paspo
4f9dd8f51f
Some checks failed
Container Publish / on-success-skip (push) Has been skipped
Container Publish / build-image (arm64) (push) Successful in 2m1s
Container Publish / build-image (amd64) (push) Successful in 4m7s
Container Publish / update docker manifest (push) Successful in 10s
Vulnerability Scan / Daily Vulnerability Scan (arm64) (push) Failing after 36s
Vulnerability Scan / Daily Vulnerability Scan (amd64) (push) Failing after 2m1s
77 lines
2.0 KiB
YAML
77 lines
2.0 KiB
YAML
---
|
|
name: Container Publish
|
|
|
|
env:
|
|
REGISTRY: docker.asperti.com
|
|
REPOSITORY: paspo/python-runner
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- '*'
|
|
schedule:
|
|
- cron: "0 12 3 * *"
|
|
workflow_dispatch:
|
|
workflow_call:
|
|
workflow_run:
|
|
workflows: [vulnscan.yaml]
|
|
types: [completed]
|
|
|
|
jobs:
|
|
on-success-skip:
|
|
runs-on:
|
|
labels: ubuntu-latest
|
|
if: ${{ github.event.workflow_run.conclusion == 'success' }}
|
|
steps:
|
|
- run: exit_with_success
|
|
|
|
build-image:
|
|
runs-on:
|
|
labels: [ubuntu-latest, "arch-${{ matrix.arch }}"]
|
|
container:
|
|
image: catthehacker/ubuntu:act-latest
|
|
strategy:
|
|
matrix:
|
|
arch: [amd64, arm64]
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Login to registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ${{ env.REGISTRY }}
|
|
username: ${{ secrets.REGISTRY_USER }}
|
|
password: ${{ secrets.REGISTRY_TOKEN }}
|
|
|
|
- name: Build and publish
|
|
run: |
|
|
cd src
|
|
docker build \
|
|
--tag ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-${{ matrix.arch }} \
|
|
--platform linux/${{ matrix.arch }} -f Dockerfile .
|
|
docker push ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-${{ matrix.arch }}
|
|
|
|
manifest:
|
|
name: update docker manifest
|
|
needs: build-image
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: catthehacker/ubuntu:act-latest
|
|
|
|
steps:
|
|
- name: Login to registry
|
|
uses: docker/login-action@v3
|
|
with:
|
|
registry: ${{ env.REGISTRY }}
|
|
username: ${{ secrets.REGISTRY_USER }}
|
|
password: ${{ secrets.REGISTRY_TOKEN }}
|
|
|
|
- name: latest
|
|
run: |
|
|
docker manifest create \
|
|
${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest \
|
|
--amend ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-amd64 \
|
|
--amend ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest-arm64
|
|
docker manifest push ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest
|