Build the docker image, with or without cache and push to the Github container registry. If the package does not exist yet, it will create it and configure permissions and visibility automatically. For more information, read the Github documentation.
It creates 2 tags:
If caching is enabled via reuse-cache, the caching used depends on the setting of max-cache
max-cache=true is preferred for multi-stage builds.
Note that the cache hit ratio for a workflow running build can be seen on the workflow summary page.
Optionally (recommended) scan the image for vulnerabilities using Snyk.
A service that uses this action with reuse-cache = true, should also have a cache refresh workflow that has reuse-cache = false that runs weekly and on-demand. This is required to refresh the underlying cache so it picks up any underlying image changes.
github-token: Default Github token retrieved via secrets. GITHUB_TOKEN or PAT with permission to the repository (Required)snyk-token: Snyk token for image vulnerability scanning (Default = none)reuse-cache: Use previously built docker image layers to improve build time. Set to false to refresh image (Default = true)dockerfile-path: Relative path to the Dockerfile (Default = ./Dockerfile)context: Path used as file context for Docker. If not set, the git repository is cloned using the same git reference as the workflow and used as context.target: The target stage to build of a multi-stage builddocker-repository: Repository name in the container registry. e.g. ghcr.io/dfe-digital/register-trainee-teachers. Defaults to current Github repository name.max-cache: Set to true to use maximum cache level when reuse-cache is set. Defaults to minimum (false)tag: Tag uniquely generated for this build (Currently long commit SHA)image: Reference to the built image suitable for use by Kubernetes (the docker repository combined with the tag)- name: Build and push docker image
uses: DFE-Digital/github-actions/build-docker-image@master
with:
github-token: $