-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
8aa4a30
commit 2ecad25
Showing
14 changed files
with
2,319 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
# OCI Info | ||
|
||
GitHub Action to interacting with OCI (Open Container Initiative) registries. | ||
|
||
## Example | ||
|
||
```yml | ||
|
||
name: oci-info | ||
on: | ||
workflow_dispatch: | ||
jobs: | ||
oci-info: | ||
name: list-tags | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: get tags | ||
id: tags | ||
uses: greenbone/actions/oci-info@v3 | ||
with: | ||
repository: opensight-postgres | ||
namespace: greenbone | ||
- name: Print tags | ||
run: echo "${{ steps.tags.outputs.output }}" | ||
``` | ||
## Action Configuration | ||
|
||
| Input Variable | Description | | | ||
| ------------------------- | -------------------------------------------------------------------------------------------------------------- | -------- | | ||
| command | Available commands are list-tags, compare-tag-annotation. Default is list-tags . | Optional | | ||
| repository | Repository name. | Required | | ||
| namespace | Namespace for the registry. | Required | | ||
| user | User for the registry login. | Optional | | ||
| password | Password/token for the registry login. | Optional | | ||
| reg-domain | Registry domain. Default is ghcr.io . | Optional | | ||
| reg-auth-domain | Registry authentication domain. Default is ghcr.io . | Optional | | ||
| reg-auth-service | Registry authentication service. Default is ghcr.io . | Optional | | ||
| tag | Tag to compare. Required if command is compare-tag-annotation. | Optional | | ||
| architecture | Annotation from architecture to compare. Default is amd64 . | Optional | | ||
| compare-repository | Compare repository name. Required if command is compare-tag-annotation. | Optional | | ||
| annotation | Annotation to compare. Default is org.opencontainers.image.created . | Optional | | ||
| mode | Compare mode. Available commands are eq, lt and gt. Default is eq . | Optional | | ||
| compare-namespace | Compare registry Namespace. Default is library . | Optional | | ||
| compare-reg-domain | Compare registry domain. Default is registry-1.docker.io . | Optional | | ||
| compare-reg-auth-domain | Compare registry authentication domain. Default is auth.docker.io . | Optional | | ||
| compare-reg-auth-service | Compare registry authentication service. Default is registry.docker.io . | Optional | | ||
| compare-user | User for the compare registry login. | Optional | | ||
| compare-password | Password for the compare registry login. | Optional | | ||
| python-version | Python version to use for running the action. Default is 3.11 . | Optional | | ||
| poetry-version | Use a specific poetry version. By default the latest release is used. | Optional | | ||
| cache-poetry-installation | Cache poetry and its dependencies. Default is 'true'. Set to an other string then 'true' to disable the cache. | Optional | | ||
|
||
## Action Output | ||
|
||
| Output Variable | Description | | ||
| --------------- | --------------------------- | | ||
| output | The oci-info stdout output. | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,161 @@ | ||
name: "OCI Info" | ||
description: "GitHub Action to interacting with OCI (Open Container Initiative) registries." | ||
|
||
inputs: | ||
command: | ||
description: "Available commands are list-tags, compare-tag-annotation. Default is list-tags ." | ||
required: true | ||
default: "list-tags" | ||
options: ["list-tags", "compare-tag-annotation"] | ||
repository: | ||
description: "Repository name." | ||
required: true | ||
namespace: | ||
description: "Namespace for the registry." | ||
required: true | ||
user: | ||
description: "User for the registry login." | ||
password: | ||
description: "Password/token for the registry login." | ||
reg-domain: | ||
description: "Registry domain. Default is ghcr.io ." | ||
reg-auth-domain: | ||
description: "Registry authentication domain. Default is ghcr.io ." | ||
reg-auth-service: | ||
description: "Registry authentication service. Default is ghcr.io ." | ||
tag: | ||
description: "Tag to compare. Required if command is compare-tag-annotation." | ||
