Skip to content
Build & Push Docker images

Merge pull request #13 from feidens/patch-1 #28

Sign in to view logs

Merge pull request #13 from feidens/patch-1

Merge pull request #13 from feidens/patch-1 #28

Workflow file for this run

.github/workflows/BuildPushDockerImage.yml at 04143be
# This action is builds and pushes the TLS-Anvil and ReportAnalyzer Docker images when:
# - a tag is pushed. This builds and pushes a Docker image with the name of the pushed tag and also creates a draft release.
# - a new commit is pushed to the main branch. The tag of the Docker image is set to 'latest'
# - a pull request to the main branch is created. The image is only built to check if everything compiles.
# This image is not pushed to the ghcr.io repository!
#
# NOTE: Both jobs are copy pasted (GitHub does not support yaml anchors...).
# So if you change something in one job, check the other job as well...
#
# The docker images are only pushed for events on the public repository.
name: Build & Push Docker images
on:
push:
branches:
- main
tags:
- 'v*'
env:
IS_RELEASE: ${{ contains(github.ref, 'refs/tag') }}
SHOULD_PUSH: ${{ github.event_name == 'push' && github.repository == 'tls-attacker/TLS-Anvil' }}
jobs:
tlsanvil:
name: TLS-Anvil
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Determine tag
run: |
if [[ $IS_RELEASE == 'true' ]]; then
echo "DOCKER_TAG=$GITHUB_REF_NAME" >> $GITHUB_ENV
else
echo "DOCKER_TAG=latest" >> $GITHUB_ENV
fi
- name: Build and Push Docker image
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64,linux/arm64
push: ${{ fromJSON(env.SHOULD_PUSH) }}
tags: 'ghcr.io/tls-attacker/tlsanvil:${{ env.DOCKER_TAG }}'
reportAnalyzer:
name: Report Analyzer
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Determine tag
run: |
if [[ $IS_RELEASE == 'true' ]]; then
echo "DOCKER_TAG=$GITHUB_REF_NAME" >> $GITHUB_ENV
else
echo "DOCKER_TAG=latest" >> $GITHUB_ENV
fi
- name: Build and Push Docker image
uses: docker/build-push-action@v3
with:
context: ./Report-Analyzer
push: ${{ fromJSON(env.SHOULD_PUSH) }}
tags: 'ghcr.io/tls-attacker/tlsanvil-reportanalyzer:${{ env.DOCKER_TAG }}'
uploader:
name: Report Uploader
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Determine tag
run: |
if [[ $IS_RELEASE == 'true' ]]; then
echo "DOCKER_TAG=$GITHUB_REF_NAME" >> $GITHUB_ENV
else
echo "DOCKER_TAG=latest" >> $GITHUB_ENV
fi
- name: Build and Push Docker image
uses: docker/build-push-action@v3
with:
context: ./Report-Analyzer/src/backend/uploader
push: ${{ fromJSON(env.SHOULD_PUSH) }}
tags: 'ghcr.io/tls-attacker/tlsanvil-result-uploader:${{ env.DOCKER_TAG }}'
createRelease:
name: Create release
runs-on: ubuntu-latest
needs: tlsanvil
steps:
- name: Get Artifacts from Docker image
if: env.IS_RELEASE == 'true' && env.SHOULD_PUSH == 'true'
run: |
id=$(docker create ghcr.io/tls-attacker/tlsanvil:$GITHUB_REF_NAME)
docker cp $id:/apps/ - > TLS-Anvil.jar.tar
docker rm -v $id
- name: GH Release
uses: softprops/action-gh-release@v0.1.14
if: env.IS_RELEASE == 'true' && env.SHOULD_PUSH == 'true'
with:
files: TLS-Anvil.jar.tar
generate_release_notes: true
draft: true