From b2cc945b9e63a7ac08baabd53aca9ac298da15e5 Mon Sep 17 00:00:00 2001 From: Rintaro Okamura Date: Wed, 27 Jan 2021 10:27:41 +0900 Subject: [PATCH 1/5] :fire: Remove cache-docker-layers step Signed-off-by: Rintaro Okamura --- .github/workflows/dockers-agent-ngt-image.yml | 10 +--------- .github/workflows/dockers-agent-sidecar-image.yml | 10 +--------- .../dockers-backup-manager-cassandra-image.yml | 10 +--------- .../workflows/dockers-backup-manager-mysql-image.yml | 10 +--------- .github/workflows/dockers-base-image.yml | 10 +--------- .github/workflows/dockers-ci-container-image.yml | 10 +--------- .github/workflows/dockers-dev-container-image.yml | 10 +--------- .github/workflows/dockers-discoverer-k8s-image.yml | 10 +--------- .github/workflows/dockers-gateway-backup-image.yml | 10 +--------- .github/workflows/dockers-gateway-lb-image.yml | 10 +--------- .github/workflows/dockers-gateway-meta-image.yml | 10 +--------- .github/workflows/dockers-gateway-vald-image.yml | 10 +--------- .github/workflows/dockers-helm-operator-image.yml | 10 +--------- .github/workflows/dockers-loadtest-image.yml | 10 +--------- .github/workflows/dockers-manager-compressor-image.yml | 10 +--------- .github/workflows/dockers-manager-index-image.yml | 10 +--------- .github/workflows/dockers-meta-cassandra-image.yml | 10 +--------- .github/workflows/dockers-meta-redis-image.yml | 10 +--------- 18 files changed, 18 insertions(+), 162 deletions(-) diff --git a/.github/workflows/dockers-agent-ngt-image.yml b/.github/workflows/dockers-agent-ngt-image.yml index 31faf9bd4b..103b5e4e1b 100644 --- a/.github/workflows/dockers-agent-ngt-image.yml +++ b/.github/workflows/dockers-agent-ngt-image.yml @@ -67,13 +67,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-agent-ngt-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-agent-ngt- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -136,13 +129,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/agent-ngt env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-agent-sidecar-image.yml b/.github/workflows/dockers-agent-sidecar-image.yml index 7977d85485..3ca7c6374b 100644 --- a/.github/workflows/dockers-agent-sidecar-image.yml +++ b/.github/workflows/dockers-agent-sidecar-image.yml @@ -67,13 +67,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-agent-sidecar-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-agent-sidecar- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -136,13 +129,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/agent-sidecar env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-backup-manager-cassandra-image.yml b/.github/workflows/dockers-backup-manager-cassandra-image.yml index 9414a026c3..77f8bbde39 100644 --- a/.github/workflows/dockers-backup-manager-cassandra-image.yml +++ b/.github/workflows/dockers-backup-manager-cassandra-image.yml @@ -69,13 +69,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-manager-backup-cassandra-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-manager-backup-cassandra- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -138,13 +131,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/backup-manager-cassandra env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-backup-manager-mysql-image.yml b/.github/workflows/dockers-backup-manager-mysql-image.yml index fa88429156..b55ccff153 100644 --- a/.github/workflows/dockers-backup-manager-mysql-image.yml +++ b/.github/workflows/dockers-backup-manager-mysql-image.yml @@ -67,13 +67,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-manager-backup-mysql-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-manager-backup-mysql- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -136,13 +129,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/backup-manager-mysql env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-base-image.yml b/.github/workflows/dockers-base-image.yml index 624b8d0edf..0dbcf1fc01 100644 --- a/.github/workflows/dockers-base-image.yml +++ b/.github/workflows/dockers-base-image.yml @@ -46,13 +46,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-base-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-base- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -105,12 +98,11 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/base env: DOCKER_BUILDKIT: 1 PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" diff --git a/.github/workflows/dockers-ci-container-image.yml