feat: Add possibility to configure securityContext for each pod
#291
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Node-RED container | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| nr_project_nodes_release_name: | |
| description: 'nr-project-nodes package version' | |
| required: false | |
| default: 'nightly' | |
| nr_project_nodes_ref: | |
| description: 'nr-project-nodes package ref' | |
| required: false | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref_name }} | |
| cancel-in-progress: true | |
| jobs: | |
| build-302: | |
| name: Build 3.0.2 container images | |
| uses: flowfuse/github-actions-workflows/.github/workflows/build_container_image.yml@v0.2.1 | |
| with: | |
| image_name: 'node-red' | |
| dockerfile_path: Dockerfile | |
| image_tag_prefix: '3.0.2-' | |
| package_dependencies: | | |
| @flowforge/nr-project-nodes | |
| build_context: 'node-red-container' | |
| npm_registry_url: ${{ vars.PUBLIC_NPM_REGISTRY_URL }} | |
| scan_image: true | |
| secrets: | |
| npm_registry_auth_token: ${{ secrets.NPM_PUBLISH_TOKEN }} | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| build-302-multi-architecture: | |
| name: Build multi-architecture container image | |
| needs: build-302 | |
| uses: flowfuse/github-actions-workflows/.github/workflows/merge_multiarch_images.yml@v0.2.0 | |
| with: | |
| image_name: 'node-red' | |
| image_tag_prefix: '3.0.2-' | |
| secrets: | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| upload-302-stage: | |
| name: Upload image to staging ECR | |
| needs: build-302-multi-architecture | |
| uses: flowfuse/github-actions-workflows/.github/workflows/deploy_container_image.yml@v0.2.0 | |
| with: | |
| environment: stage | |
| service_name: 'node-red' | |
| deployment_name: 'node-red' | |
| container_name: 'node-red' | |
| deploy: false | |
| image: ${{ needs.build-302-multi-architecture.outputs.image }} | |
| image_tag_prefix: '3.0.2-' | |
| secrets: | |
| aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws_secret_access_key: ${{ secrets.AWS_ACCESS_KEY_SECRET }} | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| eks_cluster_name: ${{ secrets.EKS_CLUSTER_NAME }} | |
| upload-302-prod: | |
| name: Upload image to production ECR | |
| if: github.ref_name == 'main' | |
| needs: build-302-multi-architecture | |
| uses: flowfuse/github-actions-workflows/.github/workflows/deploy_container_image.yml@v0.2.0 | |
| with: | |
| environment: production | |
| service_name: 'node-red' | |
| deployment_name: 'node-red' | |
| container_name: 'node-red' | |
| deploy: false | |
| image: ${{ needs.build-302-multi-architecture.outputs.image }} | |
| image_tag_prefix: '3.0.2-' | |
| secrets: | |
| aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws_secret_access_key: ${{ secrets.AWS_ACCESS_KEY_SECRET }} | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| eks_cluster_name: ${{ secrets.EKS_CLUSTER_NAME }} | |
| build-223: | |
| name: Build 2.2.3 container images | |
| uses: flowfuse/github-actions-workflows/.github/workflows/build_container_image.yml@v0.2.1 | |
| with: | |
| image_name: 'node-red' | |
| dockerfile_path: Dockerfile-2.2.x | |
| image_tag_prefix: '2.2.3-' | |
| package_dependencies: | | |
| @flowforge/nr-project-nodes | |
| build_context: 'node-red-container' | |
| npm_registry_url: ${{ vars.PUBLIC_NPM_REGISTRY_URL }} | |
| scan_image: true | |
| secrets: | |
| npm_registry_auth_token: ${{ secrets.NPM_PUBLISH_TOKEN }} | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| build-223-multi-architecture: | |
| name: Build multi-architecture container image | |
| needs: build-223 | |
| uses: flowfuse/github-actions-workflows/.github/workflows/merge_multiarch_images.yml@v0.2.0 | |
| with: | |
| image_name: 'node-red' | |
| image_tag_prefix: '2.2.3-' | |
| secrets: | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| upload-223-stage: | |
