From 6c17a3fc71dd3090583ab3a15a3c79442fc4232e Mon Sep 17 00:00:00 2001 From: David Bernard Date: Wed, 3 Jan 2024 21:23:24 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=91=B7=20build=20&=20publish=20container?= =?UTF-8?q?=20image=20on=20CI?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/release.yml | 40 ++++++++++++++++++++++++++++++ Dockerfile | 2 ++ charts/cdviz-collector/Chart.yaml | 4 +-- charts/cdviz-collector/values.yaml | 4 +-- 4 files changed, 46 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..3c733cd --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,40 @@ +name: release + +on: + # push: + # branches: + # - main + workflow_dispatch: + +permissions: + contents: read + packages: write + # id-token: write + +jobs: + push-store-image: + runs-on: ubuntu-latest + steps: + - name: "Checkout GitHub Action" + uses: actions/checkout@v4 + with: + fetch-depth: "0" # to be able to use `git describe` and retrieve tags + + - name: "Login to GitHub Container Registry" + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{github.actor}} + password: ${{secrets.GITHUB_TOKEN}} + + # - name: "Build Inventory Image" + # run: | + # docker build . --tag ghcr.io//store:latest + # docker push ghcr.io/${{ github.repository }}/store:latest + + - name: Run Skaffold pipeline as action + uses: hiberbee/github-action-skaffold@1.19.0 + with: + skaffold-version: "2.9.0" + command: build + # repository: ghcr.io/${{ github.repository }} diff --git a/Dockerfile b/Dockerfile index b0b82a7..1879b2c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,6 +17,7 @@ HEALTHCHECK NONE # checkov:skip=CKV_DOCKER_7:Ensure the base image uses a non latest version tag # trivy:ignore:AVD-DS-0001 FROM cgr.dev/chainguard/glibc-dynamic as cdviz-collector +LABEL org.opencontainers.image.source="https://github.com/davidB/cdviz" ARG PROFILE=release USER nonroot COPY --from=build /work/target/${PROFILE}/cdviz-collector /usr/local/bin/cdviz-collector @@ -39,6 +40,7 @@ HEALTHCHECK NONE # checkov:skip=CKV_DOCKER_7:Ensure the base image uses a non latest version tag # trivy:ignore:AVD-DS-0001 FROM cgr.dev/chainguard/glibc-dynamic AS cdviz-dbmigration +LABEL org.opencontainers.image.source="https://github.com/davidB/cdviz" USER nonroot COPY --from=build-sqlx /home/nonroot/.cargo/bin/sqlx /usr/local/bin/sqlx COPY migrations /migrations diff --git a/charts/cdviz-collector/Chart.yaml b/charts/cdviz-collector/Chart.yaml index 361d880..d59547f 100644 --- a/charts/cdviz-collector/Chart.yaml +++ b/charts/cdviz-collector/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: cdviz-collector description: A Helm chart for Kubernetes type: application -version: 0.1.0 -appVersion: "0.1.0" +version: 0.1.0 # TODO Change this to a version number on release +appVersion: "0.1.0" # TODO Change this to a version number on release dependencies: - name: postgresql diff --git a/charts/cdviz-collector/values.yaml b/charts/cdviz-collector/values.yaml index 289f553..d181c54 100644 --- a/charts/cdviz-collector/values.yaml +++ b/charts/cdviz-collector/values.yaml @@ -8,7 +8,7 @@ image: repository: ghcr.io/davidb/cdviz-collector pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: "" + tag: "latest" # TODO Change this to a version number on release imagePullSecrets: [] nameOverride: "" @@ -90,7 +90,7 @@ dbMigration: image: repository: ghcr.io/davidb/cdviz-dbmigration pullPolicy: IfNotPresent - tag: "" + tag: "latest" # TODO Change this to a version number on release annotations: {} # "helm.sh/hook": post-install,post-upgrade