Skip to content
This repository has been archived by the owner on Mar 4, 2024. It is now read-only.

Build and push dev-latest image #455

Build and push dev-latest image

Build and push dev-latest image #455

Workflow file for this run

name: Build and push dev-latest image
on:
workflow_dispatch:
inputs:
tag:
description: An image tag
required: false
push:
branches:
- main
env:
NODE_OPTIONS: "--max_old_space_size=4096"
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Configure git for private modules
env:
ROBOT_TOKEN: ${{ secrets.ROBOT_TOKEN }}
run: git config --global url."https://percona-platform-robot:${ROBOT_TOKEN}@github.com".insteadOf "https://github.com"
- name: Check out frontend repo
uses: actions/checkout@v4
with:
repository: percona/percona-everest-frontend
ref: 'main'
path: percona-everest-frontend
token: ${{ secrets.ROBOT_TOKEN }}
- uses: pnpm/action-setup@v2
with:
version: 8
- name: Run with Node 16
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: 'pnpm'
cache-dependency-path: percona-everest-frontend/pnpm-lock.yaml
- name: Build Everest Frontend app
run: |
cd percona-everest-frontend
pnpm install
EVEREST_OUT_DIR=build pnpm build
mkdir ${GITHUB_WORKSPACE}/front
cp -rvf ./build/* ${GITHUB_WORKSPACE}/front/
- name: Check out Everest Backend
uses: actions/checkout@v4
with:
path: ./backend
- name: Embed Everest Frontend app into backend
run: |
cp -rf ${GITHUB_WORKSPACE}/front/* ${GITHUB_WORKSPACE}/backend/public/dist/
- uses: actions/setup-go@v4
with:
go-version-file: './backend/go.mod'
- name: Build Everest
run: |
cd ${GITHUB_WORKSPACE}/backend
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 make build
- name: Set tag from inputs
run: echo "IMAGE_TAG=${{ github.event.inputs.tag }}" >> $GITHUB_ENV
if: ${{ github.event.inputs.tag != '' }}
- name: Set tag from inputs
run: echo "IMAGE_TAG=dev-latest" >> $GITHUB_ENV
if: ${{ github.event.inputs.tag == '' }}
- name: Setup docker build metadata
uses: docker/metadata-action@v5
id: meta
with:
images: perconalab/everest
tags: ${{ env.IMAGE_TAG }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and Push everest dev-latest image
uses: docker/build-push-action@v5
with:
context: backend
push: true
tags: ${{ steps.meta.outputs.tags }}
scan:
runs-on: ubuntu-latest
needs: [build]
steps:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: 'docker.io/perconalab/everest:dev-latest'
format: 'table'
exit-code: '1'
severity: 'CRITICAL,HIGH'