b/.github/workflows/dockers-ci-container-image.yml index 28f133ce28..a51bd13a9b 100644 --- a/.github/workflows/dockers-ci-container-image.yml +++ b/.github/workflows/dockers-ci-container-image.yml @@ -42,13 +42,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-ci-container-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-ci-container- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -99,12 +92,11 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/ci-container env: DOCKER_BUILDKIT: 1 PLATFORMS: linux/amd64 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" diff --git a/.github/workflows/dockers-dev-container-image.yml b/.github/workflows/dockers-dev-container-image.yml index f01896baa5..577b6f7ca4 100644 --- a/.github/workflows/dockers-dev-container-image.yml +++ b/.github/workflows/dockers-dev-container-image.yml @@ -42,13 +42,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-dev-container-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-dev-container- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -99,12 +92,11 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/dev-container env: DOCKER_BUILDKIT: 1 PLATFORMS: linux/amd64 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" diff --git a/.github/workflows/dockers-discoverer-k8s-image.yml b/.github/workflows/dockers-discoverer-k8s-image.yml index 21cbb91bff..afa03ee06c 100644 --- a/.github/workflows/dockers-discoverer-k8s-image.yml +++ b/.github/workflows/dockers-discoverer-k8s-image.yml @@ -63,13 +63,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-discoverer-k8s-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-discoverer-k8s- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -132,13 +125,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/discoverer-k8s env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-gateway-backup-image.yml b/.github/workflows/dockers-gateway-backup-image.yml index 0425fc4e34..5b93e9cc53 100644 --- a/.github/workflows/dockers-gateway-backup-image.yml +++ b/.github/workflows/dockers-gateway-backup-image.yml @@ -69,13 +69,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-gateway-backup-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-gateway-backup- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -138,13 +131,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/gateway-backup env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-gateway-lb-image.yml b/.github/workflows/dockers-gateway-lb-image.yml index 1a9ea774d5..3bc6ba823a 100644 --- a/.github/workflows/dockers-gateway-lb-image.yml +++ b/.github/workflows/dockers-gateway-lb-image.yml @@ -69,13 +69,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-gateway-lb-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-gateway-lb- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -138,13 +131,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/gateway-lb env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-gateway-meta-image.yml b/.github/workflows/dockers-gateway-meta-image.yml index 1060f61be5..aa5f58d172 100644 --- a/.github/workflows/dockers-gateway-meta-image.yml +++ b/.github/workflows/dockers-gateway-meta-image.yml @@ -69,13 +69,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-gateway-meta-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-gateway-meta- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -138,13 +131,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/gateway-meta env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-gateway-vald-image.yml b/.github/workflows/dockers-gateway-vald-image.yml index 87ab5e18fb..b108b88158 100644 --- a/.github/workflows/dockers-gateway-vald-image.yml +++ b/.github/workflows/dockers-gateway-vald-image.yml @@ -65,13 +65,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-gateway-vald-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-gateway-vald- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -134,13 +127,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/gateway-vald env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-helm-operator-image.yml b/.github/workflows/dockers-helm-operator-image.yml index 6520d76e61..80184295b1 100644 --- a/.github/workflows/dockers-helm-operator-image.yml +++ b/.github/workflows/dockers-helm-operator-image.yml @@ -57,13 +57,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-helm-operator-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-helm-operator- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -126,13 +119,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/operator/helm env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-loadtest-image.yml b/.github/workflows/dockers-loadtest-image.yml index b306e6a794..32f0ee6e14 100644 --- a/.github/workflows/dockers-loadtest-image.yml +++ b/.github/workflows/dockers-loadtest-image.yml @@ -65,13 +65,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-loadtest-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-loadtest- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -123,14 +116,13 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/loadtest env: DOCKER_BUILDKIT: 1 PLATFORMS: linux/amd64 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-manager-compressor-image.yml b/.github/workflows/dockers-manager-compressor-image.yml index 59b58bc3c6..1e78cf011b 100644 --- a/.github/workflows/dockers-manager-compressor-image.yml +++ b/.github/workflows/dockers-manager-compressor-image.yml @@ -65,13 +65,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-manager-compressor-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-manager-compressor- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -134,13 +127,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/manager-compressor env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-manager-index-image.yml b/.github/workflows/dockers-manager-index-image.yml index bf75e25fb7..c1420f182d 100644 --- a/.github/workflows/dockers-manager-index-image.yml +++ b/.github/workflows/dockers-manager-index-image.yml @@ -65,13 +65,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-manager-index-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-manager-index- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -134,13 +127,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/manager-index env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-meta-cassandra-image.yml b/.github/workflows/dockers-meta-cassandra-image.yml index 85e01b808e..e4c73d453c 100644 --- a/.github/workflows/dockers-meta-cassandra-image.yml +++ b/.github/workflows/dockers-meta-cassandra-image.yml @@ -67,13 +67,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-meta-cassandra-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-meta-cassandra- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -136,13 +129,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/meta-cassandra env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') diff --git a/.github/workflows/dockers-meta-redis-image.yml b/.github/workflows/dockers-meta-redis-image.yml index 9ce8350980..50257dbe94 100644 --- a/.github/workflows/dockers-meta-redis-image.yml +++ b/.github/workflows/dockers-meta-redis-image.yml @@ -67,13 +67,6 @@ jobs: uses: docker/setup-buildx-action@v1 with: buildkitd-flags: "--debug" - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-vald-meta-redis-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-vald-meta-redis- - name: Login to DockerHub uses: docker/login-action@v1 with: @@ -136,13 +129,12 @@ jobs: run: | make \ DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ TAG="${PRIMARY_TAG}" \ docker/build/meta-redis env: DOCKER_BUILDKIT: 1 BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') From 73fdf4b196f4b9c1a47296bffc4a670b48e0cf28 Mon Sep 17 00:00:00 2001 From: Rintaro Okamura Date: Wed, 27 Jan 2021 16:34:17 +0900 Subject: [PATCH 2/5] :recycle: Add internal action/docker-build Signed-off-by: Rintaro Okamura :pencil2: Remove blankline Signed-off-by: Rintaro Okamura :bug: Fix uses statement Signed-off-by: Rintaro Okamura :pencil2: Fix typo Signed-off-by: Rintaro Okamura :pencil2: Fix typo Signed-off-by: Rintaro Okamura :sparkles: Add logs Signed-off-by: Rintaro Okamura :green_heart: Fix bug on if-else Signed-off-by: Rintaro Okamura --- .github/actions/docker-build/action.yaml | 105 ++++++++++++++++++ .github/workflows/dockers-agent-ngt-image.yml | 68 ++---------- 2 files changed, 113 insertions(+), 60 deletions(-) create mode 100644 .github/actions/docker-build/action.yaml diff --git a/.github/actions/docker-build/action.yaml b/.github/actions/docker-build/action.yaml new file mode 100644 index 0000000000..90c32ec8e5 --- /dev/null +++ b/.github/actions/docker-build/action.yaml @@ -0,0 +1,105 @@ +name: 'Build Docker images' +description: 'Build Docker images and publish them' +inputs: + target: + description: 