| name: Upload image to staging ECR | |
| needs: build-223-multi-architecture | |
| uses: flowfuse/github-actions-workflows/.github/workflows/deploy_container_image.yml@v0.2.0 | |
| with: | |
| environment: stage | |
| service_name: 'node-red' | |
| deployment_name: 'node-red' | |
| container_name: 'node-red' | |
| deploy: false | |
| image: ${{ needs.build-223-multi-architecture.outputs.image }} | |
| image_tag_prefix: '2.2.3-' | |
| secrets: | |
| aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws_secret_access_key: ${{ secrets.AWS_ACCESS_KEY_SECRET }} | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| eks_cluster_name: ${{ secrets.EKS_CLUSTER_NAME }} | |
| upload-223-prod: | |
| name: Upload image to production ECR | |
| if: github.ref_name == 'main' | |
| needs: build-223-multi-architecture | |
| uses: flowfuse/github-actions-workflows/.github/workflows/deploy_container_image.yml@v0.2.0 | |
| with: | |
| environment: production | |
| service_name: 'node-red' | |
| deployment_name: 'node-red' | |
| container_name: 'node-red' | |
| deploy: false | |
| image: ${{ needs.build-223-multi-architecture.outputs.image }} | |
| image_tag_prefix: '2.2.3-' | |
| secrets: | |
| aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws_secret_access_key: ${{ secrets.AWS_ACCESS_KEY_SECRET }} | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| eks_cluster_name: ${{ secrets.EKS_CLUSTER_NAME }} | |
| build-310: | |
| name: Build 3.1.x container images | |
| uses: flowfuse/github-actions-workflows/.github/workflows/build_container_image.yml@v0.2.1 | |
| with: | |
| image_name: 'node-red' | |
| dockerfile_path: Dockerfile-3.1 | |
| image_tag_prefix: '3.1.x-' | |
| package_dependencies: | | |
| @flowforge/nr-project-nodes | |
| build_context: 'node-red-container' | |
| npm_registry_url: ${{ vars.PUBLIC_NPM_REGISTRY_URL }} | |
| scan_image: true | |
| secrets: | |
| npm_registry_auth_token: ${{ secrets.NPM_PUBLISH_TOKEN }} | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| build-310-multi-architecture: | |
| name: Build multi-architecture container image | |
| needs: build-310 | |
| uses: flowfuse/github-actions-workflows/.github/workflows/merge_multiarch_images.yml@v0.2.0 | |
| with: | |
| image_name: 'node-red' | |
| image_tag_prefix: '3.1.x-' | |
| secrets: | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| upload-310-stage: | |
| name: Upload image to staging ECR | |
| needs: build-310-multi-architecture | |
| uses: flowfuse/github-actions-workflows/.github/workflows/deploy_container_image.yml@v0.2.0 | |
| with: | |
| environment: stage | |
| service_name: 'node-red' | |
| deployment_name: 'node-red' | |
| container_name: 'node-red' | |
| deploy: false | |
| image: ${{ needs.build-310-multi-architecture.outputs.image }} | |
| image_tag_prefix: '3.1.x-' | |
| secrets: | |
| aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws_secret_access_key: ${{ secrets.AWS_ACCESS_KEY_SECRET }} | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| eks_cluster_name: ${{ secrets.EKS_CLUSTER_NAME }} | |
| upload-310-prod: | |
| name: Upload image to production ECR | |
| if: github.ref_name == 'main' | |
| needs: build-310-multi-architecture | |
| uses: flowfuse/github-actions-workflows/.github/workflows/deploy_container_image.yml@v0.2.0 | |
| with: | |
| environment: production | |
| service_name: 'node-red' | |
| deployment_name: 'node-red' | |
| container_name: 'node-red' | |
| deploy: false | |
| image: ${{ needs.build-310-multi-architecture.outputs.image }} | |
| image_tag_prefix: '3.1.x-' | |
| secrets: | |
| aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws_secret_access_key: ${{ secrets.AWS_ACCESS_KEY_SECRET }} | |
| temporary_registry_token: ${{ secrets.GITHUB_TOKEN }} | |
| eks_cluster_name: ${{ secrets.EKS_CLUSTER_NAME }} |