2020-08-20 03:46:12 +08:00
[![GitHub release ](https://img.shields.io/github/release/docker/build-push-action.svg?style=flat-square )](https://github.com/docker/build-push-action/releases/latest)
2020-09-09 06:03:42 +08:00
[![GitHub marketplace ](https://img.shields.io/badge/marketplace-build--and--push--docker--images-blue?logo=github&style=flat-square )](https://github.com/marketplace/actions/build-and-push-docker-images)
2020-08-20 03:46:12 +08:00
[![CI workflow ](https://img.shields.io/github/workflow/status/docker/build-push-action/ci?label=ci&logo=github&style=flat-square )](https://github.com/docker/build-push-action/actions?workflow=ci)
[![Test workflow ](https://img.shields.io/github/workflow/status/docker/build-push-action/test?label=test&logo=github&style=flat-square )](https://github.com/docker/build-push-action/actions?workflow=test)
2020-09-09 05:34:53 +08:00
[![Codecov ](https://img.shields.io/codecov/c/github/docker/build-push-action?logo=codecov&style=flat-square )](https://codecov.io/gh/docker/build-push-action)
2020-08-20 03:46:12 +08:00
2020-08-16 06:36:41 +08:00
## About
2020-03-06 00:28:11 +08:00
2020-09-02 16:07:11 +08:00
GitHub Action to build and push Docker images with [Buildx ](https://github.com/docker/buildx ).
2020-03-16 23:13:04 +08:00
2020-08-29 22:10:05 +08:00
> :bulb: See also:
> * [login](https://github.com/docker/login-action) action
> * [setup-buildx](https://github.com/docker/setup-buildx-action) action
> * [setup-qemu](https://github.com/docker/setup-qemu-action) action
2020-08-20 03:35:36 +08:00
2020-08-20 03:46:12 +08:00
![Screenshot ](.github/build-push-action.png )
2020-08-16 06:36:41 +08:00
___
2020-03-06 00:28:11 +08:00
2020-08-16 06:36:41 +08:00
* [Usage ](#usage )
2020-09-02 16:07:11 +08:00
* [Git context ](#git-context )
* [Path context ](#path-context )
2020-08-29 23:46:56 +08:00
* [Isolated builders ](#isolated-builders )
2020-08-19 04:54:44 +08:00
* [Multi-platform image ](#multi-platform-image )
2020-09-13 02:40:12 +08:00
* [Advanced usage ](#advanced-usage )
2020-09-09 22:18:06 +08:00
* [Local registry ](#local-registry )
2020-08-29 22:10:05 +08:00
* [Leverage GitHub cache ](#leverage-github-cache )
2020-08-19 04:54:44 +08:00
* [Complete workflow ](#complete-workflow )
2020-09-10 07:14:41 +08:00
* [Update DockerHub repo description ](#update-dockerhub-repo-description )
2020-08-16 06:36:41 +08:00
* [Customizing ](#customizing )
* [inputs ](#inputs )
* [outputs ](#outputs )
2020-08-20 23:25:55 +08:00
* [Keep up-to-date with GitHub Dependabot ](#keep-up-to-date-with-github-dependabot )
2020-08-16 06:36:41 +08:00
* [Limitation ](#limitation )
2020-03-06 00:28:11 +08:00
2020-08-16 06:36:41 +08:00
## Usage
2020-03-06 00:28:11 +08:00
2020-08-16 11:53:50 +08:00
This action uses our [setup-buildx ](https://github.com/docker/setup-buildx-action ) action that extends the
`docker build` command named [buildx ](https://github.com/docker/buildx ) with the full support of the features
2020-08-20 03:35:36 +08:00
provided by [Moby BuildKit ](https://github.com/moby/buildkit ) builder toolkit. This includes multi-arch build,
2020-08-16 11:53:50 +08:00
build-secrets, remote cache, etc. and different builder deployment/namespacing options.
2020-03-06 00:28:11 +08:00
2020-09-02 16:07:11 +08:00
### Git context
2020-09-13 02:40:12 +08:00
The default behavior of this action is to use the [Git context invoked by your workflow ](https://github.com/docker/build-push-action/blob/master/src/context.ts#L35 ).
> :warning: Subdir for this context is [not yet supported](https://github.com/docker/build-push-action/issues/120).
> For the moment you can use the [path context](#path-context).
