ci: move docker container creation to an action

.github/actions/download-or-build-container/action.yml

@@ -0,0 +1,109 @@
+# Run a build step in a container or directly on the Actions runner
+name: Download or Build Container
+description: Download a container from the package registry, or build it if it's not found
+
+inputs:
+  container:
+    description: Container name
+    type: string
+    required: true
+  dockerfile:
+    description: Dockerfile
+    type: string
+  base:
+    description: Container base
+    type: string
+  registry:
+    description: Docker registry to read and publish to
+    type: string
+    default: ghcr.io
+  config-path:
+    description: Path to Dockerfiles
+    type: string
+  github_token:
+    description: GitHub Token
+    type: string
+
+runs:
+  using: 'composite'
+  steps:
+  - name: Download container
+    run: |
+      IMAGE_NAME="${{ inputs.container }}"
+      DOCKERFILE_PATH="${{ inputs.dockerfile }}"
+      DOCKER_REGISTRY="${{ inputs.registry }}"
+      DOCKERFILE_ROOT="${{ inputs.config-path }}"
+
+      if [ "${DOCKERFILE_PATH}" = "" ]; then
+        DOCKERFILE_PATH="${DOCKERFILE_ROOT}/${IMAGE_NAME}"
+      else
+        DOCKERFILE_PATH="${DOCKERFILE_ROOT}/${DOCKERFILE_PATH}"
+      fi
+
+      GIT_WORKTREE=$(cd "${GITHUB_ACTION_PATH}" && git rev-parse --show-toplevel)
+      echo "::: git worktree is ${GIT_WORKTREE}"
+      cd "${GIT_WORKTREE}"
+
+      DOCKER_CONTAINER="${GITHUB_REPOSITORY}/${IMAGE_NAME}"
+      DOCKER_REGISTRY_CONTAINER="${DOCKER_REGISTRY}/${DOCKER_CONTAINER}"
+
+      echo "dockerfile=${DOCKERFILE_PATH}" >> $GITHUB_ENV
+      echo "docker-container=${DOCKER_CONTAINER}" >> $GITHUB_ENV
+      echo "docker-registry-container=${DOCKER_REGISTRY_CONTAINER}" >> $GITHUB_ENV
+
+      # Identify the last git commit that touched the Dockerfiles
+      # Use this as a hash to identify the resulting docker containers
+      echo "::: dockerfile path is ${DOCKERFILE_PATH}"
+
+      DOCKER_SHA=$(git log -1 --pretty=format:"%h" -- "${DOCKERFILE_PATH}")
+      echo "docker-sha=${DOCKER_SHA}" >> $GITHUB_ENV
+
+      echo "::: docker sha is ${DOCKER_SHA}"
+
+      DOCKER_REGISTRY_CONTAINER_SHA="${DOCKER_REGISTRY_CONTAINER}:${DOCKER_SHA}"
+
+      echo "docker-registry-container-sha=${DOCKER_REGISTRY_CONTAINER_SHA}" >> $GITHUB_ENV
+      echo "docker-registry-container-latest=${DOCKER_REGISTRY_CONTAINER}:latest" >> $GITHUB_ENV
+
+      echo "::: logging in to ${DOCKER_REGISTRY} as ${GITHUB_ACTOR}"
+
+      exists="true"
+      docker login https://${DOCKER_REGISTRY} -u ${GITHUB_ACTOR} -p ${GITHUB_TOKEN} || exists="false"
+
+      echo "::: pulling ${DOCKER_REGISTRY_CONTAINER_SHA}"
+
+      if [ "${exists}" != "false" ]; then
+        docker pull ${DOCKER_REGISTRY_CONTAINER_SHA} || exists="false"
+      fi
+
+      if [ "${exists}" = "true" ]; then
+        echo "::: docker container exists in registry"
+        echo "docker-container-exists=true" >> $GITHUB_ENV
+      else
+        echo "::: docker container does not exist in registry"
+        echo "docker-container-exists=false" >> $GITHUB_ENV
+      fi
+    shell: bash
+    env:
+      GITHUB_TOKEN: ${{ inputs.github_token }}
+  - name: Create container
+    run: |
+      if [ "${{ inputs.base }}" != "" ]; then
+        BASE_ARG="--build-arg BASE=${{ inputs.base }}"
+      fi
+
+      GIT_WORKTREE=$(cd "${GITHUB_ACTION_PATH}" && git rev-parse --show-toplevel)
+      echo "::: git worktree is ${GIT_WORKTREE}"
+      cd "${GIT_WORKTREE}"
+
+      docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
+      docker tag ${{ env.docker-registry-container-sha }} ${{ env.docker-registry-container-latest }}
+    shell: bash
+    working-directory: source/${{ inputs.config-path }}
+    if: env.docker-container-exists != 'true'
+  - name: Publish container
+    run: |
+      docker push ${{ env.docker-registry-container-sha }}
+      docker push ${{ env.docker-registry-container-latest }}
+    shell: bash
+    if: env.docker-container-exists != 'true' && github.event_name != 'pull_request'