architecture: | ||
description: "Annotation from architecture to compare. Default is amd64 ." | ||
compare-repository: | ||
description: "Compare repository name. Required if command is compare-tag-annotation." | ||
annotation: | ||
description: "Annotation to compare. Default is org.opencontainers.image.created ." | ||
mode: | ||
description: "Compare mode. Available commands are eq, lt and gt. Default is eq ." | ||
options: ["eq", "lt", "gt"] | ||
compare-namespace: | ||
description: "Compare registry Namespace. Default is library ." | ||
compare-reg-domain: | ||
description: "Compare registry domain. Default is registry-1.docker.io ." | ||
compare-reg-auth-domain: | ||
description: "Compare registry authentication domain. Default is auth.docker.io ." | ||
compare-reg-auth-service: | ||
description: "Compare registry authentication service. Default is registry.docker.io ." | ||
compare-user: | ||
description: "User for the compare registry login." | ||
compare-password: | ||
description: "Password for the compare registry login." | ||
python-version: | ||
description: "Python version to use for running the action. Default is 3.11 ." | ||
default: "3.11" | ||
poetry-version: | ||
description: "Use a specific poetry version. By default the latest release is used." | ||
cache-poetry-installation: | ||
description: "Cache poetry and its dependencies. Default is 'true'. Set to an other string then 'true' to disable the cache." | ||
default: "true" | ||
|
||
outputs: | ||
output: | ||
description: "The oci-info stdout output." | ||
value: ${{ steps.oci-info.outputs.output }} | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- name: Set up Python and Poetry | ||
uses: greenbone/actions/poetry@v3 | ||
with: | ||
python-version: ${{ inputs.python-version }} | ||
working-directory: ${{ github.action_path }} | ||
without-dev: "true" | ||
poetry-version: ${{ inputs.poetry-version }} | ||
cache-dependency-path: ${{ github.action_path }}/poetry.lock | ||
cache-poetry-installation: ${{ inputs.cache-poetry-installation }} | ||
|
||
- name: Run oci-info | ||
working-directory: ${{ github.action_path }} | ||
shell: bash | ||
id: oci-info | ||
run: | | ||
cmd=() | ||
if [ "${{ inputs.repository }}" ]; then | ||
cmd+=(--repository "${{ inputs.repository }}") | ||
fi | ||
if [ "${{ inputs.namespace }}" ]; then | ||
cmd+=(--namespace "${{ inputs.namespace }}") | ||
fi | ||
if [ "${{ inputs.user }}" ]; then | ||
cmd+=(--user "${{ inputs.user }}") | ||
fi | ||
if [ "${{ inputs.password }}" ]; then | ||
cmd+=(--password "${{ inputs.password }}") | ||
fi | ||
if [ "${{ inputs.reg-domain }}" ]; then | ||
cmd+=(--reg-domain "${{ inputs.reg-domain }}") | ||
fi | ||
if [ "${{ inputs.reg-auth-domain }}" ]; then | ||
cmd+=(--reg-auth-domain "${{ inputs.reg-auth-domain }}") | ||
fi | ||
if [ "${{ inputs.reg-auth-service }}" ]; then | ||
cmd+=(--reg-auth-service "${{ inputs.reg-auth-service }}") | ||
fi | ||
if [ "${{ inputs.command }}" ]; then | ||
cmd+=("${{ inputs.command }}") | ||
fi | ||
if [ "${{ inputs.tag }}" ]; then | ||
cmd+=(--tag "${{ inputs.tag }}") | ||
fi | ||
if [ "${{ inputs.architecture }}" ]; then | ||
cmd+=(--architecture "${{ inputs.architecture }}") | ||
fi | ||
if [ "${{ inputs.mode }}" ]; then | ||
cmd+=(--mode "${{ inputs.mode }}") | ||
fi | ||
if [ "${{ inputs.compare-repository }}" ]; then | ||
cmd+=(--compare-repository "${{ inputs.compare-repository }}") | ||
fi | ||
if [ "${{ inputs.annotation }}" ]; then | ||
cmd+=(--annotation "${{ inputs.annotation }}") | ||
fi | ||
if [ "${{ inputs.compare-namespace }}" ]; then | ||
cmd+=(--compare-namespace "${{ inputs.compare-namespace }}") | ||
fi | ||
if [ "${{ inputs.compare-reg-domain }}" ]; then | ||
cmd+=(--compare-reg-domain "${{ inputs.compare-reg-domain }}") | ||
fi | ||
if [ "${{ inputs.compare-reg-auth-domain }}" ]; then | ||
cmd+=(--compare-reg-auth-domain "${{ inputs.compare-reg-auth-domain }}") | ||
fi | ||
if [ "${{ inputs.compare-reg-auth-service }}" ]; then | ||
cmd+=(--compare-reg-auth-service "${{ inputs.compare-reg-auth-service }}") | ||
fi | ||
if [ "${{ inputs.compare-user }}" ]; then | ||
cmd+=(--compare-user "${{ inputs.compare-user }}") | ||
fi | ||