2020-04-22 23:34:18 +08:00
```yaml
2020-08-16 06:36:41 +08:00
name: ci
on:
push:
branches: master
jobs:
2020-08-18 04:18:15 +08:00
main:
runs-on: ubuntu-latest
steps:
2020-09-05 11:18:00 +08:00
-
name: Set up QEMU
2020-09-09 06:32:40 +08:00
uses: docker/setup-qemu-action@v1
2020-08-18 04:18:15 +08:00
-
name: Set up Docker Buildx
2020-09-09 06:32:40 +08:00
uses: docker/setup-buildx-action@v1
2020-08-18 04:18:15 +08:00
-
name: Login to DockerHub
2020-08-27 21:08:11 +08:00
uses: docker/login-action@v1
2020-08-18 04:18:15 +08:00
with:
2020-09-11 00:46:50 +08:00
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
2020-08-18 04:18:15 +08:00
-
name: Build and push
id: docker_build
uses: docker/build-push-action@v2
with:
push: true
2020-08-19 04:54:44 +08:00
tags: user/app:latest
2020-08-18 04:18:15 +08:00
-
name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}
```
2020-09-02 16:44:27 +08:00
If you use this action in a private repository, you have to pass the [GitHub Token ](https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token )
as a secret named `GIT_AUTH_TOKEN` to be able to authenticate against it with buildx:
2020-09-02 16:07:11 +08:00
```yaml
-
name: Build and push
id: docker_build
uses: docker/build-push-action@v2
with:
push: true
tags: user/app:latest
secrets: |
GIT_AUTH_TOKEN=${{ github.token }}
```
### Path context
You can also use the `PATH` context alongside the [`actions/checkout` ](https://github.com/actions/checkout/ ) action.
2020-08-29 23:46:56 +08:00
```yaml
name: ci
on:
push:
branches: master
jobs:
2020-09-02 16:07:11 +08:00
path-context:
2020-08-29 23:46:56 +08:00
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
2020-09-02 16:07:11 +08:00
-
name: Set up QEMU
2020-09-09 06:32:40 +08:00
uses: docker/setup-qemu-action@v1
2020-09-02 16:07:11 +08:00
-
name: Set up Docker Buildx
2020-09-09 06:32:40 +08:00
uses: docker/setup-buildx-action@v1
2020-09-02 16:07:11 +08:00
-
name: Login to DockerHub
uses: docker/login-action@v1
with:
2020-09-11 00:46:50 +08:00
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
2020-09-02 16:07:11 +08:00
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64,linux/386
push: true
tags: user/app:latest
```
### Isolated builders
```yaml
name: ci
on:
push:
branches: master
jobs:
multi-builders:
runs-on: ubuntu-latest
steps:
2020-08-29 23:46:56 +08:00
-
2020-09-09 06:32:40 +08:00
uses: docker/setup-buildx-action@v1
2020-08-29 23:46:56 +08:00
id: builder1
-
2020-09-09 06:32:40 +08:00
uses: docker/setup-buildx-action@v1
2020-08-29 23:46:56 +08:00
id: builder2
-
name: Builder 1 name
run: echo ${{ steps.builder1.outputs.name }}
-
name: Builder 2 name
run: echo ${{ steps.builder2.outputs.name }}
-
name: Build against builder1
uses: docker/build-push-action@v2
with:
builder: ${{ steps.builder1.outputs.name }}
target: mytarget1
-
name: Build against builder2
uses: docker/build-push-action@v2
with:
builder: ${{ steps.builder2.outputs.name }}
target: mytarget2
```
2020-08-18 04:18:15 +08:00
### Multi-platform image
```yaml
name: ci
on:
push:
branches: master
jobs:
multi:
2020-08-16 06:36:41 +08:00
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
2020-09-09 06:32:40 +08:00
uses: docker/setup-qemu-action@v1
2020-08-16 06:36:41 +08:00
-
name: Set up Docker Buildx
2020-09-09 06:32:40 +08:00
uses: docker/setup-buildx-action@v1
2020-08-16 06:36:41 +08:00
-
name: Login to DockerHub
2020-08-27 21:08:11 +08:00
uses: docker/login-action@v1
2020-08-16 06:36:41 +08:00
with:
2020-09-11 00:46:50 +08:00
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
2020-08-16 06:36:41 +08:00
-
name: Build and push
uses: docker/build-push-action@v2
with:
2020-08-19 04:54:44 +08:00
context: .
file: ./Dockerfile
2020-09-02 16:44:27 +08:00
platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
2020-08-16 11:53:50 +08:00
push: true
2020-08-16 06:36:41 +08:00
tags: |
user/app:latest
user/app:1.0.0
2020-04-22 23:34:18 +08:00
```
2020-09-13 02:40:12 +08:00
## Advanced usage
2020-09-05 11:18:00 +08:00
### Local registry
For testing purposes you may need to create a [local registry ](https://hub.docker.com/_/registry ) to push images into.
