|
|
|
@ -36,6 +36,7 @@ $ date +%s
|
|
|
|
|
Alternatively, you can use a serial number as part of the tag. Some CI platforms will provide a
|
|
|
|
|
build number in an environment variable, but that may not be reliable to use as a serial number --
|
|
|
|
|
check the platform documentation.
|
|
|
|
|
For example, Github makes availabe the variable `github.run_number` which can be used as a reliable ever increasing serial number.
|
|
|
|
|
|
|
|
|
|
A commit count can be a reasonable stand-in for a serial number, if you build an image per commit
|
|
|
|
|
and you don't rewrite the branch in question:
|
|
|
|
@ -105,6 +106,39 @@ jobs:
|
|
|
|
|
${{ env.IMAGE }}:${{ steps.prep.outputs.BUILD_ID }}
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
### Alternative example utilizing github.run_number
|
|
|
|
|
|
|
|
|
|
Here is another example example of a [GitHub Actions job][gha-syntax] which tags images using Github action's built in `run_number`
|
|
|
|
|
and the git SHA1:
|
|
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
|
jobs:
|
|
|
|
|
build-push:
|
|
|
|
|
env:
|
|
|
|
|
IMAGE: org/my-app
|
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
|
steps:
|
|
|
|
|
# These are prerequisites for the docker build step
|
|
|
|
|
- name: Set up QEMU
|
|
|
|
|
uses: docker/setup-qemu-action@v1
|
|
|
|
|
- name: Set up Docker Buildx
|
|
|
|
|
uses: docker/setup-buildx-action@v1
|
|
|
|
|
- name: Login to DockerHub
|
|
|
|
|
uses: docker/login-action@v1
|
|
|
|
|
with:
|
|
|
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
|
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
|
|
|
|
|
|
- name: Build and publish container image with tag
|
|
|
|
|
uses: docker/build-push-action@v2
|
|
|
|
|
with:
|
|
|
|
|
push: true
|
|
|
|
|
context: .
|
|
|
|
|
file: ./Dockerfile
|
|
|
|
|
tags: |
|
|
|
|
|
${{ env.IMAGE }}:${{ github.sha }}-${{ github.run_number }}
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Using in an `ImagePolicy` object
|
|
|
|
|
|
|
|
|
|
When creating an `ImagePolicy` object, you will need to extract just the timestamp part of the tag,
|
|
|
|
@ -112,7 +146,7 @@ using the `tagFilter` field. You can filter for a particular branch to restrict
|
|
|
|
|
built from that branch.
|
|
|
|
|
|
|
|
|
|
Here is an example that filters for only images built from `main` branch, and selects the most
|
|
|
|
|
recent according the timestamp (created with `date +%s`):
|
|
|
|
|
recent according to a timestamp (created with `date +%s`) or according to the run number (`github.run_number` for example):
|
|
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
|
apiVersion: image.toolkit.fluxcd.io/v1alpha2
|
|
|
|
@ -124,6 +158,7 @@ spec:
|
|
|
|
|
imageRepositoryRef:
|
|
|
|
|
name: image-repo
|
|
|
|
|
filterTags:
|
|
|
|
|
## use "pattern: '(?P<ts>.*)-.+'" if you copied the workflow example using github.run_number
|
|
|
|
|
pattern: '^main-[a-f0-9]+-(?P<ts>[0-9]+)'
|
|
|
|
|
extract: '$ts'
|
|
|
|
|
policy:
|
|
|
|
|