Skip to content
Latchkey

Docker - learnGitBranching image workflow (pcottle/learnGitBranching)

The Docker - learnGitBranching image workflow from pcottle/learnGitBranching, explained and optimized by Latchkey.

C

CI health: C - fair

Point runs-on at Latchkey and get run de-duplication, job timeouts, SHA-pinned actions, self-healing for flaky steps, and up to 58% lower cost, applied automatically.

Grade your own workflow free or run it on Latchkey →
Source: pcottle/learnGitBranching.github/workflows/build-docker.ymlLicense MITView source

What it does

This is the Docker - learnGitBranching image workflow from the pcottle/learnGitBranching repository, a real project running GitHub Actions. It is shown here with attribution under its MIT license.

Below, Latchkey shows a faster, safer version produced by its optimization engine.

The workflow

workflow (.yml)
name: Docker - learnGitBranching image


on:
  workflow_dispatch:
  push:
    branches:
      - main  # Trigger CI on main branch

      - bmcclure/main

    paths: 

      - '**/*'

      - '.github/workflows/build-docker.yml'

  pull_request:
    branches:
      - main  # Trigger gated pipeline on PR to main

      - bmcclure/main

    paths:
      - '**/*'

      - '.github/workflows/build-docker.yml'


env:
  REGISTRY: ghcr.io

  IMAGE_NAME: ${{ github.repository }}


jobs:
  build-and-push-image:
    runs-on: ubuntu-latest

    permissions:
      contents: read

      packages: write


    steps:
      - name: Checkout repository

        uses: actions/checkout@v3


      - name: Log in to the Container registry

        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9

        with:
          registry: ${{ env.REGISTRY }}

          username: ${{ github.actor }}

          password: ${{ secrets.GITHUB_TOKEN }}


      - name: Extract metadata (tags, labels) for Docker

        id: meta

        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38

        with:
          tags: |

            type=ref,event=pr

            type=ref,event=branch

            type=sha,format=long

            type=raw,value=latest

          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}


      - name: Build Docker image (non main branch)

        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc

        if: github.ref != 'refs/heads/bmcclure/main'

        with:
          context: .

          load: true

          push: false

          tags: ${{ steps.meta.outputs.tags }}

          labels: ${{ steps.meta.outputs.labels }} 

      - name: Build and push Docker image (main branch)

        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc

        if: github.ref == 'refs/heads/bmcclure/main'

        with:
          context: .

          push: true

          tags: ${{ steps.meta.outputs.tags }}

          labels: ${{ steps.meta.outputs.labels }} 

      - id: lowercaseImageName

        uses: ASzc/change-string-case-action@v2

        with:
          string: ${{ env.IMAGE_NAME }}

      - name: Save Docker Image archive to local filesystem

        run: "docker save --output learnGitBranching.tar ${{env.REGISTRY}}/${{ steps.lowercaseImageName.outputs.lowercase }}"

      - name: Upload application's Docker Image as pipeline artifact

        uses: actions/upload-artifact@v4

        with:
          path: learnGitBranching.tar

          name: learnGitBranching.tar

The same workflow, on Latchkey

Removes redundant runs and caps runaway jobs. Added and changed lines are highlighted.

name: Docker - learnGitBranching image



on:

  workflow_dispatch:

  push:

    branches:

      - main  # Trigger CI on main branch

      - bmcclure/main

    paths: 

      - '**/*'

      - '.github/workflows/build-docker.yml'

  pull_request:

    branches:

      - main  # Trigger gated pipeline on PR to main

      - bmcclure/main

    paths:

      - '**/*'

      - '.github/workflows/build-docker.yml'



env:

  REGISTRY: ghcr.io

  IMAGE_NAME: ${{ github.repository }}



concurrency:

  group: ${{ github.workflow }}-${{ github.ref }}

  cancel-in-progress: true



jobs:

  build-and-push-image:

    timeout-minutes: 30

    runs-on: latchkey-small

    permissions:

      contents: read

      packages: write



    steps:

      - name: Checkout repository

        uses: actions/checkout@v3



      - name: Log in to the Container registry

        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9

        with:

          registry: ${{ env.REGISTRY }}

          username: ${{ github.actor }}

          password: ${{ secrets.GITHUB_TOKEN }}



      - name: Extract metadata (tags, labels) for Docker

        id: meta

        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38

        with:

          tags: |

            type=ref,event=pr

            type=ref,event=branch

            type=sha,format=long

            type=raw,value=latest

          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}



      - name: Build Docker image (non main branch)

        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc

        if: github.ref != 'refs/heads/bmcclure/main'

        with:

          context: .

          load: true

          push: false

          tags: ${{ steps.meta.outputs.tags }}

          labels: ${{ steps.meta.outputs.labels }} 

      - name: Build and push Docker image (main branch)

        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc

        if: github.ref == 'refs/heads/bmcclure/main'

        with:

          context: .

          push: true

          tags: ${{ steps.meta.outputs.tags }}

          labels: ${{ steps.meta.outputs.labels }} 

      - id: lowercaseImageName

        uses: ASzc/change-string-case-action@v2

        with:

          string: ${{ env.IMAGE_NAME }}

      - name: Save Docker Image archive to local filesystem

        run: "docker save --output learnGitBranching.tar ${{env.REGISTRY}}/${{ steps.lowercaseImageName.outputs.lowercase }}"

      - name: Upload application's Docker Image as pipeline artifact

        uses: actions/upload-artifact@v4

        with:

          path: learnGitBranching.tar

          name: learnGitBranching.tar

 

What changed

1 third-party action is referenced by a movable tag. Pin it to the commit SHA (Latchkey resolves and applies this automatically) so a repointed tag cannot change what runs.

What Latchkey heals here

This workflow has steps that commonly fail on transient issues (network, registries, flaky browsers). On Latchkey managed runners they are detected, retried, and self-healed instead of failing your build:

This workflow runs 1 job per trigger. On Latchkey the same minutes cost up to 58% less than GitHub-hosted, with zero queue time.

Actions used in this workflow