From ff0a63a22c9c93d850d6cab1a191217efdc017ae Mon Sep 17 00:00:00 2001 From: Stephen Mulrennan Date: Tue, 30 Jul 2024 12:46:43 +0100 Subject: [PATCH] Container registry. --- .github/actions/build-image/action.yaml | 68 +++++++++++++++++++++++++ .github/workflows/validate.yaml | 22 ++++++-- 2 files changed, 86 insertions(+), 4 deletions(-) create mode 100644 .github/actions/build-image/action.yaml diff --git a/.github/actions/build-image/action.yaml b/.github/actions/build-image/action.yaml new file mode 100644 index 0000000..bdca292 --- /dev/null +++ b/.github/actions/build-image/action.yaml @@ -0,0 +1,68 @@ +name: build-and-deploy-image + +inputs: + registry: + description: The registry to deploy to + required: true + image_name: + description: The name of the docker image + required: true + username: + description: The username to login to the container registry + required: true + password: + description: The password to login to the container registry + required: true + +runs: + using: composite + steps: + - uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 + with: + registry: ${{ inputs.registry }} + username: ${{ inputs.username }} + password: ${{ inputs.password }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + with: + images: ${{ inputs.registry }}/${{ inputs.image_name }} + tags: type=sha,format=long + + - name: Build and push Docker image + id: push + uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: install yq + shell: bash + run: | + sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CC86BB64 + sudo add-apt-repository ppa:rmescandon/yq -y + sudo apt update -y + sudo apt install yq -y + + - name: Commit changes + shell: bash + env: + IMAGE_TAG: ${{ steps.meta.outputs.tags }} + run: | + git config --global user.name 'Github' + git config --global user.email 'github@users.noreply.github.com' + + yq e ".runs.image = env(IMAGE_TAG)" -i action.yml + git add action.yml + git diff-index --quiet HEAD || (git commit -m "[Auto] Image tag updated latest pushed version" && git push) + + + + + + \ No newline at end of file diff --git a/.github/workflows/validate.yaml b/.github/workflows/validate.yaml index 40f110f..171059e 100644 --- a/.github/workflows/validate.yaml +++ b/.github/workflows/validate.yaml @@ -6,15 +6,21 @@ on: - '*' - '!main' +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + permissions: - contents: read + contents: write + packages: write checks: write + id-token: write jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Install modules run: npm ci - name: eslint @@ -24,7 +30,15 @@ jobs: needs: [ lint ] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 + - uses: ./.github/actions/build-image + name: Build and publish docker image + with: + registry: ${{ env.REGISTRY }} + image_name: ${{ env.IMAGE_NAME }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build local scanner action image run: | docker build . @@ -33,7 +47,7 @@ jobs: runs-on: ubuntu-latest needs: [ build-action-docker-image ] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses : ./ name: Run action against repoository with: