Initial commit
Some checks failed
Check Case Normalization / Build image using Buildah (push) Failing after 1s
CI checks / Run ESLint (push) Failing after 1s
CI checks / Check Distribution (push) Failing after 0s
CI checks / Check Input and Output enums (push) Failing after 0s
Build with docker/metadata-action / Build image with Containerfile (push) Failing after 2s
Build with docker/metadata-action / Build image without Containerfile (push) Failing after 1s
Link checker / Check links in markdown (push) Failing after 1s
Multiarch build / Build multi-platform image using Containerfile (push) Has been cancelled
Multiarch build / Build multi-architecture image from scratch (push) Has been cancelled
Multiarch build / Build multi-architecture image using Containerfile (push) Has been cancelled
Build / Build image using Buildah (push) Failing after 1s
Build from containerfile / Build image using Buildah (push) Failing after 1s
Some checks failed
Check Case Normalization / Build image using Buildah (push) Failing after 1s
CI checks / Run ESLint (push) Failing after 1s
CI checks / Check Distribution (push) Failing after 0s
CI checks / Check Input and Output enums (push) Failing after 0s
Build with docker/metadata-action / Build image with Containerfile (push) Failing after 2s
Build with docker/metadata-action / Build image without Containerfile (push) Failing after 1s
Link checker / Check links in markdown (push) Failing after 1s
Multiarch build / Build multi-platform image using Containerfile (push) Has been cancelled
Multiarch build / Build multi-architecture image from scratch (push) Has been cancelled
Multiarch build / Build multi-architecture image using Containerfile (push) Has been cancelled
Build / Build image using Buildah (push) Failing after 1s
Build from containerfile / Build image using Buildah (push) Failing after 1s
This commit is contained in:
parent
b7b1ae7dbe
commit
75282d0c68
20 changed files with 1897 additions and 0 deletions
66
.github/workflows/check-lowercase.yaml
vendored
Normal file
66
.github/workflows/check-lowercase.yaml
vendored
Normal file
|
@ -0,0 +1,66 @@
|
|||
# This workflow will perform a test whenever there
|
||||
# is some change in code done to ensure that the changes
|
||||
# are not buggy and we are getting the desired output.
|
||||
name: Check Case Normalization
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
- cron: '0 0 * * *' # every day at midnight
|
||||
|
||||
env:
|
||||
IMAGE_NAME: ImageCaseTest
|
||||
IMAGE_TAGS: v1 TagCaseTest
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build image using Buildah
|
||||
runs-on: container
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
install_latest: [ false ]
|
||||
|
||||
steps:
|
||||
|
||||
# Checkout buildah action github repository
|
||||
- name: Checkout Buildah action
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: "buildah-build"
|
||||
|
||||
- name: Install latest buildah
|
||||
if: matrix.install_latest
|
||||
run: |
|
||||
bash buildah-build/.github/install_latest_buildah.sh
|
||||
|
||||
- name: Create Dockerfile
|
||||
run: |
|
||||
cat > Containerfile<<EOF
|
||||
FROM busybox
|
||||
RUN echo "hello world"
|
||||
EOF
|
||||
|
||||
# Build image using Buildah action
|
||||
- name: Build Image
|
||||
id: build_image
|
||||
uses: ./buildah-build/
|
||||
with:
|
||||
image: ${{ env.IMAGE_NAME }}
|
||||
layers: false
|
||||
tags: ${{ env.IMAGE_TAGS }}
|
||||
containerfiles: |
|
||||
./Containerfile
|
||||
extra-args: |
|
||||
--pull
|
||||
|
||||
- name: Echo Outputs
|
||||
run: |
|
||||
echo "Image: ${{ steps.build_image.outputs.image }}"
|
||||
echo "Tags: ${{ steps.build_image.outputs.tags }}"
|
||||
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
|
||||
|
||||
# Check if image is build
|
||||
- name: Check images created
|
||||
run: buildah images
|
48
.github/workflows/ci.yml
vendored
Normal file
48
.github/workflows/ci.yml
vendored
Normal file
|
@ -0,0 +1,48 @@
|
|||
name: CI checks
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
name: Run ESLint
|
||||
runs-on: container
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- run: npm ci
|
||||
- run: npm run lint
|
||||
|
||||
check-dist:
|
||||
name: Check Distribution
|
||||
runs-on: container
|
||||
env:
|
||||
BUNDLE_FILE: "dist/index.js"
|
||||
BUNDLE_COMMAND: "npm run bundle"
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Install
|
||||
run: npm ci
|
||||
|
||||
- name: Verify Latest Bundle
|
||||
uses: redhat-actions/common/bundle-verifier@v1
|
||||
with:
|
||||
bundle_file: ${{ env.BUNDLE_FILE }}
|
||||
bundle_command: ${{ env.BUNDLE_COMMAND }}
|
||||
|
||||
check-inputs-outputs:
|
||||
name: Check Input and Output enums
|
||||
runs-on: container
|
||||
env:
|
||||
IO_FILE: ./src/generated/inputs-outputs.ts
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Install dependencies
|
||||
run: npm ci
|
||||
|
||||
- name: Verify Input and Output enums
|
||||
uses: redhat-actions/common/action-io-generator@v1
|
||||
with:
|
||||
io_file: ${{ env.IO_FILE }}
|
65
.github/workflows/containerfile_build.yml
vendored
Normal file
65
.github/workflows/containerfile_build.yml
vendored
Normal file
|
@ -0,0 +1,65 @@
|
|||
# This workflow will perform a test whenever there
|
||||
# is some change in code done to ensure that the changes
|
||||
# are not buggy and we are getting the desired output.
|
||||
name: Build from containerfile
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
- cron: '0 0 * * *' # every day at midnight
|
||||
|
||||
env:
|
||||
IMAGE_NAME: "hello-world"
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build image using Buildah
|
||||
runs-on: container
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
install_latest: [ false ]
|
||||
|
||||
steps:
|
||||
|
||||
# Checkout buildah action github repository
|
||||
- name: Checkout Buildah action
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: "buildah-build"
|
||||
|
||||
- name: Install latest buildah
|
||||
if: matrix.install_latest
|
||||
run: |
|
||||
bash buildah-build/.github/install_latest_buildah.sh
|
||||
|
||||
- name: Create Dockerfile
|
||||
run: |
|
||||
cat > Containerfile<<EOF
|
||||
FROM busybox
|
||||
RUN echo "hello world"
|
||||
EOF
|
||||
|
||||
# Build image using Buildah action
|
||||
- name: Build Image
|
||||
id: build_image
|
||||
uses: ./buildah-build/
|
||||
with:
|
||||
image: ${{ env.IMAGE_NAME }}
|
||||
layers: false
|
||||
tags: 'latest ${{ github.sha }}'
|
||||
containerfiles: |
|
||||
./Containerfile
|
||||
extra-args: |
|
||||
--pull
|
||||
|
||||
- name: Echo Outputs
|
||||
run: |
|
||||
echo "Image: ${{ steps.build_image.outputs.image }}"
|
||||
echo "Tags: ${{ steps.build_image.outputs.tags }}"
|
||||
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
|
||||
|
||||
# Check if image is build
|
||||
- name: Check images created
|
||||
run: buildah images | grep '${{ env.IMAGE_NAME }}'
