From c698d366a40fb6301d63c077fb9474bd3decdc9b Mon Sep 17 00:00:00 2001 From: Dominik Rosiek Date: Mon, 22 Apr 2024 16:10:58 +0200 Subject: [PATCH] chore: add script and action to sync repositories Signed-off-by: Dominik Rosiek --- .github/workflows/sync-repositories.yml | 29 +++++++++++ .../workflows/workflow-sync-repositories.yaml | 48 +++++++++++++++++++ ci/sync-repository.sh | 5 ++ shell.nix | 1 + 4 files changed, 83 insertions(+) create mode 100644 .github/workflows/sync-repositories.yml create mode 100644 .github/workflows/workflow-sync-repositories.yaml create mode 100644 ci/sync-repository.sh diff --git a/.github/workflows/sync-repositories.yml b/.github/workflows/sync-repositories.yml new file mode 100644 index 0000000000..86855766e4 --- /dev/null +++ b/.github/workflows/sync-repositories.yml @@ -0,0 +1,29 @@ +name: Dev builds + +on: + push: + branches: + - drosiek-sync-container-repositories + +jobs: + sync-repositories: + strategy: + matrix: + include: + - docker_username: DOCKERHUB_LOGIN_BUSYBOX + docker_password: DOCKERHUB_PASSWORD_BUSYBOX + aws_access_key: AWS_ACCESS_KEY_ID_BUSYBOX + aws_secret_access_key: AWS_SECRET_ACCESS_KEY_BUSYBOX + src_repository: docker.io/busybox + dest_docker_namespace: docker.io/sumologic + dest_ecr_namespace: public.ecr.aws/a4t4y2n3 + uses: ./.github/workflows/workflow-sync-repositories.yaml + with: + src_repository: ${{ matrix.src_repository }} + dest_docker_namespace: ${{ matrix.dest_docker_namespace }} + dest_ecr_namespace: ${{ matrix.dest_ecr_namespace }} + secrets: + DOCKER_USERNAME: ${{ secrets[matrix.docker_username] }} + DOCKER_PASSWORD: ${{ secrets[matrix.docker_password] }} + AWS_ACCESS_KEY_ID: ${{ secrets[matrix.aws_access_key] }} + AWS_SECRET_ACCESS_KEY: ${{ secrets[matrix.aws_secret_access_key] }} diff --git a/.github/workflows/workflow-sync-repositories.yaml b/.github/workflows/workflow-sync-repositories.yaml new file mode 100644 index 0000000000..1dde441c61 --- /dev/null +++ b/.github/workflows/workflow-sync-repositories.yaml @@ -0,0 +1,48 @@ +name: Sync container repository + +on: + workflow_call: + inputs: + src_repository: + description: Source repository + required: true + type: string + dest_docker_namespace: + description: Destination DockerHub repository + required: true + type: string + dest_ecr_namespace: + description: Destination ECR repository + required: true + type: string + secrets: + DOCKER_USERNAME: + required: true + DOCKER_PASSWORD: + required: true + AWS_ACCESS_KEY_ID: + required: true + AWS_SECRET_ACCESS_KEY: + required: true + +jobs: + build-and-push-image: + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v4 + - name: Install skopep + run: apt-get install skopeo + - name: Login to Docker Hub + uses: docker/login-action@v3.1.0 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Synchronize image to Docker Hub repository + run: ./ci/sync-repository.sh ${{ inputs.src_repository }} ${{ inputs.dest_docker_namespace }} + - name: Login to ECR + run: make login-ecr + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + - name: Synchronize image to ECR repository + run: ./ci/sync-repository.sh ${{ inputs.src_repository }} ${{ inputs.dest_ecr_namespace }} diff --git a/ci/sync-repository.sh b/ci/sync-repository.sh new file mode 100644 index 0000000000..144228d3c7 --- /dev/null +++ b/ci/sync-repository.sh @@ -0,0 +1,5 @@ +#!/usr/bin/bash + +SRC_REPOSITORY=${1} +DESTINATION_NAMESPACE=${2} +skopeo --insecure-policy sync --src ${SRC_REPOSITORY} --dest docker ${DESTINATION_NAMESPACE} diff --git a/shell.nix b/shell.nix index 380542c366..415a60cde3 100644 --- a/shell.nix +++ b/shell.nix @@ -30,6 +30,7 @@ pkgs.mkShell { pkgs.golangci-lint pkgs.go pkgs.kind + pkgs.skopeo ]; } ## Output of `make tool-versions`: