Release 4.1 - 🦋

* Action added

* Rename folder

* unnecessary step removed

* chore: clean 🧽

* Self test

* correct use + syntax fixed

* debug

* debug

* debug

* fixed action path

* try fixing path

* try fixing path again

* SHA added with image scan

* Docker scan fixed

* removed docekr scan

* Test job added

* dep added

* docker login for test step

* Step naming

* Remove docker images added

* Fix test script

* Fix docker remove step

* Remove from GCR instead of local docker

* Comment for example case

* Fix warning

* Uses checkout for google-github-actions/auth warning

* Support for plain text key file

* Change default to plain text

* ReadMe updated

* Example updated for v4.1

* ReadMe updated

* Better image_tag handling

* Empty image tag handling fixed

* python version updated

.github/workflows/build_and_push.yaml

@@ -0,0 +1,54 @@
+name: Push to GCR GitHub Action
+on: 
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+jobs:
+  build-and-push-to-gcr:
+    name: "Bulding and pushing images"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: "Building and pushing the image"
+        uses: ./
+        with:
+          gcloud_service_key: ${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }}
+          registry: gcr.io
+          project_id: pro-chesta
+          image_name: hello-world-by-push-to-gcr
+          image_tag: test-${{ github.sha }}, ${{ github.sha }}
+          dockerfile: ./test/Dockerfile.test
+          context: ./test
+          target: build
+  # If you are checking this file to use this action in your project,
+  # you only need the first step 👆.
+  # The following two steps are needed to test this action.
+  test-image:
+    name: "Testing the image"
+    needs: [build-and-push-to-gcr]
+    runs-on: ubuntu-latest
+    container: 
+      image: "gcr.io/pro-chesta/hello-world-by-push-to-gcr:${{ github.sha }}"
+      credentials:
+        username: _json_key
+        password: ${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }}
+    steps:
+      - name: "Testing the image"
+        run: exit $([ "$(/root/executable)" = "Hello World from Push To GCR github action" ])
+  cleanup:
+    name: "Cleaning up images"
+    needs: [build-and-push-to-gcr, test-image]
+    if: always()
+    continue-on-error: true
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: 'Authenticate to Google Cloud'
+        uses: 'google-github-actions/auth@v0'
+        with:
+          credentials_json: '${{ secrets.JSON_GCLOUD_SERVICE_ACCOUNT_JSON }}'
+      - name: "Delete images"
+        run: gcloud container images delete gcr.io/pro-chesta/hello-world-by-push-to-gcr:${{ github.sha }} --force-delete-tags --quiet

ReadMe.md

@@ -1,13 +1,13 @@
 # Push to GCR GitHub Action
 
-An action that build docker image and push to Google Cloud Registry.
+An action that builds docker image and pushes to Google Cloud Registry.
 
 This action can be used to perform on every git `push` or every `tag` creation.
 
 ## Inputs
 
 ### `gcloud_service_key`
-The service account key of google cloud. The service accout json file must be encoded in base64. This field is required.
+The service account key of google cloud. The JSON file can be encoded in base64 or in plain text. This field is required.
 
 ### `registry`
 The registry where the image should be pushed. Default `gcr.io`.
@@ -19,33 +19,33 @@ The project id. This field is required.
 The image name. This field is required.
 
 ### `image_tag`
-The tag for the image. To create multiple tag of the same image, provide comma (`,`) separeted tag name (e.g. `v2.1,v2,latest`).
+The tag for the image. To create multiple tags of the same image, provide a comma (`,`) separated tag name (e.g. `v2.1,v2,latest`).
 
 Default: `latest`.
 
 To use the pushed `Tag Name` as image tag, see the [example](https://github.com/RafikFarhad/push-to-gcr-github-action/blob/master/example/build_only_tags.yml).
 
 ### `dockerfile`
 The image building Dockerfile. 
-If context is changed, `Dockerfile` from context folder will be used.
+If the context is not the root of the repository, `Dockerfile` from the context folder will be used.
 
 Default: `./Dockerfile`.
 
 ### `context`
 The docker build context. Default: `.`
 
 ### `target`
-If you use multi-stage build and want to stop builing at a certain image, you can use this field. Default value is empty.
+If you use a multi-stage build and want to stop building at a certain image, you can use this field. The default value is empty.
 
