forked from repo-mirrors/cnpg-postgres-containers
Initial Commit
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
This commit is contained in:
tao
Jonathan Gonzalez V
95
.github/workflows/build.yml
vendored
Normal file
95
.github/workflows/build.yml
vendored
Normal file
@@ -0,0 +1,95 @@
|
||||
name: Continuous Delivery
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
IMAGE_STAGING: cloudnative-pg/postgresql-testing
|
||||
IMAGE_RELEASE: cloudnative-pg/postgresql
|
||||
|
||||
jobs:
|
||||
generate-jobs:
|
||||
name: Generate Jobs
|
||||
runs-on: ubuntu-20.04
|
||||
outputs:
|
||||
strategy: ${{ steps.generate-jobs.outputs.strategy }}
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v3
|
||||
- name: Generate Jobs
|
||||
id: generate-jobs
|
||||
shell: bash
|
||||
run: |
|
||||
bash .github/generate-strategy.sh
|
||||
|
||||
build:
|
||||
needs: generate-jobs
|
||||
strategy: ${{ fromJson(needs.generate-jobs.outputs.strategy) }}
|
||||
name: ${{ matrix.name }}
|
||||
runs-on: ubuntu-20.04
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1.2.0
|
||||
|
||||
- name: Docker meta
|
||||
id: docker-meta
|
||||
env:
|
||||
TAGS: ${{ toJson(matrix.tags) }}
|
||||
run: |
|
||||
RESULT=""
|
||||
for tag in $(jq -r '.[]' <<< "${TAGS}")
|
||||
do
|
||||
RESULT="${RESULT},ghcr.io/${IMAGE_STAGING}:${tag}"
|
||||
# If we are running the pipeline in the main branch images are pushed in both -testing and PROD repo
|
||||
if [ "${GITHUB_REF#refs/heads/}" == main ]
|
||||
then
|
||||
RESULT="${RESULT},ghcr.io/${IMAGE_RELEASE}:${tag}"
|
||||
fi
|
||||
done
|
||||
echo "::set-output name=tags::${RESULT%,}"
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: buildx
|
||||
uses: docker/setup-buildx-action@v1.6.0
|
||||
|
||||
- name: Log in to the GitHub Container registry
|
||||
uses: docker/login-action@v1.14.1
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Build and load
|
||||
uses: docker/build-push-action@v2.10.0
|
||||
with:
|
||||
context: ${{ matrix.dir }}
|
||||
file: ${{ matrix.file }}
|
||||
push: false
|
||||
load: true
|
||||
tags: ${{ steps.docker-meta.outputs.tags }}
|
||||
|
||||
- name: Dockle scan
|
||||
uses: erzz/dockle-action@v1.2.0
|
||||
with:
|
||||
image: "ghcr.io/${{ env.IMAGE_STAGING }}:${{ matrix.tags[0] }}"
|
||||
exit-code: '1'
|
||||
failure-threshold: WARN
|
||||
accept-filenames: usr/share/cmake/Templates/Windows/Windows_TemporaryKey.pfx,etc/trusted-key.key,usr/share/doc/perl-IO-Socket-SSL/certs/server_enc.p12,usr/share/doc/perl-IO-Socket-SSL/certs/server.p12,usr/local/lib/python3.9/dist-packages/azure/core/settings.py,usr/local/lib/python3.8/site-packages/azure/core/settings.py,usr/share/postgresql-common/pgdg/apt.postgresql.org.asc,usr/local/lib/python3.7/dist-packages/azure/core/settings.py,etc/ssl/private/ssl-cert-snakeoil.key
|
||||
|
||||
- name: Build and push
|
||||
uses: docker/build-push-action@v2.10.0
|
||||
with:
|
||||
context: ${{ matrix.dir }}
|
||||
file: ${{ matrix.file }}
|
||||
platforms: ${{ matrix.platforms }}
|
||||
push: true
|
||||
tags: ${{ steps.docker-meta.outputs.tags }}
|
||||
Reference in New Issue
Block a user