.github/workflows/docker-image.yml

name: Build and Publish Docker Images

on:
  push:
    branches: [ sparse-checkout ]
  pull_request:
    branches: [ sparse-checkout ]
  workflow_dispatch:

env:
  #DOCKERHUB_ORG: orangecloudfoundry
  DOCKERHUB_ORG: elpaasoci

jobs:
  build_and_publish:
    name: build, test and publish
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v3
    -
      name: Login to DockerHub
      uses: docker/login-action@v2
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_PASSWORD }}
    -
      name: Login to GitHub Container Registry
      uses: docker/login-action@v2
      with:
        registry: ghcr.io
        username: ${{ github.repository_owner }}
        password: ${{ secrets.GITHUB_TOKEN }}
        
    - 
      name: build docker images
      run: | # shellcheck disable=SC2086
          echo "Processing $IMAGE"
          docker build -t $IMAGE --build-arg "base_image=paketobuildpacks/run-jammy-base:latest" .
          echo "Processing $IMAGE"
          docker build -t $IMAGE-tests --target tests --build-arg "base_image=paketobuildpacks/run-jammy-base:latest" .
      env:
        IMAGE: git-resource
    -
      name: publish git-resource image
      uses: docker/build-push-action@v4.2.1
      with:
        build-args: |
          base_image=paketobuildpacks/run-jammy-base:latest
        push: true
        tags: |
          ${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
          ${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
          ghcr.io/${{ github.repository }}:latest
          ghcr.io/${{ github.repository }}:${{github.sha}}
      env:
        IMAGE: git-resource

  check_published_images:
    name: check published images
    runs-on: ubuntu-latest
    needs: [ build_and_publish ]
    steps:
      - # Currently we cannot use `docker manifest` without authentication, it results in "unauthorized: access token has insufficient scopes"
        # Also, to save network bandwidth and reduce build time we avoid using `docker pull`
        name: Login to DockerHub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}
      -
        name: check docker public images
        run: |
          echo "Processing $image: checking manifest for $DOCKERHUB_ORG/$IMAGE:$GITHUB_SHA"
          docker manifest inspect $DOCKERHUB_ORG/$IMAGE:$GITHUB_SHA
        env:
          IMAGE: git-resource