```yaml
name: ci
on:
push:
branches: master
jobs:
local-registry:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Set up QEMU
2020-09-09 06:32:40 +08:00
uses: docker/setup-qemu-action@v1
2020-09-05 11:18:00 +08:00
-
name: Set up Docker Buildx
2020-09-09 06:32:40 +08:00
uses: docker/setup-buildx-action@v1
2020-09-05 11:18:00 +08:00
with:
driver-opts: network=host
-
name: Build and push to local registry
uses: docker/build-push-action@v2
with:
push: true
tags: localhost:5000/name/app:latest
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest
```
2020-08-29 22:10:05 +08:00
### Leverage GitHub cache
You can leverage [GitHub cache ](https://docs.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows )
2020-09-10 07:14:41 +08:00
using [actions/cache ](https://github.com/actions/cache ) with this action.
2020-08-29 22:10:05 +08:00
```yaml
name: ci
on:
push:
branches: master
jobs:
2020-08-29 23:46:56 +08:00
github-cache:
2020-08-29 22:10:05 +08:00
runs-on: ubuntu-latest
steps:
-
name: Set up Docker Buildx
2020-09-09 06:32:40 +08:00
uses: docker/setup-buildx-action@v1
2020-08-29 22:10:05 +08:00
-
name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
-
name: Login to DockerHub
uses: docker/login-action@v1
with:
2020-09-11 00:46:50 +08:00
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
2020-08-29 22:10:05 +08:00
-
name: Build and push
uses: docker/build-push-action@v2
with:
push: true
tags: user/app:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
```
2020-09-13 02:40:12 +08:00
### Complete workflow
2020-09-11 04:24:13 +08:00
If you come from [`v1` ](https://github.com/docker/build-push-action/tree/releases/v1#readme ) and you want an
2020-09-12 07:44:53 +08:00
"automatic" tag management through Git reference and [OCI Image Format Specification ](https://github.com/opencontainers/image-spec/blob/master/annotations.md )
for labels, you will have to do it in a dedicated step [for now ](https://github.com/docker/build-push-action/issues/116 ).
2020-09-11 04:24:13 +08:00
2020-09-13 02:40:12 +08:00
The following workflow with the `Prepare` step will generate some [outputs ](https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjobs_idoutputs )
to handle tags and labels based on GitHub actions events. This is just an example to show many cases that you
might want to use:
| Event | Ref | Commit SHA | Docker Tag | Pushed |
|-----------------|-------------------------------|------------|------------------------------------|--------|
| `schedule` | | | `nightly` | Yes |
| `pull_request` | `refs/pull/2/merge` | `a123b57` | `pr-2` | No |
| `push` | `refs/heads/<default_branch>` | `676cae2` | `sha-676cae2` , `edge` | Yes |
2020-09-17 19:27:14 +08:00
| `push` | `refs/heads/dev` | `cf20257` | `sha-cf20257` , `dev` | Yes |
| `push` | `refs/heads/my/branch` | `a5df687` | `sha-a5df687` , `my-branch` | Yes |
| `push tag` | `refs/tags/v1.2.3` | | `v1.2.3` , `v1.2` , `v1` , `latest` | Yes |
2020-09-11 04:24:13 +08:00
```yaml
name: ci
on:
2020-09-13 02:40:12 +08:00
schedule:
- cron: '0 10 * * *' # everyday at 10am
2020-09-11 04:24:13 +08:00
push:
2020-09-13 02:40:12 +08:00
branches:
- '**'
2020-09-11 04:24:13 +08:00
tags:
- 'v*.*.*'
pull_request:
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Prepare
id: prep
run: |
DOCKER_IMAGE=name/app
2020-09-12 07:44:53 +08:00
VERSION=noop
2020-09-13 02:40:12 +08:00
if [ "${{ github.event_name }}" = "schedule" ]; then
VERSION=nightly
elif [[ $GITHUB_REF == refs/tags/* ]]; then
2020-09-11 04:24:13 +08:00
VERSION=${GITHUB_REF#refs/tags/}
2020-09-12 07:44:53 +08:00
elif [[ $GITHUB_REF == refs/heads/* ]]; then
VERSION=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g')
if [ "${{ github.event.repository.default_branch }}" = "$VERSION" ]; then
VERSION=edge
fi
elif [[ $GITHUB_REF == refs/pull/* ]]; then
VERSION=pr-${{ github.event.number }}
2020-09-11 04:24:13 +08:00
fi
2020-09-12 07:44:53 +08:00
TAGS="${DOCKER_IMAGE}:${VERSION}"
2020-09-11 04:24:13 +08:00
if [[ $VERSION =~ ^v[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
MINOR=${VERSION%.*}
MAJOR=${MINOR%.*}
TAGS="$TAGS,${DOCKER_IMAGE}:${MINOR},${DOCKER_IMAGE}:${MAJOR},${DOCKER_IMAGE}:latest"
2020-09-13 03:38:49 +08:00
elif [ "${{ github.event_name }}" = "push" ]; then
TAGS="$TAGS,${DOCKER_IMAGE}:sha-${GITHUB_SHA::8}"
2020-09-11 04:24:13 +08:00
fi
2020-09-12 07:44:53 +08:00
echo ::set-output name=version::${VERSION}
2020-09-11 04:24:13 +08:00
echo ::set-output name=tags::${TAGS}
2020-09-12 07:44:53 +08:00
echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
2020-08-19 04:54:44 +08:00
-
name: Set up QEMU
2020-09-09 06:32:40 +08:00
uses: docker/setup-qemu-action@v1
2020-08-19 04:54:44 +08:00
-
name: Set up Docker Buildx
2020-09-09 06:32:40 +08:00
uses: docker/setup-buildx-action@v1
2020-08-19 04:54:44 +08:00
-
name: Login to DockerHub
if: github.event_name != 'pull_request'
2020-08-27 21:08:11 +08:00
uses: docker/login-action@v1
2020-08-19 04:54:44 +08:00
with:
2020-09-11 00:46:50 +08:00
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
2020-08-19 04:54:44 +08:00
-
name: Build and push
2020-09-13 02:40:12 +08:00
id: docker_build
2020-08-19 04:54:44 +08:00
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64,linux/386
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.prep.outputs.tags }}
2020-09-13 02:40:12 +08:00
labels: |
2020-09-16 02:30:16 +08:00
org.opencontainers.image.title=${{ github.event.repository.name }}
org.opencontainers.image.description=${{ github.event.repository.description }}
org.opencontainers.image.url=${{ github.event.repository.html_url }}
org.opencontainers.image.source=${{ github.event.repository.clone_url }}
2020-09-13 02:40:12 +08:00
org.opencontainers.image.version=${{ steps.prep.outputs.version }}
2020-09-16 02:30:16 +08:00
org.opencontainers.image.created=${{ steps.prep.outputs.created }}
2020-09-13 02:40:12 +08:00
org.opencontainers.image.revision=${{ github.sha }}
2020-09-16 02:30:16 +08:00
org.opencontainers.image.licenses=${{ github.event.repository.license.spdx_id }}
2020-08-17 01:41:44 +08:00
```
2020-09-10 07:14:41 +08:00
### Update DockerHub repo description
You can update the [Docker Hub repository description ](https://docs.docker.com/docker-hub/repos/ ) using
a third-party action called [Docker Hub Description ](https://github.com/peter-evans/dockerhub-description )
with this action.