|
185
.github/workflows/docker_metadata_action.yml
vendored
Normal file
185
.github/workflows/docker_metadata_action.yml
vendored
Normal file
|
@ -0,0 +1,185 @@
|
|||
# This workflow will perform a test whenever there
|
||||
# is some change in code done to ensure that the changes
|
||||
# are not buggy and we are getting the desired output.
|
||||
name: Build with docker/metadata-action
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
- cron: '0 0 * * *' # every day at midnight
|
||||
|
||||
jobs:
|
||||
build-containerfile:
|
||||
name: Build image with Containerfile
|
||||
runs-on: container
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
install_latest: [ false ]
|
||||
|
||||
env:
|
||||
IMAGE_NAME: "hello-world"
|
||||
|
||||
steps:
|
||||
|
||||
# Checkout buildah action github repository
|
||||
- name: Checkout Buildah action
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Docker Metadata
|
||||
id: docker-metadata
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
${{ env.IMAGE_NAME }}
|
||||
tags: |
|
||||
type=edge
|
||||
type=sha
|
||||
type=ref,event=branch
|
||||
type=ref,event=pr
|
||||
type=schedule
|
||||
type=semver,pattern={{version}}
|
||||
type=semver,pattern={{major}}.{{minor}}
|
||||
type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
|
||||
|
||||
- name: Install latest buildah
|
||||
if: matrix.install_latest
|
||||
run: |
|
||||
bash .github/install_latest_buildah.sh
|
||||
|
||||
- name: Create Dockerfile
|
||||
run: |
|
||||
cat > Containerfile<<EOF
|
||||
FROM busybox
|
||||
RUN echo "hello world"
|
||||
EOF
|
||||
|
||||
# Build image using Buildah action
|
||||
- name: Build Image
|
||||
id: build_image
|
||||
uses: ./
|
||||
with:
|
||||
layers: false
|
||||
tags: ${{ steps.docker-metadata.outputs.tags }}
|
||||
labels: ${{ steps.docker-metadata.outputs.labels }}
|
||||
containerfiles: |
|
||||
./Containerfile
|
||||
extra-args: |
|
||||
--pull
|
||||
|
||||
- name: Echo Outputs
|
||||
run: |
|
||||
echo "Image: ${{ steps.build_image.outputs.image }}"
|
||||
echo "Tags: ${{ steps.build_image.outputs.tags }}"
|
||||
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
|
||||
|
||||
# Check if image is build
|
||||
- name: Check images created
|
||||
run: buildah images | grep '${{ env.IMAGE_NAME }}'
|
||||
|
||||
- name: Check image metadata
|
||||
run: |
|
||||
set -x
|
||||
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.title"'
|
||||
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.description"'
|
||||
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.title"'
|
||||
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.description"'
|
||||
|
||||
build-scratch:
|
||||
name: Build image without Containerfile
|
||||
runs-on: container
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
install_latest: [ false ]
|
||||
|
||||
env:
|
||||
PROJECT_DIR: spring-petclinic
|
||||
IMAGE_NAME: spring-petclinic
|
||||
MVN_REPO_DIR: ~/.m2/repository
|
||||
|
||||
steps:
|
||||
|
||||
# Checkout buildah action github repository
|
||||
- name: Checkout Buildah action
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Docker Metadata
|
||||
id: docker-metadata
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
${{ env.IMAGE_NAME }}
|
||||
tags: |
|
||||
type=edge
|
||||
type=sha
|
||||
type=ref,event=branch
|
||||
type=ref,event=pr
|
||||
type=schedule
|
||||
type=semver,pattern={{version}}
|
||||
type=semver,pattern={{major}}.{{minor}}
|
||||
type=semver,pattern={{major}},enable=${{ !startsWith(github.ref, 'refs/tags/v0.') }}
|
||||
|
||||
- name: Install latest buildah
|
||||
if: matrix.install_latest
|
||||
run: |
|
||||
bash .github/install_latest_buildah.sh
|
||||
|
||||
# Checkout spring-petclinic github repository
|
||||
- name: Checkout spring-petclinic project
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: "spring-projects/spring-petclinic"
|
||||
path: ${{ env.PROJECT_DIR }}
|
||||
|
||||
# Setup java.
|
||||
- name: Setup Java
|
||||
uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: '17'
|
||||
cache: 'maven'
|
||||
|
||||
# Run maven to build the project
|
||||
- name: Maven
|
||||
working-directory: ${{ env.PROJECT_DIR }}
|
||||
run: |
|
||||
mvn package -ntp -B
|
||||
|
||||
# Build image using Buildah action
|
||||
- name: Build Image
|
||||
id: build_image
|
||||
uses: ./
|
||||
with:
|
||||
tags: ${{ steps.docker-metadata.outputs.tags }}
|
||||
labels: ${{ steps.docker-metadata.outputs.labels }}
|
||||
base-image: 'registry.access.redhat.com/openjdk/openjdk-11-rhel7'
|
||||
# To avoid hardcoding a particular version of the binary.
|
||||
content: |
|
||||
./spring-petclinic/target/spring-petclinic-*.jar
|
||||
entrypoint: |
|
||||
java
|
||||
-jar
|
||||
spring-petclinic-*.jar
|
||||
port: 8080
|
||||
arch: amd64
|
||||
workdir: "."
