Initial commit
Some checks failed
Check Case Normalization / Build image using Buildah (push) Failing after 1s
CI checks / Run ESLint (push) Failing after 1s
CI checks / Check Distribution (push) Failing after 0s
CI checks / Check Input and Output enums (push) Failing after 0s
Build with docker/metadata-action / Build image with Containerfile (push) Failing after 2s
Build with docker/metadata-action / Build image without Containerfile (push) Failing after 1s
Link checker / Check links in markdown (push) Failing after 1s
Multiarch build / Build multi-platform image using Containerfile (push) Has been cancelled
Multiarch build / Build multi-architecture image from scratch (push) Has been cancelled
Multiarch build / Build multi-architecture image using Containerfile (push) Has been cancelled
Build / Build image using Buildah (push) Failing after 1s
Build from containerfile / Build image using Buildah (push) Failing after 1s

This commit is contained in:
phil 2024-10-25 02:30:23 +02:00
parent b7b1ae7dbe
commit 75282d0c68
20 changed files with 1897 additions and 0 deletions

66
.github/workflows/check-lowercase.yaml vendored Normal file
View file

@ -0,0 +1,66 @@
# This workflow will perform a test whenever there
# is some change in code done to ensure that the changes
# are not buggy and we are getting the desired output.
name: Check Case Normalization
on:
push:
pull_request:
workflow_dispatch:
schedule:
- cron: '0 0 * * *' # every day at midnight
env:
IMAGE_NAME: ImageCaseTest
IMAGE_TAGS: v1 TagCaseTest
jobs:
build:
name: Build image using Buildah
runs-on: container
strategy:
fail-fast: false
matrix:
install_latest: [ false ]
steps:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
with:
path: "buildah-build"
- name: Install latest buildah
if: matrix.install_latest
run: |
bash buildah-build/.github/install_latest_buildah.sh
- name: Create Dockerfile
run: |
cat > Containerfile<<EOF
FROM busybox
RUN echo "hello world"
EOF
# Build image using Buildah action
- name: Build Image
id: build_image
uses: ./buildah-build/
with:
image: ${{ env.IMAGE_NAME }}
layers: false
tags: ${{ env.IMAGE_TAGS }}
containerfiles: |
./Containerfile
extra-args: |
--pull
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build_image.outputs.image }}"
echo "Tags: ${{ steps.build_image.outputs.tags }}"
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
# Check if image is build
- name: Check images created
run: buildah images

48
.github/workflows/ci.yml vendored Normal file
View file

@ -0,0 +1,48 @@
name: CI checks
on:
push:
pull_request:
jobs:
lint:
name: Run ESLint
runs-on: container
steps:
- uses: actions/checkout@v4
- run: npm ci
- run: npm run lint
check-dist:
name: Check Distribution
runs-on: container
env:
BUNDLE_FILE: "dist/index.js"
BUNDLE_COMMAND: "npm run bundle"
steps:
- uses: actions/checkout@v4
- name: Install
run: npm ci
- name: Verify Latest Bundle
uses: redhat-actions/common/bundle-verifier@v1
with:
bundle_file: ${{ env.BUNDLE_FILE }}
bundle_command: ${{ env.BUNDLE_COMMAND }}
check-inputs-outputs:
name: Check Input and Output enums
runs-on: container
env:
IO_FILE: ./src/generated/inputs-outputs.ts
steps:
- uses: actions/checkout@v4
- name: Install dependencies
run: npm ci
- name: Verify Input and Output enums
uses: redhat-actions/common/action-io-generator@v1
with:
io_file: ${{ env.IO_FILE }}

View file

@ -0,0 +1,65 @@
# This workflow will perform a test whenever there
# is some change in code done to ensure that the changes
# are not buggy and we are getting the desired output.
name: Build from containerfile
on:
push:
pull_request:
workflow_dispatch:
schedule:
- cron: '0 0 * * *' # every day at midnight
env:
IMAGE_NAME: "hello-world"
jobs:
build:
name: Build image using Buildah
runs-on: container
strategy:
fail-fast: false
matrix:
install_latest: [ false ]
steps:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
with:
path: "buildah-build"
- name: Install latest buildah
if: matrix.install_latest
run: |
bash buildah-build/.github/install_latest_buildah.sh
- name: Create Dockerfile
run: |
cat > Containerfile<<EOF
FROM busybox
RUN echo "hello world"
EOF
# Build image using Buildah action
- name: Build Image
id: build_image
uses: ./buildah-build/
with:
image: ${{ env.IMAGE_NAME }}
layers: false
tags: 'latest ${{ github.sha }}'
containerfiles: |
./Containerfile
extra-args: |
--pull
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build_image.outputs.image }}"
echo "Tags: ${{ steps.build_image.outputs.tags }}"
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
# Check if image is build
- name: Check images created
run: buildah images | grep '${{ env.IMAGE_NAME }}'