```yaml
name: ci
on:
push:
branches: master
jobs:
main:
runs-on: ubuntu-latest
steps:
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Login to DockerHub
uses: docker/login-action@v1
with:
2020-09-11 00:46:50 +08:00
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
2020-09-10 07:14:41 +08:00
-
name: Build and push
uses: docker/build-push-action@v2
with:
push: true
tags: user/app:latest
-
name: Update repo description
uses: peter-evans/dockerhub-description@v2
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
DOCKERHUB_REPOSITORY: user/app
```
2020-08-16 06:36:41 +08:00
## Customizing
2020-03-06 00:28:11 +08:00
2020-08-16 06:36:41 +08:00
### inputs
2020-03-06 00:28:11 +08:00
2020-08-16 06:36:41 +08:00
Following inputs can be used as `step.with` keys
2020-03-06 00:28:11 +08:00
2020-08-21 23:31:03 +08:00
| Name | Type | Description |
|---------------------|---------|------------------------------------|
| `builder` | String | Builder instance (see [setup-buildx ](https://github.com/docker/setup-buildx-action ) action) |
2020-09-02 16:07:11 +08:00
| `context` | String | Build's context is the set of files located in the specified [`PATH` or `URL` ](https://docs.docker.com/engine/reference/commandline/build/ ) (default [Git context ](#git-context )) |
| `file` | String | Path to the Dockerfile (default `Dockerfile` ) |
2020-08-21 23:31:03 +08:00
| `build-args` | List | List of build-time variables |
| `labels` | List | List of metadata for an image |
| `tags` | List | List of tags |
| `pull` | Bool | Always attempt to pull a newer version of the image (default `false` ) |
| `target` | String | Sets the target stage to build |
| `allow` | List | List of [extra privileged entitlement ](https://github.com/docker/buildx#--allowentitlement ) (eg. `network.host,security.insecure` ) |
| `no-cache` | Bool | Do not use cache when building the image (default `false` ) |
| `platforms` | List | List of [target platforms ](https://github.com/docker/buildx#---platformvaluevalue ) for build |
| `load` | Bool | [Load ](https://github.com/docker/buildx#--load ) is a shorthand for `--output=type=docker` (default `false` ) |
| `push` | Bool | [Push ](https://github.com/docker/buildx#--push ) is a shorthand for `--output=type=registry` (default `false` ) |
2020-08-29 23:15:26 +08:00
| `outputs` | CSV | List of [output destinations ](https://github.com/docker/buildx#-o---outputpath-typetypekeyvalue ) (format: `type=local,dest=path` ) |
2020-09-02 16:44:27 +08:00
| `cache-from` | CSV | List of [external cache sources ](https://github.com/docker/buildx#--cache-fromnametypetypekeyvalue ) (eg. `type=local,src=path/to/dir` ) |
| `cache-to` | CSV | List of [cache export destinations ](https://github.com/docker/buildx#--cache-tonametypetypekeyvalue ) (eg. `type=local,dest=path/to/dir` ) |
2020-09-02 16:07:11 +08:00
| `secrets` | CSV | List of secrets to expose to the build (eg. `key=value` , `GIT_AUTH_TOKEN=mytoken` ) |
2020-08-17 08:32:27 +08:00
2020-08-29 23:15:26 +08:00
> `List` type can be a comma or newline-delimited string
2020-08-17 08:32:27 +08:00
> ```yaml
> tags: name/app:latest,name/app:1.0.0
> ```
> ```yaml
> tags: |
> name/app:latest
> name/app:1.0.0
> ```
2020-03-06 00:28:11 +08:00
2020-08-29 23:15:26 +08:00
> `CSV` type must be a newline-delimited string
> ```yaml
> cache-from: user/app:cache
> ```
> ```yaml
> cache-from: |
> user/app:cache
> type=local,src=path/to/dir
> ```
2020-08-16 06:36:41 +08:00
### outputs
2020-03-06 00:28:11 +08:00
2020-08-16 06:36:41 +08:00
Following outputs are available
2020-03-06 00:28:11 +08:00
2020-08-16 06:36:41 +08:00
| Name | Type | Description |
|---------------|---------|---------------------------------------|
| `digest` | String | Image content-addressable identifier also called a digest |
2020-03-06 00:28:11 +08:00
2020-08-20 23:25:55 +08:00
## Keep up-to-date with GitHub Dependabot
Since [Dependabot ](https://docs.github.com/en/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot )
has [native GitHub Actions support ](https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates#package-ecosystem ),
to enable it on your GitHub repo all you need to do is add the `.github/dependabot.yml` file:
```yaml
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
```
2020-08-16 06:36:41 +08:00
## Limitation
2020-03-06 00:28:11 +08:00
2020-08-16 06:36:41 +08:00
This action is only available for Linux [virtual environments ](https://help.github.com/en/articles/virtual-environments-for-github-actions#supported-virtual-environments-and-hardware-resources ).