-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add: container-build-push actions (#690)
- Loading branch information
1 parent
08eaac8
commit 9591da3
Showing
8 changed files
with
501 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
# Build and push container action for 3rd gen | ||
|
||
A action to build and push container image for 3rd gen. | ||
|
||
## Example | ||
|
||
```yml | ||
name: Build Container Image | ||
|
||
on: | ||
workflow_dispatch: | ||
|
||
permissions: | ||
contents: read | ||
packages: write | ||
id-token: write | ||
|
||
jobs: | ||
build: | ||
runs-on: "ubuntu-latest" | ||
steps: | ||
- name: Container build and push 3rd gen | ||
uses: greenbone/actions/container-build-push-3rd-gen@v2 | ||
with: | ||
image-url: my/app | ||
image-labels: my-label | ||
registry-password: ${{ secrets.GITHUB_TOKEN }} | ||
``` | ||
|
||
## Inputs | ||
|
||
| Name | Description | | | ||
|---------------------|----------------------------------------------------------------|----------| | ||
| build-context | Path to image build context. Default is the current directory. | Optional | | ||
| build-docker-file | Path to the docker file. Default is './Dockerfile'. | Optional | | ||
| build-args | Use these build-args for the docker build process. | Optional | | ||
| cosign-key | cosign key to sign the image. | Optional | | ||
| cosign-key-password | cosign key password. | Optional | | ||
| image-labels | Image labels. | Required | | ||
| image-url | Image url/name without registry. | Required | | ||
| image-platforms | Image platforms to build for. Default is 'linux/amd64'. | Optional | | ||
| registry-password | Registry password. | Required | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
name: Container build and push 3rd gen | ||
description: Container build and push action for 3rd gen. | ||
|
||
inputs: | ||
build-context: | ||
description: "Path to image build context. Default is the current directory." | ||
type: string | ||
default: . | ||
build-docker-file: | ||
description: "Path to the docker file. Default is './Dockerfile'." | ||
type: string | ||
default: ./Dockerfile | ||
build-args: | ||
description: "Use these build-args for the docker build process." | ||
type: string | ||
default: '' | ||
cosign-key: | ||
description: "cosign key to sign the image." | ||
type: string | ||
default: '' | ||
cosign-key-password: | ||
description: "cosign key password." | ||
type: string | ||
default: '' | ||
image-labels: | ||
description: "Image labels." | ||
type: string | ||
required: true | ||
image-url: | ||
description: "Image url/name without registry." | ||
type: string | ||
required: true | ||
image-platforms: | ||
description: "Image platforms to build for. Default is 'linux/amd64'." | ||
type: string | ||
default: linux/amd64 | ||
registry-password: | ||
description: "Registry password." | ||
type: string | ||
required: true | ||
|
||
branding: | ||
icon: "package" | ||
color: "green" | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- name: Container build and push 3rd gen | ||
uses: greenbone/actions/container-build-push-generic@v2 | ||
with: | ||
build-context: ${{ inputs.build-context }} | ||
build-docker-file: ${{ inputs.build-docker-file }} | ||
build-args: ${{ inputs.build-args }} | ||
cosign-key: ${{ inputs.cosign-key }} | ||
cosign-key-password: ${{ inputs.cosign-key-password }} | ||
image-url: ${{ inputs.image-url }} | ||
image-labels: ${{ inputs.image-labels }} | ||
image-tags: | | ||
# create container tag for git tags | ||
type=ref,event=tag,value=latest | ||
type=match,pattern=v(.*),group=1 | ||
type=ref,event=pr | ||
# use unstable for main branch | ||
type=raw,value=unstable,enable={{is_default_branch}} | ||
image-platforms: ${{ inputs.image-platforms }} | ||
registry: "ghcr.io" | ||
registry-username: ${{ github.actor }} | ||
registry-password: ${{ inputs.registry-password }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
# Build and push container action for docker.io | ||
|
||
A action to build and push container into docker.io. | ||
|
||
## Example | ||
|
||
```yml | ||
name: Build Container Image | ||
