Fix Principal in AWS verification bucket policy #2574
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Builds the PhysioNet docker image and runs tests on the `dev` branch and PRs against the `dev` branch. | |
# Publishes the image to DockerHub with `latest` tag when the action runs on the `dev` branch. | |
# Can be triggered manually to build, test and optionally publish any branch with a custom tag. | |
# All published images are also tagged with corresponding git commit sha. | |
# | |
# To run the tests locally in a similar environment to GitHub Actions you can use: | |
# $ docker-compose -f docker/docker-compose.test.yml build | |
# $ docker-compose -f docker/docker-compose.test.yml run --rm test | |
# $ docker-compose -f docker/docker-compose.test.yml down | |
name: Docker / Build, Test and Publish | |
on: | |
push: | |
branches: | |
- dev | |
pull_request: | |
branches: | |
- dev | |
workflow_dispatch: | |
inputs: | |
publish_tag: | |
description: 'publish_tag: if supplied it will also publish the image as physionet/physionet:<publish_tag>' | |
required: false | |
jobs: | |
build: | |
name: Build and Test | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout physionet-build repo | |
uses: actions/checkout@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Build physionet image | |
uses: docker/build-push-action@v2 | |
with: | |
context: . | |
tags: physionet:latest | |
load: true | |
- name: Run tests | |
run: docker-compose -f docker/docker-compose.test.yml run --rm test | |
- name: Stop and remove containers | |
run: docker-compose -f docker/docker-compose.test.yml down | |
- name: Save physionet image | |
if: github.ref == 'refs/heads/dev' || github.event.inputs.publish_tag | |
run: docker save physionet:latest | gzip > /tmp/physionet.tar.gz | |
- name: Upload physionet image | |
if: github.ref == 'refs/heads/dev' || github.event.inputs.publish_tag | |
uses: actions/upload-artifact@v2 | |
with: | |
name: physionet | |
path: /tmp/physionet.tar.gz | |
publish: | |
name: Publish to DockerHub | |
if: github.ref == 'refs/heads/dev' || github.event.inputs.publish_tag | |
environment: dockerhub | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: Download physionet image | |
uses: actions/download-artifact@v2 | |
with: | |
name: physionet | |
path: /tmp | |
- name: Load physionet image | |
run: gunzip -c /tmp/physionet.tar.gz | docker load | |
- name: Login to DockerHub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Tag and push | |
run: | | |
docker tag physionet:latest physionet/physionet:${GITHUB_SHA} | |
docker tag physionet:latest physionet/physionet:${{ github.event.inputs.publish_tag || 'latest' }} | |
docker push physionet/physionet:${GITHUB_SHA} | |
docker push physionet/physionet:${{ github.event.inputs.publish_tag || 'latest' }} |