|
||||
|
||||
- name: Echo Outputs
|
||||
run: |
|
||||
echo "Image: ${{ steps.build_image.outputs.image }}"
|
||||
echo "Tags: ${{ steps.build_image.outputs.tags }}"
|
||||
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
|
||||
|
||||
# Check if image is build
|
||||
- name: Check images created
|
||||
run: buildah images | grep '${{ env.IMAGE_NAME }}'
|
||||
|
||||
- name: Check image metadata
|
||||
run: |
|
||||
set -x
|
||||
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.title"'
|
||||
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.OCIv1.config.Labels."org.opencontainers.image.description"'
|
||||
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.title"'
|
||||
buildah inspect ${{ steps.build_image.outputs.image-with-tag }} | jq '.Docker.config.Labels."org.opencontainers.image.description"'
|
20
.github/workflows/link_check.yml
vendored
Normal file
20
.github/workflows/link_check.yml
vendored
Normal file
|
@ -0,0 +1,20 @@
|
|||
name: Link checker
|
||||
on:
|
||||
push:
|
||||
paths:
|
||||
- '**.md'
|
||||
pull_request:
|
||||
paths:
|
||||
- '**.md'
|
||||
schedule:
|
||||
- cron: '0 0 * * *' # every day at midnight
|
||||
|
||||
jobs:
|
||||
markdown-link-check:
|
||||
name: Check links in markdown
|
||||
runs-on: container
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: gaurav-nelson/github-action-markdown-link-check@v1
|
||||
with:
|
||||
use-verbose-mode: true
|
229
.github/workflows/multiarch.yml
vendored
Normal file
229
.github/workflows/multiarch.yml
vendored
Normal file
|
@ -0,0 +1,229 @@
|
|||
name: Multiarch build
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
- cron: '0 0 * * *' # every day at midnight
|
||||
|
||||
env:
|
||||
PROJECT_DIR: spring-petclinic
|
||||
MVN_REPO_DIR: ~/.m2/repository
|
||||
IMAGE_TAG: latest
|
||||
|
||||
jobs:
|
||||
build-multiarch-containerfile:
|
||||
name: Build multi-architecture image using Containerfile
|
||||
env:
|
||||
IMAGE_NAME: hello-world-multiarch
|
||||
runs-on: container
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
install_latest: [ false ]
|
||||
|
||||
steps:
|
||||
|
||||
# Checkout buildah action github repository
|
||||
- name: Checkout Buildah action
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: "buildah-build"
|
||||
|
||||
- name: Install latest buildah
|
||||
if: matrix.install_latest
|
||||
run: |
|
||||
bash buildah-build/.github/install_latest_buildah.sh
|
||||
|
||||
- name: Install qemu dependency
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y qemu-user-static
|
||||
|
||||
- name: Create Containerfile
|
||||
run: |
|
||||
cat > Containerfile<<EOF
|
||||
|
||||
FROM docker.io/alpine:3.14
|
||||
|
||||
RUN echo "hello world"
|
||||
|
||||
ENTRYPOINT [ "sh", "-c", "echo -n 'Machine: ' && uname -m && echo -n 'Bits: ' && getconf LONG_BIT && echo 'goodbye world'" ]
|
||||
EOF
|
||||
|
||||
- name: Build Image
|
||||
id: build_image_multiarch
|
||||
uses: ./buildah-build/
|
||||
with:
|
||||
image: ${{ env.IMAGE_NAME }}
|
||||
tags: latest v1
|
||||
archs: amd64 # Single arch testcase
|
||||
containerfiles: |
|
||||
./Containerfile
|
||||
|
||||
- name: Echo Outputs
|
||||
run: |
|
||||
echo "Image: ${{ steps.build_image_multiarch.outputs.image }}"
|
||||
echo "Tags: ${{ steps.build_image_multiarch.outputs.tags }}"
|
||||
echo "Tagged Image: ${{ steps.build_image_multiarch.outputs.image-with-tag }}"
|
||||
|
||||
- name: Check images created
|
||||
run: buildah images | grep '${{ env.IMAGE_NAME }}'
|
||||
|
||||
- name: Check image metadata
|
||||
run: |
|
||||
set -x
|
||||
buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".OCIv1.architecture"
|
||||
buildah inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }} | jq ".Docker.architecture"
|
||||
|
||||
- name: Run image
|
||||
run: |
|
||||
podman run --rm ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }}
|
||||
|
||||
build-multiplatform-containerfile:
|
||||
name: Build multi-platform image using Containerfile
|
||||
env:
|
||||
IMAGE_NAME: hello-world-multiplatform
|
||||
runs-on: container
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
install_latest: [ false ]
|
||||
|
||||
steps:
|
||||
|
||||
# Checkout buildah action github repository
|
||||
- name: Checkout Buildah action
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: "buildah-build"
|
||||
|
||||
- name: Install latest buildah
|
||||
if: matrix.install_latest
|
||||
run: |
|
||||
bash buildah-build/.github/install_latest_buildah.sh
|
||||
|
||||
- name: Install qemu dependency
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y qemu-user-static
|
||||
|
||||
- name: Create Containerfile
|
||||
run: |
|
||||
cat > Containerfile<<EOF
|
||||
|
||||
FROM docker.io/alpine:3.16
|
||||
|
||||
RUN echo "hello world"
|
||||
|
||||
ENTRYPOINT [ "sh", "-c", "echo -n 'Machine: ' && uname -m && echo -n 'Bits: ' && getconf LONG_BIT && echo 'goodbye world'" ]
|
||||
EOF
|
||||
|
||||
- name: Build Image
|
||||
id: build_image_multiplatform
|
||||
uses: ./buildah-build/
|
||||
with:
|
||||
image: ${{ env.IMAGE_NAME }}
|
||||
tags: ${{ env.IMAGE_TAG }}
|
||||
platforms: linux/amd64, linux/ppc64le
|
||||
containerfiles: |
|
||||
./Containerfile
|
||||
|
||||
- name: Echo Outputs
|
||||
run: |
|
||||
echo "Image: ${{ steps.build_image_multiplatform.outputs.image }}"
|
||||
echo "Tags: ${{ steps.build_image_multiplatform.outputs.tags }}"
|
||||
echo "Tagged Image: ${{ steps.build_image_multiplatform.outputs.image-with-tag }}"
|
||||
|
||||
- name: Check images created
|
||||
run: buildah images | grep '${{ env.IMAGE_NAME }}'
|
||||
|
||||
- name: Check manifest
|
||||
run: |
|
||||
set -x
|
||||
buildah manifest inspect ${{ steps.build_image_multiplatform.outputs.image }}:${{ env.IMAGE_TAG }}
|
||||
|
||||
- name: Run image
|
||||
run: |
|
||||
podman run --rm ${{ steps.build_image_multiplatform.outputs.image }}:${{ env.IMAGE_TAG }}
|
||||
|
||||
build-multiarch-scratch:
|
||||
name: Build multi-architecture image from scratch
|
||||
env:
|
||||
IMAGE_NAME: spring-petclinic-multiarch
|
||||
runs-on: container
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
install_latest: [ false ]
|
||||
|
||||
steps:
|
||||
|
||||
# Checkout buildah action github repository
|
||||
- name: Checkout Buildah action
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: "buildah-build"
|
||||
|
||||
- name: Install latest buildah
|
||||
if: matrix.install_latest
|
||||
run: |
|
||||
bash buildah-build/.github/install_latest_buildah.sh
|
||||
|
||||
- name: Install qemu dependency
|
||||
run: |
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y qemu-user-static
|
||||
|
||||
# Checkout spring-petclinic github repository
|
||||
- name: Checkout spring-petclinic project
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: "spring-projects/spring-petclinic"
|
||||
path: ${{ env.PROJECT_DIR }}
|
||||
|
||||
# Setup java.
|
||||
- name: Setup Java
|
||||
uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: '17'
|
||||
cache: 'maven'
|
||||
|
||||
# Run maven to build the project
|
||||
- name: Maven
|
||||
working-directory: ${{ env.PROJECT_DIR }}
|
||||
run: |
|
||||
mvn package -ntp -B
|
||||
|
||||
- name: Build Image
|
||||
id: build_image_multiarch
|
||||
uses: ./buildah-build/
|
||||
with:
|
||||
image: ${{ env.IMAGE_NAME }}
|
||||
tags: ${{ env.IMAGE_TAG }}
|
||||
base-image: 'registry.access.redhat.com/openjdk/openjdk-11-rhel7'
|
||||
archs: amd64, i386, ppc64le
|
||||
# To avoid hardcoding a particular version of the binary.
|
||||
content: |
|
||||
./spring-petclinic/target/spring-petclinic-*.jar
|
||||
entrypoint: |
|
||||
java
|
||||
-jar
|
||||
spring-petclinic-*.jar
|
||||
port: 8080
|
||||
workdir: "."
