From e20e91fd85d9e10ca78b55f6b17690413cd852cc Mon Sep 17 00:00:00 2001 From: Martin Buchleitner Date: Wed, 8 May 2024 12:18:46 +0200 Subject: [PATCH] fix: Change workflow (#7) * fix: Change workflow Signed-off-by: Martin Buchleitner --------- Signed-off-by: Martin Buchleitner --- .github/workflows/ci.yml | 163 ++++----------------------------------- 1 file changed, 15 insertions(+), 148 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 372eb33..be4edb4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,157 +1,24 @@ name: Infralovers Container Build -# ref: github.com/infralovers/github/workflow-templates/container.yml - on: push: - branches: [ 'main', 'v2', 'v3' ] + branches: [ main ] + pull_request: - branches: [ 'main', 'v2', 'v3' ] + branches: [ main ] jobs: - prebuild: - runs-on: ubuntu-latest - outputs: - version: ${{ steps.semrel.outputs.version }} - steps: - - uses: actions/checkout@v3 - - - name: Check pre-commit presence - id: precommit_exists - uses: andstor/file-existence-action@v1 - with: - files: ".pre-commit-config.yaml" - - - uses: actions/setup-python@v3 - if: steps.precommit_exists.outputs.files_exists == 'true' - - - uses: pre-commit/action@v3.0.0 - if: steps.precommit_exists.outputs.files_exists == 'true' - - - uses: go-semantic-release/action@v1 - if: github.event_name != 'pull_request' - id: semrel - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - prepend: true - dry: true build: - runs-on: ubuntu-latest - needs: [ prebuild ] - steps: - - uses: actions/checkout@v2 - - - name: Prepare tagging - id: prep - run: | - - CURRENT_VERSION="${{ needs.prebuild.outputs.version }}" - IMAGE_PREFIX="v1" - IMAGE_NAME=$(basename ${{ github.repository }}) - IMAGE_REPO=${{ github.repository_owner }} - - git fetch --tags - LATEST_TAG=$(git describe --tags `git rev-list --tags --max-count=1` | sed 's/v//') - if [ "$GITHUB_REF_NAME" == "v2" ] || [ "$GITHUB_BASE_REF" == "v2" ]; then - IMAGE_PREFIX="v2" - if [ "$GITHUB_REF_NAME" == "v2" ]; then - CURRENT_VERSION=$LATEST_TAG - fi - fi - if [ "$GITHUB_REF_NAME" == "v3" ] || [ "$GITHUB_BASE_REF" == "v3" ]; then - IMAGE_PREFIX="v3" - if [ "$GITHUB_REF_NAME" == "v3" ]; then - CURRENT_VERSION=$LATEST_TAG - fi - fi - - if [[ -n "${{ secrets.IMAGE_NAME }}" ]]; then - IMAGE_NAME="${{ secrets.IMAGE_NAME }}" - fi - if [[ -n "${{ secrets.IMAGE_REPO }}" ]]; then - IMAGE_REPO="${{ secrets.IMAGE_REPO }}" - fi - QUAY_IMAGE="quay.io/$IMAGE_REPO/$IMAGE_NAME" - GHCR_IMAGE="ghcr.io/${{ github.repository }}" - VERSION="${IMAGE_PREFIX}-dev" - if [[ '${CURRENT_VERSION}' != '' ]]; then - VERSION="${IMAGE_PREFIX}-${CURRENT_VERSION}" - fi - if [ "${{ github.event_name }}" = "schedule" ]; then - VERSION="${IMAGE_PREFIX}-nightly" - fi - TAGS="${QUAY_IMAGE}:${VERSION},${GHCR_IMAGE}:${VERSION}" - if [[ "${CURRENT_VERSION}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - TAGS="$TAGS,${QUAY_IMAGE}:${IMAGE_PREFIX},${GHCR_IMAGE}:${IMAGE_PREFIX}" - fi - echo "settings tag ${TAGS}" - echo "tags=${TAGS}" >> $GITHUB_OUTPUT - echo "next_version=${CURRENT_VERSION}" >> $GITHUB_OUTPUT - - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - with: - platforms: 'arm64,amd64' - - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - - name: Login to Quay - if: steps.prep.outputs.next_version != '' - uses: docker/login-action@v1 - with: - registry: quay.io - username: ${{ secrets.QUAY_USER }} - password: ${{ secrets.QUAY_TOKEN }} - - - name: Login to GitHub Container Registry - if: steps.prep.outputs.next_version != '' - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.BOT_ACCESS_TOKEN }} - - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2 - with: - builder: ${{ steps.buildx.outputs.name }} - context: . - file: ./Dockerfile - push: ${{ github.event_name != 'pull_request' && steps.prep.outputs.next_version != '' }} - tags: ${{ steps.prep.outputs.tags }} - platforms: 'arm64,amd64' - - release: - needs: [ prebuild, build ] - if: github.event_name != 'pull_request' - runs-on: ubuntu-latest - steps: - - - uses: actions/checkout@v2 - - - uses: go-semantic-release/action@v1 - if: needs.prebuild.outputs.version != '' - id: generate_changelog - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - prepend: true - changelog-file: CHANGELOG.md - - - name: Update changelog - uses: stefanzweifel/git-auto-commit-action@v4 - if: steps.generate_changelog.outputs.version != '' - with: - commit_message: 'chore(ci): commit changes from go-semantic-release' - file_pattern: CHANGELOG.md + uses: infralovers/.github/.github/workflows/container.yml@main + secrets: + QUAY_USER: "${{ fromJSON(secrets.VAULT_KV_1D187965_OP_QUAY_ROBOT_ACCOUNT).username }}" + QUAY_TOKEN: "${{ fromJSON(secrets.VAULT_KV_1D187965_OP_QUAY_ROBOT_ACCOUNT).password }}" + BOT_ACCESS_TOKEN: "${{ fromJSON(secrets.VAULT_KV_1D187965_OP_GITHUB_INFRALOVERS).PAT }}" + MONDOO_SERVICE_ACCOUNT: "${{ secrets.MONDOO_SERVICE_ACCOUNT }}" + with: + dockerfile: Dockerfile + score: 20 + platforms: "linux/amd64, linux/arm64" + release: true + \ No newline at end of file