From fd2c0b69871c951b559e76c2d67edba407db5b48 Mon Sep 17 00:00:00 2001 From: Muhammad Faizan Date: Mon, 16 Sep 2024 11:31:17 +0200 Subject: [PATCH] chore: added github action based build jobs (#431) added github action based build jobs --- .github/workflows/pull-build-image.yaml | 18 ++++++++++++ .github/workflows/push-build-image.yaml | 39 +++++++++++++++++++++++++ .github/workflows/tag-build-image.yaml | 37 +++++++++++++++++++++++ Dockerfile | 6 ++-- 4 files changed, 97 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/pull-build-image.yaml create mode 100644 .github/workflows/push-build-image.yaml create mode 100644 .github/workflows/tag-build-image.yaml diff --git a/.github/workflows/pull-build-image.yaml b/.github/workflows/pull-build-image.yaml new file mode 100644 index 00000000..e85dc3a9 --- /dev/null +++ b/.github/workflows/pull-build-image.yaml @@ -0,0 +1,18 @@ +name: Pull Build Image + +on: + pull_request_target: + types: [opened, edited, synchronize, reopened, ready_for_review] + +permissions: + id-token: write # This is required for requesting the JWT token + contents: read # This is required for actions/checkout + +jobs: + build: + uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main + with: + name: nats-manager + dockerfile: Dockerfile + context: . + export-tags: true diff --git a/.github/workflows/push-build-image.yaml b/.github/workflows/push-build-image.yaml new file mode 100644 index 00000000..ea36a307 --- /dev/null +++ b/.github/workflows/push-build-image.yaml @@ -0,0 +1,39 @@ +name: Push Build Image + +on: + push: + branches: + - "main" + - "release-*" + paths-ignore: + - "docs/**" + +permissions: + id-token: write # This is required for requesting the JWT token + contents: read # This is required for actions/checkout + +jobs: + compute-tags: + runs-on: ubuntu-latest + outputs: + tags: ${{ steps.get_tag.outputs.TAGS }} + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Get the latest tag + id: get_tag + run: | + { + echo 'TAGS<> "$GITHUB_OUTPUT" + build: + needs: compute-tags + uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main + with: + name: nats-manager + dockerfile: Dockerfile + context: . + tags: ${{ needs.compute-tags.outputs.tags }} diff --git a/.github/workflows/tag-build-image.yaml b/.github/workflows/tag-build-image.yaml new file mode 100644 index 00000000..de10c920 --- /dev/null +++ b/.github/workflows/tag-build-image.yaml @@ -0,0 +1,37 @@ +name: Tag Build Image + +on: + push: + tags: + - '[0-9]+.[0-9]+.[0-9]+' # This will trigger the workflow when a tag (x.y.z) is pushed. + +permissions: + id-token: write # This is required for requesting the JWT token + contents: read # This is required for actions/checkout + +jobs: + compute-tags: + runs-on: ubuntu-latest + outputs: + tags: ${{ steps.get_tag.outputs.TAGS }} + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Get the latest tag + id: get_tag + run: | + { + echo 'TAGS<> "$GITHUB_OUTPUT" + build: + name: build-${{ github.ref_name }} # The release pipeline will check the status of this job by this name format (e.g. build-1.0.1). + needs: compute-tags + uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main + with: + name: nats-manager + dockerfile: Dockerfile + context: . + tags: ${{ needs.compute-tags.outputs.tags }} diff --git a/Dockerfile b/Dockerfile index 520d25db..7958a6de 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM europe-docker.pkg.dev/kyma-project/prod/external/library/golang:1.23.0-alpi ARG TARGETOS ARG TARGETARCH -WORKDIR /workspace +WORKDIR /app # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum @@ -31,8 +31,8 @@ FROM gcr.io/distroless/static:nonroot LABEL source = git@github.com:kyma-project/nats-manager.git WORKDIR / -COPY --from=builder /workspace/manager . -COPY --from=builder /workspace/resources/nats resources/nats +COPY --from=builder /app/manager . +COPY --from=builder /app/resources/nats resources/nats USER nonroot:nonroot ENTRYPOINT ["/manager"]