.github/workflows/main.yml

@@ -11,7 +11,7 @@ on:
 
 env:
   docker-registry: ghcr.io
-  docker-config-path: source/ci/docker
+  docker-config-path: ci/docker
 
 permissions:
   contents: write
@@ -214,27 +214,15 @@ jobs:
     - name: Setup QEMU
       run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
       if: matrix.platform.container.qemu == true
-    - name: Download container
-      run: |
-        "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
-      env:
-        DOCKER_REGISTRY: ${{ env.docker-registry }}
-        GITHUB_TOKEN: ${{ secrets.github_token }}
-      working-directory: ${{ env.docker-config-path }}
+    - name: Set up container
+      uses: ./source/.github/actions/download-or-build-container
+      with:
+        registry: ${{ env.docker-registry }}
+        config-path: ${{ env.docker-config-path }}
+        container: ${{ matrix.platform.container.name }}
+        github_token: ${{ secrets.github_token }}
+        dockerfile: ${{ matrix.platform.container.dockerfile }}
       if: matrix.platform.container.name != ''
-    - name: Create container
-      run: |
-        if [ "${{ matrix.container.base }}" != "" ]; then
-          BASE_ARG="--build-arg BASE=${{ matrix.container.base }}"
-        fi
-        docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
-        docker tag ${{ env.docker-registry-container-sha }} ${{ env.docker-registry-container-latest }}
-        if [ "${{ github.event_name }}" != "pull_request" ]; then
-          docker push ${{ env.docker-registry-container-sha }}
-          docker push ${{ env.docker-registry-container-latest }}
-        fi
-      working-directory: ${{ env.docker-config-path }}
-      if: matrix.platform.container.name != '' && env.docker-container-exists != 'true'
     - name: Prepare build
       run: mkdir build
     - name: Build
@@ -287,6 +275,14 @@ jobs:
       with:
         path: source
         fetch-depth: 0
+    - name: Set up container
+      uses: ./source/.github/actions/download-or-build-container
+      with:
+        registry: ${{ env.docker-registry }}
+        config-path: ${{ env.docker-config-path }}
+        container: docurium
+        github_token: ${{ secrets.github_token }}
+        dockerfile: ${{ matrix.platform.container.dockerfile }}
     - name: Generate documentation
       working-directory: source
       run: |

.github/workflows/nightly.yml

@@ -8,7 +8,7 @@ on:
 
 env:
   docker-registry: ghcr.io
-  docker-config-path: source/ci/docker
+  docker-config-path: ci/docker
 