 ### `build_args`
 Pass a list of env vars as build-args for docker-build, separated by commas. ie: `HOST=db.default.svc.cluster.local:5432,USERNAME=db_user`
 
 ### `push_only`
-If you want to skip the build step and just push the image built by any previous step, use this option. Default for this is `false`.
+If you want to skip the build step and just push the image built by any previous step, use this option. The default for this is `false`.
 
 ## Permissions
 The service key you provided must have the `Storage Admin` permission to push the image to GCR.
-It is possible to use a lower access level `Storage Object Admin`, but it will work only for already created registry. You must also add the `Storage Legacy Bucket Reader` permission to the `artifacts.<project id>.appspot.com` bucket for the given service account.
+It is possible to use a lower access level `Storage Object Admin`, but it will work only if the registry is already created. You must also add the `Storage Legacy Bucket Reader` permission to the `artifacts.<project id>.appspot.com` bucket for the given service account.
 
 [Reference 1](https://cloud.google.com/container-registry/docs/access-control)
 
@@ -54,69 +54,31 @@ It is possible to use a lower access level `Storage Object Admin`, but it will w
 To create service key/account visit [here](https://console.cloud.google.com/iam-admin/serviceaccounts)
 
 ## Example usage
-Put desired yml section in the `.github/workflows/build.yml` file
-### `To perform build & push on every git push`
-
-```
+```yaml
 name: Push to GCR GitHub Action
 on: [push]
 jobs:
   build-and-push-to-gcr:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - uses: google-github-actions/setup-gcloud@master
-      - uses: RafikFarhad/push-to-gcr-github-action@v4
+      - uses: RafikFarhad/push-to-gcr-github-action@v4.1
         with:
-          gcloud_service_key: ${{ secrets.GCLOUD_SERVICE_KEY }}
+          gcloud_service_key: ${{ secrets.GCLOUD_SERVICE_KEY }} # can be base64 encoded or plain text
           registry: gcr.io
           project_id: my-awesome-project
-          image_name: server-end
-
+          image_name: backend
+          image_tag: latest,v1
+          dockerfile: ./docker/Dockerfile.prod
+          context: ./docker
 ```
-### `To perform build & push only on tag publish`
+[More Example] (https://github.com/RafikFarhad/push-to-gcr-github-action/tree/master/example)
+[Workflow Example] (https://github.com/RafikFarhad/push-to-gcr-github-action/tree/master/.github/workflows)
 
-```
-name: Push to GCR GitHub Action
-on:
-  push:
-    tags:
-    - '*'
-jobs:
-  build-and-push-to-gcr:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: google-github-actions/setup-gcloud@master
-      - name: Get the version
-        id: get_tag_name
-        run: echo ::set-output name=GIT_TAG_NAME::${GITHUB_REF/refs\/tags\//}
-      - uses: RafikFarhad/push-to-gcr-github-action@v4
-        with:
-          gcloud_service_key: ${{ secrets.GCLOUD_SERVICE_KEY }}
-          registry: gcr.io
-          project_id: my-awesome-project
-          image_name: server-end
-          image_tag: ${{ steps.get_tag_name.outputs.GIT_TAG_NAME}}
-          dockerfile: ./build/Dockerfile
-```
-### `To just push an image on every git push`
-
-```
-name: Push image to GCR GitHub Action
-on: [push]
-jobs:
-  just-push-to-gcr:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: google-github-actions/setup-gcloud@master
-      - uses: RafikFarhad/push-to-gcr-github-action@v4
-        with:
-          gcloud_service_key: ${{ secrets.GCLOUD_SERVICE_KEY }}
-          registry: gcr.io
-          project_id: my-awesome-project
-          image_name: server-end
-          push_only: true
+## Contribution
+- Fork
+- Implement your awesome idea or fix a bug
+- Create PR 🎉
 
-```
+NB: The included workflow which tests the action's basic functionalities needs a Github secret named `JSON_GCLOUD_SERVICE_ACCOUNT_JSON`.
+Currently, the workflow is not testable for forked repositories but I have an action item to enable this.  

action.yml → action.yaml

@@ -6,7 +6,7 @@ branding:
   color: gray-dark
 inputs:
   gcloud_service_key:
-    description: Google cloud service key as json
+    description: Google cloud service key json file as plain text or base64 encrypted
     required: true
   registry:
     description: The registry where the image should be pushed

entrypoint.sh

@@ -10,22 +10,18 @@
 #bash_version   :5.0.17(1)-release
 ###################################################
 
-function split_csv() {
-    IFS=','
-    csv_data=$1
-    local -n global_list_array=$2
-    for i in $csv_data; do
-        global_list_array+=($i)
-    done
-    unset IFS
-}
-
 ALL_IMAGE_TAG=()
 
 echo "Authenticating docker to gcloud ..."
 if ! echo $INPUT_GCLOUD_SERVICE_KEY | python -m base64 -d >/tmp/key.json 2>/dev/null; then
-    echo "Failed to decode gcloud_service_key -- did you forget to encode it using 'python -m base64 -e < yourkey.json'?"
-    exit 1
+    if ! echo $INPUT_GCLOUD_SERVICE_KEY >/tmp/key.json 2>/dev/null; then
+        echo "Failed to get gcloud_service_key. It could be plain text or base64 encoded service account JSON file"
+        exit 1
+    else
+        echo "This action is unable to decode INPUT_GCLOUD_SERVICE_KEY as base64. It assumes INPUT_GCLOUD_SERVICE_KEY as plain text."
+    fi
+else
+    echo "Successfully decoded from base64"
 fi
 
 if cat /tmp/key.json | docker login -u _json_key --password-stdin https://$INPUT_REGISTRY; then
@@ -35,7 +31,14 @@ else
     exit 1
 fi
 
-split_csv $INPUT_IMAGE_TAG ALL_IMAGE_TAG
+# split -> trim -> compact -> uniq -> bash array
+ALL_IMAGE_TAG=($(python -c "print(' '.join(list(set([v for v in [v.strip() for v in '$INPUT_IMAGE_TAG'.split(',')] if v]))))"))
+
+# default to 'latest' when $ALL_IMAGE_TAG is empty
+if [ ${#ALL_IMAGE_TAG[@]} -eq 0 ] ; then
+    echo "INPUT_IMAGE_TAG tag is not persable. Using latest by default"
+    ALL_IMAGE_TAG=(latest)
+fi
 
 TEMP_IMAGE_NAME="$INPUT_IMAGE_NAME:temporary"
 

example/build_all_option.yml → examples/build_all_option.yml

@@ -5,8 +5,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - uses: google-github-actions/setup-gcloud@master
-      - uses: RafikFarhad/push-to-gcr-github-action@v4
+      - uses: RafikFarhad/push-to-gcr-github-action@v4.1
         with:
           gcloud_service_key: ${{ secrets.GCLOUD_SERVICE_KEY }}
           registry: gcr.io

example/build_only_tags.yml → examples/build_only_tags.yml

@@ -11,8 +11,7 @@ jobs:
       - name: Get the tag name
         id: get_tag_name
         run: echo ::set-output name=GIT_TAG_NAME::${GITHUB_REF/refs\/tags\//}
-      - uses: google-github-actions/setup-gcloud@master
-      - uses: RafikFarhad/push-to-gcr-github-action@v4
+      - uses: RafikFarhad/push-to-gcr-github-action@v4.1
         with:
           gcloud_service_key: ${{ secrets.GCLOUD_SERVICE_KEY }}
           registry: gcr.io

example/only_push.yml → examples/only_push.yml

@@ -5,8 +5,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - uses: google-github-actions/setup-gcloud@master
-      - uses: RafikFarhad/push-to-gcr-github-action@v4
+      - uses: RafikFarhad/push-to-gcr-github-action@v4.1
         with:
           gcloud_service_key: ${{ secrets.GCLOUD_SERVICE_KEY }}
           registry: gcr.io

test/HelloWorld.c

@@ -1,6 +1,6 @@
 #include <stdio.h>
 
 int main() {
-    printf("Hello World :)\n");
+    printf("Hello World from Push To GCR github action");
     return 0;
 }

test/ReadMe.md

@@ -1,9 +1,9 @@
 # Local Test
 
-To test the action locally, [https://github.com/nektos/act](https://github.com/nektos/act) can be useful.
+To test the action locally, [Act](https://github.com/nektos/act) can be useful.
 
 ## Steps:
 
 1. Create a `secret.txt` file with the `base64` representation of GCloud Service Account json key in `./test` folder.
 2. Change `project_id`, `image_name`, `image_tag` in the `./test/build.yml` as your GCP project. 
-2. Run `act -v -s GCLOUD_SERVICE_KEY="$(< test/secret.txt)" -W test/` from the repository root.
+2. Run `act -s B64_GCLOUD_SERVICE_ACCOUNT_JSON="$(cat THE_JSON_FILE | python3 -m base64 -e)" -s JSON_GCLOUD_SERVICE_ACCOUNT_JSON="$(cat THE_JSON_FILE)"` from the repository root.