View file

@ -0,0 +1,185 @@
# This workflow will perform a test whenever there
# is some change in code done to ensure that the changes
# are not buggy and we are getting the desired output.
name: Build with docker/metadata-action
on:
push:
pull_request:
workflow_dispatch:
schedule:
- cron: '0 0 * * *' # every day at midnight
jobs:
build-containerfile:
name: Build image with Containerfile
runs-on: container
strategy:
fail-fast: false
matrix:
install_latest: [ false ]
env:
IMAGE_NAME: "hello-world"
steps:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
- name: Docker Metadata
id: docker-metadata
uses: docker/metadata-action@v4
with:
images: |
${{ env.IMAGE_NAME }}
tags: |
type=edge
type=sha
type=ref,event=branch
type=ref,event=pr
type=schedule
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
- name: Install latest buildah
if: matrix.install_latest
run: |
bash .github/install_latest_buildah.sh
- name: Create Dockerfile
run: |
cat > Containerfile<<EOF
FROM busybox
RUN echo "hello world"
EOF
# Build image using Buildah action
- name: Build Image
id: build_image
uses: ./
with:
layers: false
tags: ${{ steps.docker-metadata.outputs.tags }}
labels: ${{ steps.docker-metadata.outputs.labels }}
containerfiles: |
./Containerfile
extra-args: |
--pull
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build_image.outputs.image }}"
echo "Tags: ${{ steps.build_image.outputs.tags }}"
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
# Check if image is build
- name: Check images created
run: buildah images | grep '${{ env.IMAGE_NAME }}'
- name: Check image metadata
run: |
set -x
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.title"'
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.description"'
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.title"'
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.description"'
build-scratch:
name: Build image without Containerfile
runs-on: container
strategy:
fail-fast: false
matrix:
install_latest: [ false ]
env:
PROJECT_DIR: spring-petclinic
IMAGE_NAME: spring-petclinic
MVN_REPO_DIR: ~/.m2/repository
steps:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
- name: Docker Metadata
id: docker-metadata
uses: docker/metadata-action@v4
with:
images: |
${{ env.IMAGE_NAME }}
tags: |
type=edge
type=sha
type=ref,event=branch
type=ref,event=pr
type=schedule
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
- name: Install latest buildah
if: matrix.install_latest
run: |
bash .github/install_latest_buildah.sh
# Checkout spring-petclinic github repository
- name: Checkout spring-petclinic project
uses: actions/checkout@v4
with:
repository: "spring-projects/spring-petclinic"
path: ${{ env.PROJECT_DIR }}
# Setup java.
- name: Setup Java
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
# Run maven to build the project
- name: Maven
working-directory: ${{ env.PROJECT_DIR }}
run: |
mvn package -ntp -B
# Build image using Buildah action
- name: Build Image
id: build_image
uses: ./
with:
tags: ${{ steps.docker-metadata.outputs.tags }}
labels: ${{ steps.docker-metadata.outputs.labels }}
base-image: 'registry.access.redhat.com/openjdk/openjdk-11-rhel7'
# To avoid hardcoding a particular version of the binary.
content: |
./spring-petclinic/target/spring-petclinic-*.jar
entrypoint: |
java
-jar
spring-petclinic-*.jar
port: 8080
arch: amd64
workdir: "."
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build_image.outputs.image }}"
echo "Tags: ${{ steps.build_image.outputs.tags }}"
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
# Check if image is build
- name: Check images created
run: buildah images | grep '${{ env.IMAGE_NAME }}'
- name: Check image metadata
run: |
set -x
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.title"'
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.description"'
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.title"'
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.description"'