|
||
on: | ||
workflow_dispatch: | ||
|
||
permissions: | ||
contents: read | ||
packages: write | ||
id-token: write | ||
|
||
jobs: | ||
build: | ||
runs-on: "ubuntu-latest" | ||
steps: | ||
- name: Container build and push docker.io | ||
uses: greenbone/actions/container-build-push-docker@v2 | ||
with: | ||
image-url: my/app | ||
image-labels: my-labels | ||
image-tags: | | ||
type=ref,event=branch | ||
type=ref,event=pr | ||
type=semver,pattern={{version}} | ||
type=semver,pattern={{major}}.{{minor}} | ||
registry-username: my-user | ||
registry-password: my-passwort | ||
``` | ||
|
||
## Inputs | ||
|
||
| Name | Description | | | ||
|---------------------|-----------------------------------------------------|----------| | ||
| build-context | Path to image build context. Default "." | Optional | | ||
| build-docker-file | Path to the docker file. Default "./Dockerfile" | Optional | | ||
| build-args | Use these build-args for the docker build process. | Optional | | ||
| cosign-key | cosign key to sign the image. | Optional | | ||
| cosign-key-password | cosign key password. | Optional | | ||
| image-labels | Image labels. | Required | | ||
| image-url | Image url/name without registry. | Required | | ||
| image-platforms | Image platforms to build for. Default "linux/amd64" | Optional | | ||
| image-tags | Image tags. | Required | | ||
| registry-username | Login registry username. | Required | | ||
| registry-password | Login registry password. | Required | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
name: Container build and push docker.io | ||
|
||
inputs: | ||
build-context: | ||
description: "Path to image build context." | ||
type: string | ||
default: . | ||
build-docker-file: | ||
description: "Path to the docker file." | ||
type: string | ||
default: ./Dockerfile | ||
build-args: | ||
description: "Use these build-args for the docker build process." | ||
type: string | ||
default: '' | ||
cosign-key: | ||
description: "cosign key to sign the image." | ||
type: string | ||
default: '' | ||
cosign-key-password: | ||
description: "cosign key password." | ||
type: string | ||
default: '' | ||
image-labels: | ||
description: "Image labels." | ||
type: string | ||
required: true | ||
image-url: | ||
description: "Image url/name without registry." | ||
type: string | ||
required: true | ||
image-tags: | ||
description: "Image tags." | ||
type: string | ||
required: true | ||
image-platforms: | ||
description: "Image platforms to build for." | ||
type: string | ||
default: linux/amd64 | ||
registry-username: | ||
description: "Registry username for login." | ||
type: string | ||
required: true | ||
registry-password: | ||
description: "Registry password." | ||
type: string | ||
required: true | ||
|
||
branding: | ||
icon: "package" | ||
color: "green" | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- name: Container build and push docker.io | ||
uses: greenbone/actions/container-build-push-generic@v2 | ||
with: | ||
build-context: ${{ inputs.build-context }} | ||
build-docker-file: ${{ inputs.build-docker-file }} | ||
build-args: ${{ inputs.build-args }} | ||
cosign-key: ${{ inputs.cosign-key }} | ||
cosign-key-password: ${{ inputs.cosign-key-password }} | ||
image-url: ${{ inputs.image-url }} | ||
image-labels: ${{ inputs.image-labels }} | ||
image-tags: ${{ inputs.image-tags }} | ||
image-platforms: ${{ inputs.image-platforms }} | ||
registry: "docker.io" | ||
registry-username: ${{ inputs.registry-username }} | ||
registry-password: ${{ inputs.registry-password }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
# Build and push container generic action | ||
|
||
A action to build and push container image. | ||
|
||
## Example | ||
|
||
```yml | ||
name: Build Container Image | ||
|
||
on: | ||
workflow_dispatch: | ||
|
||
permissions: | ||
contents: read | ||
packages: write | ||
id-token: write | ||
|
||
jobs: | ||
build: | ||
runs-on: "ubuntu-latest" | ||
steps: | ||
- name: Container build and push docker.io | ||
uses: greenbone/actions/container-build-push-generic@v2 | ||
with: | ||
image-url: docker.io/my-image | ||