 permissions:
   contents: read
@@ -355,22 +355,15 @@ jobs:
     - name: Setup QEMU
       run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
       if: matrix.platform.container.qemu == true
-    - name: Download container
-      run: |
-        "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
-      env:
-        DOCKER_REGISTRY: ${{ env.docker-registry }}
-        GITHUB_TOKEN: ${{ secrets.github_token }}
-      working-directory: ${{ env.docker-config-path }}
+    - name: Set up container
+      uses: ./source/.github/actions/download-or-build-container
+      with:
+        registry: ${{ env.docker-registry }}
+        config-path: ${{ env.docker-config-path }}
+        container: ${{ matrix.platform.container.name }}
+        github_token: ${{ secrets.github_token }}
+        dockerfile: ${{ matrix.platform.container.dockerfile }}
       if: matrix.platform.container.name != ''
-    - name: Create container
-      run: |
-        if [ "${{ matrix.container.base }}" != "" ]; then
-          BASE_ARG="--build-arg BASE=${{ matrix.container.base }}"
-        fi
-        docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
-      working-directory: ${{ env.docker-config-path }}
-      if: matrix.platform.container.name != '' && env.docker-container-exists != 'true'
     - name: Prepare build
       run: mkdir build
     - name: Build
@@ -420,13 +413,14 @@ jobs:
       with:
         path: source
         fetch-depth: 0
-    - name: Download container
-      run: |
-        "${{ github.workspace }}/source/ci/getcontainer.sh" xenial
-      env:
-        DOCKER_REGISTRY: ${{ env.docker-registry }}
-        GITHUB_TOKEN: ${{ secrets.github_token }}
-      working-directory: ${{ env.docker-config-path }}
+    - name: Set up container
+      uses: ./source/.github/actions/download-or-build-container
+      with:
+        registry: ${{ env.docker-registry }}
+        config-path: ${{ env.docker-config-path }}
+        container: xenial
+        github_token: ${{ secrets.github_token }}
+      if: matrix.platform.container.name != ''
     - name: Run Coverity
       run: source/ci/coverity.sh
       env:

ci/getcontainer.sh

@@ -1,55 +0,0 @@
-#!/bin/bash
-
-set -e
-
-IMAGE_NAME=$1
-DOCKERFILE_PATH=$2
-
-if [ "${IMAGE_NAME}" = "" ]; then
-	echo "usage: $0 image_name [dockerfile]"
-	exit 1
-fi
-
-if [ "${DOCKERFILE_PATH}" = "" ]; then
-	DOCKERFILE_PATH="${IMAGE_NAME}"
-fi
-
-if [ "${DOCKER_REGISTRY}" = "" ]; then
-	echo "DOCKER_REGISTRY environment variable is unset."
-	echo "Not running inside GitHub Actions or misconfigured?"
-	exit 1
-fi
-
-DOCKER_CONTAINER="${GITHUB_REPOSITORY}/${IMAGE_NAME}"
-DOCKER_REGISTRY_CONTAINER="${DOCKER_REGISTRY}/${DOCKER_CONTAINER}"
-
-echo "dockerfile=${DOCKERFILE_PATH}" >> $GITHUB_ENV
-echo "docker-container=${DOCKER_CONTAINER}" >> $GITHUB_ENV
-echo "docker-registry-container=${DOCKER_REGISTRY_CONTAINER}" >> $GITHUB_ENV
-
-# Identify the last git commit that touched the Dockerfiles
-# Use this as a hash to identify the resulting docker containers
-DOCKER_SHA=$(git log -1 --pretty=format:"%h" -- "${DOCKERFILE_PATH}")
-echo "docker-sha=${DOCKER_SHA}" >> $GITHUB_ENV
-
-DOCKER_REGISTRY_CONTAINER_SHA="${DOCKER_REGISTRY_CONTAINER}:${DOCKER_SHA}"
-
-echo "docker-registry-container-sha=${DOCKER_REGISTRY_CONTAINER_SHA}" >> $GITHUB_ENV
-echo "docker-registry-container-latest=${DOCKER_REGISTRY_CONTAINER}:latest" >> $GITHUB_ENV
-
-echo "::: logging in to ${DOCKER_REGISTRY} as ${GITHUB_ACTOR}"
-
-exists="true"
-docker login https://${DOCKER_REGISTRY} -u ${GITHUB_ACTOR} -p ${GITHUB_TOKEN} || exists="false"
-
-echo "::: pulling ${DOCKER_REGISTRY_CONTAINER_SHA}"
-
-if [ "${exists}" != "false" ]; then
-	docker pull ${DOCKER_REGISTRY_CONTAINER_SHA} || exists="false"
-fi
-
-if [ "${exists}" = "true" ]; then
-	echo "docker-container-exists=true" >> $GITHUB_ENV
-else
-	echo "docker-container-exists=false" >> $GITHUB_ENV
-fi