20
.github/workflows/link_check.yml vendored Normal file
View file

@ -0,0 +1,20 @@
name: Link checker
on:
push:
paths:
- '**.md'
pull_request:
paths:
- '**.md'
schedule:
- cron: '0 0 * * *' # every day at midnight
jobs:
markdown-link-check:
name: Check links in markdown
runs-on: container
steps:
- uses: actions/checkout@v4
- uses: gaurav-nelson/github-action-markdown-link-check@v1
with:
use-verbose-mode: true

229
.github/workflows/multiarch.yml vendored Normal file
View file

@ -0,0 +1,229 @@
name: Multiarch build
on:
push:
pull_request:
workflow_dispatch:
schedule:
- cron: '0 0 * * *' # every day at midnight
env:
PROJECT_DIR: spring-petclinic
MVN_REPO_DIR: ~/.m2/repository
IMAGE_TAG: latest
jobs:
build-multiarch-containerfile:
name: Build multi-architecture image using Containerfile
env:
IMAGE_NAME: hello-world-multiarch
runs-on: container
strategy:
fail-fast: false
matrix:
install_latest: [ false ]
steps:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
with:
path: "buildah-build"
- name: Install latest buildah
if: matrix.install_latest
run: |
bash buildah-build/.github/install_latest_buildah.sh
- name: Install qemu dependency
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
- name: Create Containerfile
run: |
cat > Containerfile<<EOF
FROM docker.io/alpine:3.14
RUN echo "hello world"
ENTRYPOINT [ "sh", "-c", "echo -n 'Machine: ' && uname -m && echo -n 'Bits: ' && getconf LONG_BIT && echo 'goodbye world'" ]
EOF
- name: Build Image
id: build_image_multiarch
uses: ./buildah-build/
with:
image: ${{ env.IMAGE_NAME }}
tags: latest v1
archs: amd64 # Single arch testcase
containerfiles: |
./Containerfile
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build_image_multiarch.outputs.image }}"
echo "Tags: ${{ steps.build_image_multiarch.outputs.tags }}"
echo "Tagged Image: ${{ steps.build_image_multiarch.outputs.image-with-tag }}"
- name: Check images created
run: buildah images | grep '${{ env.IMAGE_NAME }}'
- name: Check image metadata
run: |
set -x
buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".OCIv1.architecture"
buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".Docker.architecture"
- name: Run image
run: |
podman run --rm ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }}
build-multiplatform-containerfile:
name: Build multi-platform image using Containerfile
env:
IMAGE_NAME: hello-world-multiplatform
runs-on: container
strategy:
fail-fast: false
matrix:
install_latest: [ false ]
steps:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
with:
path: "buildah-build"
- name: Install latest buildah
if: matrix.install_latest
run: |
bash buildah-build/.github/install_latest_buildah.sh
- name: Install qemu dependency
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
- name: Create Containerfile
run: |
cat > Containerfile<<EOF
FROM docker.io/alpine:3.16
RUN echo "hello world"
ENTRYPOINT [ "sh", "-c", "echo -n 'Machine: ' && uname -m && echo -n 'Bits: ' && getconf LONG_BIT && echo 'goodbye world'" ]
EOF
- name: Build Image
id: build_image_multiplatform
uses: ./buildah-build/
with:
image: ${{ env.IMAGE_NAME }}
tags: ${{ env.IMAGE_TAG }}
platforms: linux/amd64, linux/ppc64le
containerfiles: |
./Containerfile
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build_image_multiplatform.outputs.image }}"
echo "Tags: ${{ steps.build_image_multiplatform.outputs.tags }}"
echo "Tagged Image: ${{ steps.build_image_multiplatform.outputs.image-with-tag }}"
- name: Check images created
run: buildah images | grep '${{ env.IMAGE_NAME }}'
- name: Check manifest
run: |
set -x
buildah manifest inspect ${{ steps.build_image_multiplatform.outputs.image }}:${{ env.IMAGE_TAG }}
- name: Run image
run: |
podman run --rm ${{ steps.build_image_multiplatform.outputs.image }}:${{ env.IMAGE_TAG }}
build-multiarch-scratch:
name: Build multi-architecture image from scratch
env:
IMAGE_NAME: spring-petclinic-multiarch
runs-on: container
strategy:
fail-fast: false
matrix:
install_latest: [ false ]
steps:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
with:
path: "buildah-build"
- name: Install latest buildah
if: matrix.install_latest
run: |
bash buildah-build/.github/install_latest_buildah.sh
- name: Install qemu dependency
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
# Checkout spring-petclinic github repository
- name: Checkout spring-petclinic project
uses: actions/checkout@v4
with:
repository: "spring-projects/spring-petclinic"
path: ${{ env.PROJECT_DIR }}
# Setup java.
- name: Setup Java
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
# Run maven to build the project
- name: Maven
working-directory: ${{ env.PROJECT_DIR }}
run: |
mvn package -ntp -B
- name: Build Image
id: build_image_multiarch
uses: ./buildah-build/
with:
image: ${{ env.IMAGE_NAME }}
tags: ${{ env.IMAGE_TAG }}
base-image: 'registry.access.redhat.com/openjdk/openjdk-11-rhel7'
archs: amd64, i386, ppc64le
# To avoid hardcoding a particular version of the binary.
content: |
./spring-petclinic/target/spring-petclinic-*.jar
entrypoint: |
java
-jar
spring-petclinic-*.jar
port: 8080
workdir: "."
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build_image_multiarch.outputs.image }}"
echo "Tags: ${{ steps.build_image_multiarch.outputs.tags }}"
echo "Tagged Image: ${{ steps.build_image_multiarch.outputs.image-with-tag }}"
- name: Check images created
run: buildah images | grep '${{ env.IMAGE_NAME }}'
- name: Check manifest
run: |
set -x
buildah manifest inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }}

