This action can be used to build containers using an Azure Container Registry.
Following the capabilities of this action:
-
Custom Dockerfile path: It is possible to specify a path for the
Dockerfile
-
Build context: Allows to specify the build context for the image
-
Default tag: The action will default to use the first 8 characters of the commit SHA if no tag is specified
-
Private repositories:: It is possible to use private Github repositories by providing a
github_token
Action inputs | Description | Default |
---|---|---|
dockerfile |
(Optional) Path to the Dockerfile relative to `folder` | ./Dockerfile |
folder |
(Optional) Build context for Docker agent | ./ |
branch |
(Optional) Branch to root the context off of | master |
repository |
(Mandatory) The repository on the Azure Container Registry | |
image |
(Mandatory) Docker image name | |
tag |
(Optional) Docker image tag | GITHUB_SHA::8 |
git_access_token |
(Optional) The Github access token for private repositories | GITHUB_SHA::8 |
registry |
(Mandatory)The Azure Container Registry name | |
tenant |
(Mandatory)The ACR tenant | |
service_principal |
(Mandatory) The Service Principal credentials | |
service_principal_password |
(Mandatory) The Service Principal credentials | |
build_args |
(Optional) Build arguments |
Create an SP with Contributor access to the Azure Container Registry
az ad sp create-for-rbac -n "acrtask0" --skip-assignment
az role assignment create --assignee <spID> --scope <resourceID of the ACR> --role "Contributor"
In your repository, create the following secrets (or set them in clear in the workflow definition):
- service_principal
- service_principal_password
- tenant
- registry
- repository
- (optional, for accessing private repositories) git_access_token
In .github/workflows
create a workflow file like the following:
name: build_image
on:
push:
paths:
- "src/docker/**"
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: ACR build
id: acr
uses: azure/acr-build@v1
with:
service_principal: ${{ secrets.service_principal }}
service_principal_password: ${{ secrets.service_principal_password }}
tenant: ${{ secrets.tenant }}
registry: ${{ secrets.registry }}
repository: ${{ secrets.repository }}
image: image
git_access_token: ${{ secrets.git_access_token }}
folder: src/docker
dockerfile: ../../dockerfiles/Dockerfile
branch: main
build_args: '[{"arg_one":"value_one"}, {"arg_two":"value_two"}]'
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.