Skip to content

Commit

Permalink
move openresty
Browse files Browse the repository at this point in the history
  • Loading branch information
lucacome committed Jun 28, 2024
1 parent d79ff6b commit 31a0a75
Show file tree
Hide file tree
Showing 4 changed files with 110 additions and 47 deletions.
34 changes: 0 additions & 34 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
@@ -1,16 +1,5 @@
version: 2
jobs:
# system_testing:
# machine:
# image: ubuntu-2204:2022.04.2
# steps:
# - checkout
# - run:
# name: system.testing
# command: |
# ./ci/system_testing.sh
# - store_artifacts:
# path: ./test-log
build_gcc48_opentracing_15:
docker:
- image: ubuntu:18.04
Expand All @@ -33,36 +22,13 @@ jobs:
- run: ./ci/install_gcc4.8.sh
- run: ./ci/install_opentracing.sh
- run: ./ci/do_ci.sh build
openresty_docker_image:
machine: true
steps:
- checkout
- run:
command: docker build -t opentracing/openresty -f Dockerfile-openresty .

push_docker_image:
machine: true
steps:
- checkout
- run:
command: ./ci/do_ci.sh push_docker_image


workflows:
version: 2
build_test_and_deploy:
jobs:
- push_docker_image:
filters:
branches:
ignore: /.*/
tags: &tags
only: /^v[0-9]+(\.[0-9]+)*$/
# - system_testing
- build_gcc48_opentracing_15
- build_gcc48_opentracing_16:
requires:
- build_gcc48_opentracing_15
# - openresty_docker_image:
# requires:
# - system_testing
109 changes: 109 additions & 0 deletions .github/workflows/docker-openresty.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
name: Docker Openresty

on:
push:
branches:
- master
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
branches:
- master

concurrency:
group: ${{ github.ref_name }}-docker-openresty
cancel-in-progress: true

jobs:
build-docker:
name: Build Docker Image
runs-on: ubuntu-22.04
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
- name: Checkout Repository
uses: actions/checkout@v4

- name: Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host

- name: DockerHub Login
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
if: github.event_name != 'pull_request'

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
if: github.event_name != 'pull_request'

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
name=opentracing/openresty,enable=${{ github.event_name != 'pull_request' }}
name=ghcr.io/opentracing-contrib/openresty,enable=${{ github.event_name != 'pull_request' }}
name=localhost:5000/opentracing/openresty
tags: |
type=edge
type=ref,event=pr
type=semver,pattern={{version}}
env:
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index

- name: Build and push
uses: docker/build-push-action@v6
with:
file: Dockerfile-openresty
pull: true
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
cache-from: type=gha,scope=openresty
cache-to: type=gha,scope=openresty,mode=max
sbom: true
provenance: mode=max

- name: Inspect SBOM and output manifest
run: |
docker buildx imagetools inspect localhost:5000/opentracing/openresty:${{ steps.meta.outputs.version }} --format '{{ json (index .SBOM "linux/amd64").SPDX }}' > sbom-openresty.json
docker buildx imagetools inspect localhost:5000/opentracing/openresty:${{ steps.meta.outputs.version }} --format '{{ json (index .Provenance "linux/amd64").SLSA }}' > provenance-openresty.json
docker buildx imagetools inspect localhost:5000/opentracing/openresty:${{ steps.meta.outputs.version }} --raw
- name: Scan SBOM
id: scan
uses: anchore/scan-action@v3
with:
sbom: "sbom-openresty.json"
only-fixed: true
add-cpes-if-none: true
fail-build: false

- name: Upload scan result to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
continue-on-error: true
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
if: always()

- name: Upload Scan Results
uses: actions/upload-artifact@v4
continue-on-error: true
with:
name: scan-results-openresty
path: |
${{ steps.scan.outputs.sarif }}
*.json
if: always()
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -20,4 +20,4 @@ test:

.PHONY: clean
clean:
rm -fr test-log
rm -fr test/test-log
12 changes: 0 additions & 12 deletions ci/do_ci.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,18 +9,6 @@ if [[ "$1" == "build" ]]; then
mkdir -p "${BUILD_DIR}"
./ci/build_nginx_opentracing_module.sh
exit 0
elif [[ "$1" == "push_docker_image" ]]; then
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
VERSION_TAG="$(git describe --abbrev=0 --tags)"
VERSION="${VERSION_TAG/v/}"

# openresty
docker build -t opentracing/openresty -f Dockerfile-openresty .
docker tag opentracing/openresty opentracing/openresty:${VERSION}
docker push opentracing/openresty:${VERSION}
docker tag opentracing/openresty opentracing/openresty:latest
docker push opentracing/openresty:latest
exit 0
else
echo "Invalid do_ci.sh target"
exit 1
Expand Down

0 comments on commit 31a0a75

Please sign in to comment.