87
.github/workflows/scratch_build.yml vendored Normal file
View file

@ -0,0 +1,87 @@
# This workflow will perform a test whenever there
# is some change in code done to ensure that the changes
# are not buggy and we are getting the desired output.
name: Build
on:
push:
pull_request:
workflow_dispatch:
schedule:
- cron: '0 0 * * *' # every day at midnight
env:
PROJECT_DIR: spring-petclinic
IMAGE_NAME: spring-petclinic
MVN_REPO_DIR: ~/.m2/repository
jobs:
build:
name: Build image using Buildah
runs-on: container
strategy:
fail-fast: false
matrix:
install_latest: [ false ]
steps:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
with:
path: "buildah-build"
- name: Install latest buildah
if: matrix.install_latest
run: |
bash buildah-build/.github/install_latest_buildah.sh
# Checkout spring-petclinic github repository
- name: Checkout spring-petclinic project
uses: actions/checkout@v4
with:
repository: "spring-projects/spring-petclinic"
path: ${{ env.PROJECT_DIR }}
# Setup java.
- name: Setup Java
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
# Run maven to build the project
- name: Maven
working-directory: ${{ env.PROJECT_DIR }}
run: |
mvn package -ntp -B
# Build image using Buildah action
- name: Build Image
id: build_image
uses: ./buildah-build/
with:
image: ${{ env.IMAGE_NAME }}
tags: 'latest ${{ github.sha }}'
base-image: 'registry.access.redhat.com/openjdk/openjdk-11-rhel7'
# To avoid hardcoding a particular version of the binary.
content: |
./spring-petclinic/target/spring-petclinic-*.jar
entrypoint: |
java
-jar
spring-petclinic-*.jar
port: 8080
arch: amd64
workdir: "."
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build_image.outputs.image }}"
echo "Tags: ${{ steps.build_image.outputs.tags }}"
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
# Check if image is build
- name: Check images created
run: buildah images | grep '${{ env.IMAGE_NAME }}'

36
.github/workflows/security_scan.yml vendored Normal file
View file

@ -0,0 +1,36 @@
name: Vulnerability Scan with CRDA
on:
# push:
workflow_dispatch:
# pull_request_target:
# types: [ assigned, opened, synchronize, reopened, labeled, edited ]
# schedule:
# - cron: '0 0 * * *' # every day at midnight
jobs:
crda-scan:
runs-on: container
name: Scan project vulnerability with CRDA
steps:
- uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: '20'
cache: 'npm'
- name: Install CRDA
uses: redhat-actions/openshift-tools-installer@v1
with:
source: github
github_pat: ${{ github.token }}
crda: "latest"
- name: CRDA Scan
id: scan
uses: redhat-actions/crda@v1
with:
crda_key: ${{ secrets.CRDA_KEY }}
fail_on: never