image-labels: my-labels | ||
image-tags: | | ||
type=ref,event=branch | ||
type=ref,event=pr | ||
type=semver,pattern={{version}} | ||
type=semver,pattern={{major}}.{{minor}} | ||
registry: "docker.io" | ||
registry-username: my-user | ||
registry-password: my-passwort | ||
``` | ||
|
||
## Inputs | ||
|
||
| Name | Description | | | ||
|---------------------|-----------------------------------------------------|----------| | ||
| build-context | Path to image build context. Default "." | Optional | | ||
| build-docker-file | Path to the docker file. Default "./Dockerfile" | Optional | | ||
| build-args | Use these build-args for the docker build process. | Optional | | ||
| cosign-key | cosign key to sign the image. | Optional | | ||
| cosign-key-password | cosign key password. | Optional | | ||
| image-labels | Image labels. | Required | | ||
| image-url | Image url/name without registry. | Required | | ||
| image-platforms | Image platforms to build for. Default "linux/amd64" | Optional | | ||
| image-tags | Image tags. | Required | | ||
| registry | Registry url. | Required | | ||
| registry-username | Login registry username. | Required | | ||
| registry-password | Login registry password. | Required | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
name: Container build and push | ||
description: Generic container build and push action. | ||
|
||
inputs: | ||
build-context: | ||
description: "Path to image build context." | ||
type: string | ||
default: . | ||
build-docker-file: | ||
description: "Path to the docker file." | ||
type: string | ||
default: ./Dockerfile | ||
build-args: | ||
description: "Use these build-args for the docker build process." | ||
type: string | ||
default: '' | ||
cosign-key: | ||
description: "cosign key to sign the image." | ||
type: string | ||
default: '' | ||
cosign-key-password: | ||
description: "cosign key password." | ||
type: string | ||
default: '' | ||
image-labels: | ||
description: "Image labels." | ||
type: string | ||
required: true | ||
image-url: | ||
description: "Image url/name without registry." | ||
type: string | ||
required: true | ||
image-tags: | ||
description: "Image tags." | ||
type: string | ||
required: true | ||
image-platforms: | ||
description: "Image platforms to build for." | ||
type: string | ||
default: linux/amd64 | ||
registry: | ||
description: "Registry url." | ||
type: string | ||
required: true | ||
registry-username: | ||
description: "Login registry username." | ||
type: string | ||
required: true | ||
registry-password: | ||
description: "Login registry password." | ||
type: string | ||
required: true | ||
|
||
branding: | ||
icon: "package" | ||
color: "green" | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v3 | ||
|
||
- name: Setup container meta information | ||
id: meta | ||
uses: docker/metadata-action@v4 | ||
with: | ||
images: ${{ inputs.image-url }} | ||
labels: ${{ inputs.image-labels }} | ||
tags: ${{ inputs.image-tags }} | ||
|
||
- name: Login to Docker Registry | ||
if: ${{ github.event_name != 'pull_request' }} | ||
uses: docker/login-action@v2 | ||
with: | ||
registry: ${{ inputs.registry }} | ||
username: ${{ inputs.registry-username }} | ||
password: ${{ inputs.registry-password }} | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: Build and push Container image | ||
id: build-and-push | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: ${{ inputs.build-context }} | ||
push: ${{ github.event_name != 'pull_request' }} | ||
platforms: ${{ inputs.image-platforms }} | ||
file: ${{ inputs.build-docker-file }} | ||
tags: ${{ steps.meta.outputs.tags }} | ||
labels: ${{ steps.meta.outputs.labels }} | ||
build-args: ${{ inputs.build-args }} | ||
|
||
- name: Container signing | ||
if: ${{ github.event_name != 'pull_request' }} | ||
uses: greenbone/actions/container-signing@v2 | ||
with: | ||
image-tags: ${{ steps.meta.outputs.tags }} | ||
image-digest: ${{ steps.build-and-push.outputs.digest }} | ||
cosign-key: ${{ inputs.cosign-key }} | ||
cosign-key-password: ${{ inputs.cosign-key-password }} |
Oops, something went wrong.