBOX_URL }} | |
| REDEPLOY_DEMO_URL: ${{ secrets.REDEPLOY_DEMO_URL }} | |
| ############################################################# | |
| # Build/Push the 'dspace/dspace' image ('-test' tag) | |
| ############################################################# | |
| dspace-test: | |
| # Ensure this job never runs on forked repos. It's only executed for 'dspace/dspace' | |
| if: github.repository == 'dspace/dspace' | |
| # Must run after 'dspace-dependencies' job above | |
| needs: dspace-dependencies | |
| uses: ./.github/workflows/reusable-docker-build.yml | |
| with: | |
| build_id: dspace-test | |
| image_name: dspace/dspace | |
| dockerfile_path: ./Dockerfile.test | |
| # As this is a test/development image, its tags are all suffixed with "-test". Otherwise, it uses the same | |
| # tagging logic as the primary 'dspace/dspace' image above. | |
| tags_flavor: suffix=-test | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_ACCESS_TOKEN: ${{ secrets.DOCKER_ACCESS_TOKEN }} | |
| ########################################### | |
| # Build/Push the 'dspace/dspace-cli' image | |
| ########################################### | |
| dspace-cli: | |
| # Ensure this job never runs on forked repos. It's only executed for 'dspace/dspace' | |
| if: github.repository == 'dspace/dspace' | |
| # Must run after 'dspace-dependencies' job above | |
| needs: dspace-dependencies | |
| uses: ./.github/workflows/reusable-docker-build.yml | |
| with: | |
| build_id: dspace-cli | |
| image_name: dspace/dspace-cli | |
| dockerfile_path: ./Dockerfile.cli | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_ACCESS_TOKEN: ${{ secrets.DOCKER_ACCESS_TOKEN }} | |
| ########################################### | |
| # Build/Push the 'dspace/dspace-solr' image | |
| ########################################### | |
| dspace-solr: | |
| # Ensure this job never runs on forked repos. It's only executed for 'dspace/dspace' | |
| if: github.repository == 'dspace/dspace' | |
| uses: ./.github/workflows/reusable-docker-build.yml | |
| with: | |
| build_id: dspace-solr | |
| image_name: dspace/dspace-solr | |
| dockerfile_path: ./dspace/src/main/docker/dspace-solr/Dockerfile | |
| # Must pass solrconfigs to the Dockerfile so that it can find the required Solr config files | |
| dockerfile_additional_contexts: 'solrconfigs=./dspace/solr/' | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_ACCESS_TOKEN: ${{ secrets.DOCKER_ACCESS_TOKEN }} | |
| # Enable redeploy of sandbox & demo SOLR instance whenever dspace-solr image changes for deployed branch. | |
| # These URLs MUST use different secrets than 'dspace/dspace' image build above as they are deployed separately. | |
| REDEPLOY_SANDBOX_URL: ${{ secrets.REDEPLOY_SANDBOX_SOLR_URL }} | |
| REDEPLOY_DEMO_URL: ${{ secrets.REDEPLOY_DEMO_SOLR_URL }} | |
| ########################################################### | |
| # Build/Push the 'dspace/dspace-postgres-pgcrypto' image | |
| ########################################################### | |
| dspace-postgres-pgcrypto: | |
| # Ensure this job never runs on forked repos. It's only executed for 'dspace/dspace' | |
| if: github.repository == 'dspace/dspace' | |
| uses: ./.github/workflows/reusable-docker-build.yml | |
| with: | |
| build_id: dspace-postgres-pgcrypto-prod | |
| image_name: dspace/dspace-postgres-pgcrypto | |
| # Must build out of subdirectory to have access to install script for pgcrypto. | |
| # NOTE: this context will build the image based on the Dockerfile in the specified directory | |
| dockerfile_context: ./dspace/src/main/docker/dspace-postgres-pgcrypto/ | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_ACCESS_TOKEN: ${{ secrets.DOCKER_ACCESS_TOKEN }} | |
| ######################################################################## | |
| # Build/Push the 'dspace/dspace-postgres-pgcrypto' image (-loadsql tag) | |
| ######################################################################## | |
| dspace-postgres-pgcrypto-loadsql: | |
| # Ensure this job never runs on forked repos. It's only executed for 'dspace/dspace' | |
| if: github.repository == 'dspace/dspace' | |
| uses: ./.github/workflows/reusable-docker-build.yml | |
| with: | |
| build_id: dspace-postgres-pgcrypto-loadsql | |
| image_name: dspace/dspace-postgres-pgcrypto | |
| # Must build out of subdirectory to have access to install script for pgcrypto. | |
| # NOTE: this context will build the image based on the Dockerfile in the specified directory | |
| dockerfile_context: ./dspace/src/main/docker/dspace-postgres-pgcrypto-curl/ | |
| # Suffix all tags with "-loadsql". Otherwise, it uses the same | |
| # tagging logic as the primary 'dspace/dspace-postgres-pgcrypto' image above. | |
| tags_flavor: suffix=-loadsql | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_ACCESS_TOKEN: ${{ secrets.DOCKER_ACCESS_TOKEN }} |