|
||||
|
||||
- name: Echo Outputs
|
||||
run: |
|
||||
echo "Image: ${{ steps.build_image_multiarch.outputs.image }}"
|
||||
echo "Tags: ${{ steps.build_image_multiarch.outputs.tags }}"
|
||||
echo "Tagged Image: ${{ steps.build_image_multiarch.outputs.image-with-tag }}"
|
||||
|
||||
- name: Check images created
|
||||
run: buildah images | grep '${{ env.IMAGE_NAME }}'
|
||||
|
||||
- name: Check manifest
|
||||
run: |
|
||||
set -x
|
||||
buildah manifest inspect ${{ steps.build_image_multiarch.outputs.image }}:${{ env.IMAGE_TAG }}
|
87
.github/workflows/scratch_build.yml
vendored
Normal file
87
.github/workflows/scratch_build.yml
vendored
Normal file
|
@ -0,0 +1,87 @@
|
|||
# This workflow will perform a test whenever there
|
||||
# is some change in code done to ensure that the changes
|
||||
# are not buggy and we are getting the desired output.
|
||||
name: Build
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
- cron: '0 0 * * *' # every day at midnight
|
||||
|
||||
env:
|
||||
PROJECT_DIR: spring-petclinic
|
||||
IMAGE_NAME: spring-petclinic
|
||||
MVN_REPO_DIR: ~/.m2/repository
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build image using Buildah
|
||||
runs-on: container
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
install_latest: [ false ]
|
||||
|
||||
steps:
|
||||
|
||||
# Checkout buildah action github repository
|
||||
- name: Checkout Buildah action
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: "buildah-build"
|
||||
|
||||
- name: Install latest buildah
|
||||
if: matrix.install_latest
|
||||
run: |
|
||||
bash buildah-build/.github/install_latest_buildah.sh
|
||||
|
||||
# Checkout spring-petclinic github repository
|
||||
- name: Checkout spring-petclinic project
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: "spring-projects/spring-petclinic"
|
||||
path: ${{ env.PROJECT_DIR }}
|
||||
|
||||
# Setup java.
|
||||
- name: Setup Java
|
||||
uses: actions/setup-java@v3
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: '17'
|
||||
cache: 'maven'
|
||||
|
||||
# Run maven to build the project
|
||||
- name: Maven
|
||||
working-directory: ${{ env.PROJECT_DIR }}
|
||||
run: |
|
||||
mvn package -ntp -B
|
||||
|
||||
# Build image using Buildah action
|
||||
- name: Build Image
|
||||
id: build_image
|
||||
uses: ./buildah-build/
|
||||
with:
|
||||
image: ${{ env.IMAGE_NAME }}
|
||||
tags: 'latest ${{ github.sha }}'
|
||||
base-image: 'registry.access.redhat.com/openjdk/openjdk-11-rhel7'
|
||||
# To avoid hardcoding a particular version of the binary.
|
||||
content: |
|
||||
./spring-petclinic/target/spring-petclinic-*.jar
|
||||
entrypoint: |
|
||||
java
|
||||
-jar
|
||||
spring-petclinic-*.jar
|
||||
port: 8080
|
||||
arch: amd64
|
||||
workdir: "."
|
||||
|
||||
- name: Echo Outputs
|
||||
run: |
|
||||
echo "Image: ${{ steps.build_image.outputs.image }}"
|
||||
echo "Tags: ${{ steps.build_image.outputs.tags }}"
|
||||
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
|
||||
|
||||
# Check if image is build
|
||||
- name: Check images created
|
||||
run: buildah images | grep '${{ env.IMAGE_NAME }}'
|
36
.github/workflows/security_scan.yml
vendored
Normal file
36
.github/workflows/security_scan.yml
vendored
Normal file
|
@ -0,0 +1,36 @@
|
|||
name: Vulnerability Scan with CRDA
|
||||
on:
|
||||
# push:
|
||||
workflow_dispatch:
|
||||
# pull_request_target:
|
||||
# types: [ assigned, opened, synchronize, reopened, labeled, edited ]
|
||||
# schedule:
|
||||
# - cron: '0 0 * * *' # every day at midnight
|
||||
|
||||
jobs:
|
||||
crda-scan:
|
||||
runs-on: container
|
||||
name: Scan project vulnerability with CRDA
|
||||
steps:
|
||||
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Setup Node
|
||||
uses: actions/setup-node@v3
|
||||
with:
|
||||
node-version: '20'
|
||||
cache: 'npm'
|
||||
|
||||
- name: Install CRDA
|
||||
uses: redhat-actions/openshift-tools-installer@v1
|
||||
with:
|
||||
source: github
|
||||
github_pat: ${{ github.token }}
|
||||
crda: "latest"
|
||||
|
||||
- name: CRDA Scan
|
||||
id: scan
|
||||
uses: redhat-actions/crda@v1
|
||||
with:
|
||||
crda_key: ${{ secrets.CRDA_KEY }}
|
||||
fail_on: never
|
Loading…
Add table
Add a link
Reference in a new issue