Skip to content

Publish grader base image #2

Publish grader base image

Publish grader base image #2

name: Publish grader base image
# Builds grader_support/Dockerfile.base and pushes to:
# - GHCR: ghcr.io/openedx/xqueue-watcher-grader-base
#
# One image is published per supported Python version, tagged as:
# py<version>-latest (e.g. py3.12-latest, py3.13-latest, py3.14-latest)
# The newest version is also tagged as `latest`.
on:
push:
branches:
- master
paths:
- "grader_support/**"
schedule:
# Weekly rebuild to pick up base Python/OS security patches (Sunday 00:00 UTC)
- cron: "0 0 * * 0"
workflow_dispatch:
env:
IMAGE_NAME: openedx/xqueue-watcher-grader-base
# Newest version also receives the `latest` tag
LATEST_PYTHON: "3.14"
jobs:
build-and-push:
name: Build and push grader base image (Python ${{ matrix.python-version }})
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.12', '3.13', '3.14']
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Log in to GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up QEMU (for multi-platform builds)
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
file: grader_support/Dockerfile.base
platforms: linux/amd64,linux/arm64
push: true
build-args: |
PYTHON_VERSION=${{ matrix.python-version }}
tags: |
ghcr.io/${{ env.IMAGE_NAME }}:py${{ matrix.python-version }}-latest
${{ matrix.python-version == env.LATEST_PYTHON && format('ghcr.io/{0}:latest', env.IMAGE_NAME) || '' }}
cache-from: type=gha
cache-to: type=gha,mode=max