if [ "${{ inputs.compare-password }}" ]; then | ||
cmd+=(--compare-password "${{ inputs.compare-password }}") | ||
fi | ||
# We need a clear exit code | ||
output=$(poetry run oci-info "${cmd[@]}") | ||
echo "output=$output" >> "$GITHUB_OUTPUT" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# SPDX-FileCopyrightText: 2024 Greenbone AG | ||
# | ||
# SPDX-License-Identifier: AGPL-3.0-or-later |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
# pylint: disable=invalid-name | ||
|
||
# THIS IS AN AUTOGENERATED FILE. DO NOT TOUCH! | ||
|
||
__version__ = "0.1.0" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,130 @@ | ||
# SPDX-FileCopyrightText: 2024 Greenbone AG | ||
# | ||
# SPDX-License-Identifier: AGPL-3.0-or-later | ||
|
||
""" | ||
Module to parse command-line arguments. | ||
""" | ||
|
||
from argparse import ArgumentParser, Namespace | ||
from typing import Optional, Sequence | ||
|
||
import shtab | ||
|
||
|
||
def parse_args(args: Optional[Sequence[str]] = None) -> Namespace: | ||
""" | ||
Parse command-line arguments. | ||
Args: | ||
args: List of command-line arguments. | ||
Returns: | ||
Parsed arguments. | ||
""" | ||
|
||
parser = ArgumentParser( | ||
description="Interact with OCI (Open Container Initiative) compliant registries." | ||
) | ||
subparsers = parser.add_subparsers( | ||
dest="command", help="Available commands", required=True | ||
) | ||
shtab.add_argument_to(parser) | ||
|
||
parser.add_argument("--repository", help="Repository name", required=True) | ||
parser.add_argument( | ||
"--namespace", | ||
help="Namespace for the registry", | ||
required=True, | ||
) | ||
parser.add_argument( | ||
"--user", | ||
help="User for the registry login", | ||
) | ||
parser.add_argument( | ||
"--password", | ||
help="Password for the registry login", | ||
) | ||
parser.add_argument( | ||
"--reg-domain", | ||
help="Registry domain", | ||
default="ghcr.io", | ||
) | ||
parser.add_argument( | ||
"--reg-auth-domain", | ||
help="Registry authentication domain", | ||
default="ghcr.io", | ||
) | ||
parser.add_argument( | ||
"--reg-auth-service", | ||
help="Registry authentication service", | ||
default="ghcr.io", | ||
) | ||
|
||
# list_tags_parser | ||
list_tags_parser = subparsers.add_parser( | ||
"list-tags", | ||
help="List tags of an repository in an OCI compliant registry", | ||
) | ||
|
||
# compare_annotations_parser | ||
compare_annotations_parser = subparsers.add_parser( | ||
"compare-tag-annotation", | ||
help="Compare repository annotations in different registries", | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--tag", help="Tag to compare", required=True | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--architecture", | ||
help="Annotation from architecture to compare", | ||
default="amd64", | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--compare-repository", | ||
help="Compare repository name", | ||
required=True, | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--annotation", | ||
help="Annotation to compare", | ||
default="org.opencontainers.image.created", | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--mode", | ||
help="Annotation to compare", | ||
default="eq", | ||
choices=["eq", "lt", "gt"], | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--compare-namespace", | ||
help="Compare registry Namespace", | ||
default="library", | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--compare-reg-domain", | ||
help="Compare registry domain", | ||
default="registry-1.docker.io", | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--compare-reg-auth-domain", | ||
help="Compare registry authentication domain", | ||
default="auth.docker.io", | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--compare-reg-auth-service", | ||
help="Compare registry authentication service", | ||
default="registry.docker.io", | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--compare-user", | ||
help="User for the compare registry login", | ||
default=None, | ||
) | ||
compare_annotations_parser.add_argument( | ||
"--compare-password", | ||
help="Password for the compare registry login", | ||
default=None, | ||
) | ||
|
||
return parser.parse_args(args) |
Oops, something went wrong.