'build target' + required: true + default: 'base' + builder: + description: 'buildx builder name' + required: true + default: '' +outputs: + IMAGE_NAME: + description: "image name" + value: ${{ steps.image_name.outputs.IMAGE_NAME }} + ALTER_IMAGE_NAME: + description: "alter image name" + value: ${{ steps.image_name.outputs.ALTER_IMAGE_NAME }} + PRIMARY_TAG: + description: "primary tag" + value: ${{ steps.determine_tag_name.outputs.PRIMARY_TAG }} + PLATFORMS: + description: "target platforms" + value: ${{ steps.determine_platforms.outputs.PLATFORMS }} + EXTRA_TAGS: + description: "extra tags" + value: ${{ steps.add_extra_tags.outputs.EXTRA_TAGS }} +runs: + using: "composite" + steps: + - name: Image name + shell: bash + id: image_name + run: | + image_name=`make docker/name/${TARGET}` + alter_org=`make docker/name/org/alter` + alter_image_name=`make ORG="${alter_org}" docker/name/${TARGET}` + echo "IMAGE_NAME is: ${image_name}" + echo "ALTER_IMAGE_NAME is: ${alter_image_name}" + echo "::set-output name=IMAGE_NAME::${image_name}" + echo "::set-output name=ALTER_IMAGE_NAME::${alter_image_name}" + env: + TARGET: ${{ inputs.target }} + - name: Determine tag name + shell: bash + id: determine_tag_name + run: | + if [[ "$GITHUB_REF" =~ ^refs/tags/.* ]]; then + tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` + primary_tag="${tag_name}" + elif [ "$GITHUB_REF" = "refs/heads/master" ]; then + echo "nightly" > versions/VALD_VERSION + primary_tag="nightly" + elif [ "${{ github.event_name }}" = "pull_request" ]; then + pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` + echo "PR-${pr_num}" > versions/VALD_VERSION + primary_tag="pr-${pr_num}" + else + primary_tag="unknown" + fi + echo "PRIMARY_TAG is determined: ${primary_tag}" + echo "::set-output name=PRIMARY_TAG::${primary_tag}" + - name: Determine platforms + shell: bash + id: determine_platforms + run: | + if [ "${{ github.event_name }}" = "pull_request" ]; then + platforms="linux/amd64" + else + platforms=`make docker/platforms` + fi + echo "PLATFORMS is determined: ${platforms}" + echo "::set-output name=PLATFORMS::${platforms}" + - name: Add extra tags + shell: bash + id: add_extra_tags + run: | + extra_tags="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" + if [[ "$GITHUB_REF" =~ ^refs/tags/.* ]]; then + latest_tags="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" + extra_tags="${extra_tags} ${latest_tags}" + fi + echo "EXTRA_TAGS is determined: ${extra_tags}" + echo "::set-output name=EXTRA_TAGS::${extra_tags}" + env: + IMAGE_NAME: ${{ steps.image_name.outputs.IMAGE_NAME }} + ALTER_IMAGE_NAME: ${{ steps.image_name.outputs.ALTER_IMAGE_NAME }} + PRIMARY_TAG: ${{ steps.determine_tag_name.outputs.PRIMARY_TAG }} + - name: Build and Push + shell: bash + id: build_and_push + run: | + make \ + DOCKER="docker buildx" \ + DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} --push" \ + TAG="${PRIMARY_TAG}" \ + docker/build/${TARGET} + env: + TARGET: ${{ inputs.target }} + DOCKER_BUILDKIT: "1" + PLATFORMS: ${{ steps.determine_platforms.outputs.PLATFORMS }} + BUILDER: ${{ inputs.builder }} + LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + EXTRA_TAGS: ${{ steps.add_extra_tags.outputs.EXTRA_TAGS }} + PRIMARY_TAG: ${{ steps.determine_tag_name.outputs.PRIMARY_TAG }} diff --git a/.github/workflows/dockers-agent-ngt-image.yml b/.github/workflows/dockers-agent-ngt-image.yml index 103b5e4e1b..c966c92d5a 100644 --- a/.github/workflows/dockers-agent-ngt-image.yml +++ b/.github/workflows/dockers-agent-ngt-image.yml @@ -78,64 +78,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/agent-ngt` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/agent-ngt` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/agent-ngt - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: agent-ngt + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -143,13 +91,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" From 699cdc8ea1e05c5159115f89307f749365d3bda2 Mon Sep 17 00:00:00 2001 From: Rintaro Okamura Date: Wed, 27 Jan 2021 17:40:43 +0900 Subject: [PATCH 3/5] :recycle: Use action/docker-build for other images Signed-off-by: Rintaro Okamura --- .../workflows/dockers-agent-sidecar-image.yml | 68 +++---------------- ...dockers-backup-manager-cassandra-image.yml | 68 +++---------------- .../dockers-backup-manager-mysql-image.yml | 68 +++---------------- .../dockers-discoverer-k8s-image.yml | 68 +++---------------- .../dockers-gateway-backup-image.yml | 68 +++---------------- .../workflows/dockers-gateway-lb-image.yml | 68 +++---------------- .../workflows/dockers-gateway-meta-image.yml | 68 +++---------------- .../workflows/dockers-gateway-vald-image.yml | 68 +++---------------- .../workflows/dockers-helm-operator-image.yml | 68 +++---------------- .../dockers-manager-compressor-image.yml | 68 +++---------------- .../workflows/dockers-manager-index-image.yml | 68 +++---------------- .../dockers-meta-cassandra-image.yml | 68 +++---------------- .../workflows/dockers-meta-redis-image.yml | 68 +++---------------- 13 files changed, 104 insertions(+), 780 deletions(-) diff --git a/.github/workflows/dockers-agent-sidecar-image.yml b/.github/workflows/dockers-agent-sidecar-image.yml index 3ca7c6374b..432f459e4b 100644 --- a/.github/workflows/dockers-agent-sidecar-image.yml +++ b/.github/workflows/dockers-agent-sidecar-image.yml @@ -78,64 +78,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/agent-sidecar` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/agent-sidecar` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/agent-sidecar - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: agent-sidecar + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -143,13 +91,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-backup-manager-cassandra-image.yml b/.github/workflows/dockers-backup-manager-cassandra-image.yml index 77f8bbde39..1cadc3576c 100644 --- a/.github/workflows/dockers-backup-manager-cassandra-image.yml +++ b/.github/workflows/dockers-backup-manager-cassandra-image.yml @@ -80,64 +80,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/backup-manager-cassandra` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/backup-manager-cassandra` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/backup-manager-cassandra - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: backup-manager-cassandra + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -145,13 +93,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-backup-manager-mysql-image.yml b/.github/workflows/dockers-backup-manager-mysql-image.yml index b55ccff153..5315256cc8 100644 --- a/.github/workflows/dockers-backup-manager-mysql-image.yml +++ b/.github/workflows/dockers-backup-manager-mysql-image.yml @@ -78,64 +78,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/backup-manager-mysql` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/backup-manager-mysql` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/backup-manager-mysql - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: backup-manager-mysql + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -143,13 +91,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-discoverer-k8s-image.yml b/.github/workflows/dockers-discoverer-k8s-image.yml index afa03ee06c..03342d5a6f 100644 --- a/.github/workflows/dockers-discoverer-k8s-image.yml +++ b/.github/workflows/dockers-discoverer-k8s-image.yml @@ -74,64 +74,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/discoverer-k8s` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/discoverer-k8s` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/discoverer-k8s - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: discoverer-k8s + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -139,13 +87,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-gateway-backup-image.yml b/.github/workflows/dockers-gateway-backup-image.yml index 5b93e9cc53..768ac9e4ba 100644 --- a/.github/workflows/dockers-gateway-backup-image.yml +++ b/.github/workflows/dockers-gateway-backup-image.yml @@ -80,64 +80,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/gateway-backup` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/gateway-backup` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/gateway-backup - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: gateway-backup + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -145,13 +93,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-gateway-lb-image.yml b/.github/workflows/dockers-gateway-lb-image.yml index 3bc6ba823a..774adcbc2d 100644 --- a/.github/workflows/dockers-gateway-lb-image.yml +++ b/.github/workflows/dockers-gateway-lb-image.yml @@ -80,64 +80,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/gateway-lb` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/gateway-lb` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/gateway-lb - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: gateway-lb + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -145,13 +93,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-gateway-meta-image.yml b/.github/workflows/dockers-gateway-meta-image.yml index aa5f58d172..9d40155257 100644 --- a/.github/workflows/dockers-gateway-meta-image.yml +++ b/.github/workflows/dockers-gateway-meta-image.yml @@ -80,64 +80,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/gateway-meta` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/gateway-meta` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/gateway-meta - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: gateway-meta + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -145,13 +93,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-gateway-vald-image.yml b/.github/workflows/dockers-gateway-vald-image.yml index b108b88158..a73b744c89 100644 --- a/.github/workflows/dockers-gateway-vald-image.yml +++ b/.github/workflows/dockers-gateway-vald-image.yml @@ -76,64 +76,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/gateway-vald` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/gateway-vald` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/gateway-vald - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: gateway-vald + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -141,13 +89,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-helm-operator-image.yml b/.github/workflows/dockers-helm-operator-image.yml index 80184295b1..3b25f8c401 100644 --- a/.github/workflows/dockers-helm-operator-image.yml +++ b/.github/workflows/dockers-helm-operator-image.yml @@ -68,64 +68,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/operator/helm` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/operator/helm` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64,linux/arm64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/operator/helm - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: operator/helm + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -133,13 +81,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-manager-compressor-image.yml b/.github/workflows/dockers-manager-compressor-image.yml index 1e78cf011b..e3d51aec59 100644 --- a/.github/workflows/dockers-manager-compressor-image.yml +++ b/.github/workflows/dockers-manager-compressor-image.yml @@ -76,64 +76,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/manager-compressor` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/manager-compressor` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/manager-compressor - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: manager-compressor + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -141,13 +89,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-manager-index-image.yml b/.github/workflows/dockers-manager-index-image.yml index c1420f182d..f33a5e77da 100644 --- a/.github/workflows/dockers-manager-index-image.yml +++ b/.github/workflows/dockers-manager-index-image.yml @@ -76,64 +76,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/manager-index` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/manager-index` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/manager-index - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: manager-index + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -141,13 +89,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-meta-cassandra-image.yml b/.github/workflows/dockers-meta-cassandra-image.yml index e4c73d453c..ab808eb37e 100644 --- a/.github/workflows/dockers-meta-cassandra-image.yml +++ b/.github/workflows/dockers-meta-cassandra-image.yml @@ -78,64 +78,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/meta-cassandra` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/meta-cassandra` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/meta-cassandra - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: meta-cassandra + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -143,13 +91,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" diff --git a/.github/workflows/dockers-meta-redis-image.yml b/.github/workflows/dockers-meta-redis-image.yml index 50257dbe94..2d798e0b31 100644 --- a/.github/workflows/dockers-meta-redis-image.yml +++ b/.github/workflows/dockers-meta-redis-image.yml @@ -78,64 +78,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/meta-redis` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/meta-redis` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/meta-redis - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: meta-redis + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -143,13 +91,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" From 57c20570cb2d11144bfa70132a0c2b15cd00bb4d Mon Sep 17 00:00:00 2001 From: Rintaro Okamura Date: Wed, 27 Jan 2021 17:51:10 +0900 Subject: [PATCH 4/5] :recycle: Add option to specify platforms. Use docker-build in other images Signed-off-by: Rintaro Okamura --- .github/actions/docker-build/action.yaml | 16 ++++- .github/workflows/dockers-base-image.yml | 55 +++-------------- .../workflows/dockers-ci-container-image.yml | 54 +++-------------- .../workflows/dockers-dev-container-image.yml | 54 +++-------------- .github/workflows/dockers-loadtest-image.yml | 59 +++---------------- 5 files changed, 45 insertions(+), 193 deletions(-) diff --git a/.github/actions/docker-build/action.yaml b/.github/actions/docker-build/action.yaml index 90c32ec8e5..1f95828308 100644 --- a/.github/actions/docker-build/action.yaml +++ b/.github/actions/docker-build/action.yaml @@ -9,6 +9,10 @@ inputs: description: 'buildx builder name' required: true default: '' + platforms: + description: 'if it is specified, specified platforms will be used.' + required: false + default: '' outputs: IMAGE_NAME: description: "image name" @@ -64,13 +68,19 @@ runs: shell: bash id: determine_platforms run: | - if [ "${{ github.event_name }}" = "pull_request" ]; then - platforms="linux/amd64" + if [ "${TARGET_PLATFORMS}" = "" ]; then + if [ "${{ github.event_name }}" = "pull_request" ]; then + platforms="linux/amd64" + else + platforms=`make docker/platforms` + fi else - platforms=`make docker/platforms` + platforms="${TARGET_PLATFORMS}" fi echo "PLATFORMS is determined: ${platforms}" echo "::set-output name=PLATFORMS::${platforms}" + env: + TARGET_PLATFORMS: ${{ inputs.platforms }} - name: Add extra tags shell: bash id: add_extra_tags diff --git a/.github/workflows/dockers-base-image.yml b/.github/workflows/dockers-base-image.yml index 0dbcf1fc01..9aa829218c 100644 --- a/.github/workflows/dockers-base-image.yml +++ b/.github/workflows/dockers-base-image.yml @@ -57,52 +57,15 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name + - name: Specify platforms + id: specify_platforms run: | - image_name=`make docker/name/base` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/base` base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "PRIMARY_TAG=latest" >> $GITHUB_ENV - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/base - env: - DOCKER_BUILDKIT: 1 - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: base + builder: ${{ steps.buildx.outputs.name }} + platforms: ${{ steps.specify_platforms.outputs.BASE_PLATFORMS }} diff --git a/.github/workflows/dockers-ci-container-image.yml b/.github/workflows/dockers-ci-container-image.yml index a51bd13a9b..dd995bc8ca 100644 --- a/.github/workflows/dockers-ci-container-image.yml +++ b/.github/workflows/dockers-ci-container-image.yml @@ -53,50 +53,10 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/ci-container` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/ci-container` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/ci-container - env: - DOCKER_BUILDKIT: 1 - PLATFORMS: linux/amd64 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: ci-container + builder: ${{ steps.buildx.outputs.name }} + platforms: linux/amd64 diff --git a/.github/workflows/dockers-dev-container-image.yml b/.github/workflows/dockers-dev-container-image.yml index 577b6f7ca4..2adf7429a3 100644 --- a/.github/workflows/dockers-dev-container-image.yml +++ b/.github/workflows/dockers-dev-container-image.yml @@ -53,50 +53,10 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/dev-container` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/dev-container` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/dev-container - env: - DOCKER_BUILDKIT: 1 - PLATFORMS: linux/amd64 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: dev-container + builder: ${{ steps.buildx.outputs.name }} + platforms: linux/amd64 diff --git a/.github/workflows/dockers-loadtest-image.yml b/.github/workflows/dockers-loadtest-image.yml index 32f0ee6e14..8f101d228b 100644 --- a/.github/workflows/dockers-loadtest-image.yml +++ b/.github/workflows/dockers-loadtest-image.yml @@ -76,54 +76,13 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/loadtest` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/loadtest` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/loadtest - env: - DOCKER_BUILDKIT: 1 - PLATFORMS: linux/amd64 - BUILDER: ${{ steps.buildx.outputs.name }} - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: loadtest + builder: ${{ steps.buildx.outputs.name }} + platforms: linux/amd64 - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -131,13 +90,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif" From f6fef2d96883dc97759a8f9dde68323c87ee1a28 Mon Sep 17 00:00:00 2001 From: Rintaro Okamura Date: Wed, 27 Jan 2021 18:03:49 +0900 Subject: [PATCH 5/5] :recycle: Apply docker-build action to gateway-filter Signed-off-by: Rintaro Okamura --- .../dockers-gateway-filter-image.yml | 69 +++---------------- 1 file changed, 8 insertions(+), 61 deletions(-) diff --git a/.github/workflows/dockers-gateway-filter-image.yml b/.github/workflows/dockers-gateway-filter-image.yml index e0010d1f91..8d7c02f33a 100644 --- a/.github/workflows/dockers-gateway-filter-image.yml +++ b/.github/workflows/dockers-gateway-filter-image.yml @@ -87,65 +87,12 @@ jobs: registry: ghcr.io username: ${{ secrets.PACKAGE_USER }} password: ${{ secrets.PACKAGE_TOKEN }} - - name: Image name - id: image_name - run: | - image_name=`make docker/name/gateway-filter` - alter_org=`make docker/name/org/alter` - alter_image_name=`make ORG="${alter_org}" docker/name/gateway-filter` - base_platforms=`make docker/platforms` - echo "IMAGE_NAME=${image_name}" >> $GITHUB_ENV - echo "ALTER_IMAGE_NAME=${alter_image_name}" >> $GITHUB_ENV - echo "::set-output name=IMAGE_NAME::${image_name}" - echo "::set-output name=BASE_PLATFORMS::${base_platforms}" - - name: Determine tag name (master) - if: github.ref == 'refs/heads/master' - run: | - echo "nightly" > versions/VALD_VERSION - echo "PRIMARY_TAG=nightly" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Determine tag name (pull request) - if: github.event_name == 'pull_request' - run: | - pr_num=`cat $GITHUB_EVENT_PATH | jq -r ".number"` - echo "PR-${pr_num}" > versions/VALD_VERSION - echo "PRIMARY_TAG=pr-${pr_num}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: linux/amd64 - - name: Determine tag name (tags) - if: startsWith( github.ref, 'refs/tags/') - id: determine_tag - run: | - tag_name=`echo $GITHUB_REF | sed -e 's:^refs/tags/::'` - echo "::set-output name=TAG_NAME::${tag_name}" - echo "PRIMARY_TAG=${tag_name}" >> $GITHUB_ENV - echo "PLATFORMS=${PLATFORMS}" >> $GITHUB_ENV - env: - PLATFORMS: ${{ steps.image_name.outputs.BASE_PLATFORMS }} - - name: Add extra tags - run: | - EXTRA_TAGS="-t ${ALTER_IMAGE_NAME}:${PRIMARY_TAG}" - echo "EXTRA_TAGS=${EXTRA_TAGS}" >> $GITHUB_ENV - - name: Add latest tags - if: startsWith( github.ref, 'refs/tags/') - run: | - LATEST_TAGS="-t ${IMAGE_NAME}:latest -t ${ALTER_IMAGE_NAME}:latest" - echo "LATEST_TAGS=${LATEST_TAGS}" >> $GITHUB_ENV - - name: Build and Push - run: | - make \ - DOCKER="docker buildx" \ - DOCKER_OPTS="--platform ${PLATFORMS} --builder ${BUILDER} ${CACHE_OPTS} ${LABEL_OPTS} ${EXTRA_TAGS} ${LATEST_TAGS} --push" \ - TAG="${PRIMARY_TAG}" \ - docker/build/gateway-filter - env: - DOCKER_BUILDKIT: 1 - BUILDER: ${{ steps.buildx.outputs.name }} - CACHE_OPTS: "--cache-from=type=local,src=/tmp/.buildx-cache --cache-to=type=local,mode=max,dest=/tmp/.buildx-cache" - LABEL_OPTS: "--label org.opencontainers.image.url=${{ github.event.repository.html_url }} --label org.opencontainers.image.source=${{ github.event.repository.html_url }} --label org.opencontainers.image.revision=${{ github.sha }}" + - name: Build and Publish + id: build_and_publish + uses: ./.github/actions/docker-build + with: + target: gateway-filter + builder: ${{ steps.buildx.outputs.name }} - name: Initialize CodeQL if: startsWith( github.ref, 'refs/tags/') uses: github/codeql-action/init@v1 @@ -153,13 +100,13 @@ jobs: if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "table" - name: Run vulnerability scanner (sarif) if: startsWith( github.ref, 'refs/tags/') uses: aquasecurity/trivy-action@master with: - image-ref: "${{ steps.image_name.outputs.IMAGE_NAME }}:${{ steps.determine_tag.outputs.TAG_NAME }}" + image-ref: "${{ steps.build_and_publish.outputs.IMAGE_NAME }}:${{ steps.build_and_publish.outputs.PRIMARY_TAG }}" format: "template" template: "@/contrib/sarif.tpl" output: "trivy-results.sarif"