name: ☁️ Build Container # Configures this workflow to run every time a change is pushed to the branch called `release`. on: push: branches: ["main"] release: types: [published] workflow_dispatch: concurrency: group: container-build cancel-in-progress: true permissions: contents: read packages: write # Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} # There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. jobs: submodule: strategy: matrix: repo: [mkdocs-material-insiders, brand] uses: privacyguides/.github/.github/workflows/download-repo.yml@main with: repo: ${{ matrix.repo }} secrets: ACTIONS_SSH_KEY: ${{ secrets.ACTIONS_SSH_KEY }} build-and-push-image: needs: submodule runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 with: fetch-depth: 0 - uses: actions/download-artifact@v4 with: pattern: repo-* path: modules - run: | rm -rf modules/mkdocs-material mv modules/repo-mkdocs-material-insiders modules/mkdocs-material rm -rf theme/assets/brand mv modules/repo-brand theme/assets/brand # Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. - name: Log in to the Container registry uses: docker/login-action@v3.3.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels. - name: Extract metadata (tags, labels) for Docker id: meta uses: docker/metadata-action@v5.5.1 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} tags: | type=ref,event=branch type=ref,event=tag type=ref,event=pr type=sha flavor: | latest=${{ github.event_name == 'release' }} # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages. # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository. # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step. - name: Build and push Docker image uses: docker/build-push-action@v6.7.0 with: context: . push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cleanup: if: ${{ always() }} needs: build-and-push-image uses: privacyguides/.github/.github/workflows/cleanup.yml@main