-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ad1b03c
commit 51c810a
Showing
3 changed files
with
66 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| on: | ||
| push: | ||
| tags: | ||
| - '*' | ||
|
|
||
| jobs: | ||
| push_to_registry: | ||
| name: Push Docker image to gchr.io | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v1 | ||
| - name: Set Environment Variables | ||
| run: | | ||
| echo "runner_arch=$(uname -m)" | tee -a $GITHUB_ENV | ||
| echo "driver_name=$(perl -n -e '/refs\/tags\/([^-]+)-v(.+)/ && print $1')" | tee -a $GITHUB_ENV | ||
| echo "driver_version=$(perl -n -e '/refs\/tags\/([^-]+)-v(.+)/ && print $2')" | tee -a $GITHUB_ENV | ||
| - name: Login to GitHub Container Registry | ||
| uses: docker/login-action@v1 | ||
| if: startsWith(github.ref, 'refs/tags/') | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.CR_PAT }} | ||
| - name: Docker meta | ||
| id: docker_meta | ||
| uses: docker/metadata-action@v4 | ||
| with: | ||
| images: ghcr.io/${{ github.repository_owner }}/hsm-drivers | ||
| - name: build and push | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| context: . | ||
| file: ${{ env.driver_name }}.Dockerfile | ||
| cache-from: type=gha | ||
| cache-to: type=gha | ||
| push: ${{ startsWith(github.ref, 'refs/tags/') }} | ||
| labels: ${{ steps.docker_meta.outputs.labels }} | ||
| tags: ${{ steps.docker_meta.outputs.tags }} | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| #!/bin/sh | ||
|
|
||
| mkdir -p ${INSTALL_DIR}/ | ||
| cp -rf /opt/pkcs11/* ${INSTALL_DIR}/ | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| FROM alpine:3.20 as builder | ||
|
|
||
| RUN apk add \ | ||
| ca-certificates wget | ||
|
|
||
|
|
||
| ARG DEST_DIR=/opt/pkcs11/kmsp/ | ||
| RUN wget -O libkmsp11.tar.gz https://github.com/GoogleCloudPlatform/kms-integrations/releases/download/pkcs11-v1.6/libkmsp11-1.6-linux-amd64.tar.gz && \ | ||
| echo "af19692e442750b2e1315cb3fce3eddc5e8e4fa00b4d59b8fb16839658b8c1b8 libkmsp11.tar.gz" | sha256sum -c - && \ | ||
| mkdir -p ${DEST_DIR} && \ | ||
| tar -xf libkmsp11.tar.gz -C ${DEST_DIR} --strip-components=1 | ||
|
|
||
| COPY copy.sh / | ||
|
|
||
| RUN chmod +x /copy.sh | ||
|
|
||
| ENV INSTALL_DIR=/opt/pkcs11 | ||
| CMD /copy.sh | ||
|
|