librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

actions - fix manifest error with buildx and load

This commit is contained in:
bunkerity 2021-06-22 10:35:29 +02:00
parent 6bb6facd88
commit 37090dc66e
No known key found for this signature in database
GPG Key ID: 3D80806F12602A7C
3 changed files with 52 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
.github/workflows/build-bunkerized-nginx-autoconf.yml vendored
View File

@ -12,6 +12,20 @@ jobs:
- name: Checkout source code
uses: actions/checkout@v2
# temp fix : can't use buildx + load because of manifest error
# so we need to build the image the traditional way
- name: Temp build to check security issues
run: docker build -t bunkerized-nginx-autoconf -f autoconf/Dockerfile .
- name: Run Trivy security scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'bunkerized-nginx-autoconf'
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
- name: Set variables
run: |
VER=$(cat VERSION | tr -d '\n')
@ -45,9 +59,8 @@ jobs:
context: .
file: autoconf/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
load: true
push: false
tags: bunkerized-nginx-autoconf
push: true
tags: bunkerity/bunkerized-nginx-autoconf:dev
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
@ -57,38 +70,6 @@ jobs:
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Build (master)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/master'
with:
context: .
file: autoconf/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
load: true
push: false
tags: bunkerized-nginx-autoconf
cache-to: type=local,dest=/tmp/.buildx-cache-master
- name: Run Trivy security scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'bunkerized-nginx-autoconf'
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
- name: Push (dev)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/dev'
with:
context: .
file: autoconf/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx-autoconf:dev
cache-from: type=local,src=/tmp/.buildx-cache
- name: Push (master)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/master'
@ -98,4 +79,4 @@ jobs:
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx-autoconf:latest,bunkerity/bunkerized-nginx-autoconf:${{ env.VERSION }}
cache-from: type=local,src=/tmp/.buildx-cache-master

52
.github/workflows/build-bunkerized-nginx-ui.yml vendored
View File

@ -12,6 +12,20 @@ jobs:
- name: Checkout source code
uses: actions/checkout@v2
# temp fix : can't use buildx + load because of manifest error
# so we need to build the image the traditional way
- name: Temp build to check security issues
run: docker build -t bunkerized-nginx-ui -f ui/Dockerfile .
- name: Run Trivy security scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'bunkerized-nginx-ui'
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
- name: Set variables
run: |
VER=$(cat VERSION | tr -d '\n')
@ -45,9 +59,8 @@ jobs:
context: .
file: ui/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
load: true
push: false
tags: bunkerized-nginx-ui
push: true
tags: bunkerity/bunkerized-nginx-ui:dev
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
@ -57,38 +70,6 @@ jobs:
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Build (master)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/master'
with:
context: .
file: ui/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
load: true
push: false
tags: bunkerized-nginx-ui
cache-to: type=local,dest=/tmp/.buildx-cache-master
- name: Run Trivy security scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'bunkerized-nginx-ui'
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
- name: Push (dev)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/dev'
with:
context: .
file: ui/Dockerfile
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx-ui:dev
cache-from: type=local,src=/tmp/.buildx-cache
- name: Push (master)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/master'
@ -98,4 +79,3 @@ jobs:
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx-ui:latest,bunkerity/bunkerized-nginx-ui:${{ env.VERSION }}
cache-from: type=local,src=/tmp/.buildx-cache-master

56
.github/workflows/build-bunkerized-nginx.yml vendored
View File

@ -12,6 +12,23 @@ jobs:
- name: Checkout source code
uses: actions/checkout@v2
# temp fix : can't use buildx + load because of manifest error
# so we need to build the image the traditional way
- name: Temp build to check security issues
run: docker build -t bunkerized-nginx .
- name: Run Trivy security scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'bunkerized-nginx'
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
- name: Run autotest
run: docker run bunkerized-nginx test
- name: Set variables
run: |
VER=$(cat VERSION | tr -d '\n')
@ -44,9 +61,8 @@ jobs:
with:
context: .
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
load: true
push: false
tags: bunkerized-nginx
push: true
tags: bunkerized-nginx:dev
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
@ -56,39 +72,6 @@ jobs:
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Build (master)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/master'
with:
context: .
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
load: true
push: false
tags: bunkerized-nginx
cache-to: type=local,dest=/tmp/.buildx-cache-master
- name: Run autotest
run: docker run bunkerized-nginx test
- name: Run Trivy security scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'bunkerized-nginx'
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
- name: Push (dev)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/dev'
with:
context: .
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx:dev
cache-from: type=local,src=/tmp/.buildx-cache
- name: Push (master)
uses: docker/build-push-action@v2
if: github.ref == 'refs/heads/master'
@ -97,4 +80,3 @@ jobs:
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
push: true
tags: bunkerity/bunkerized-nginx:latest,bunkerity/bunkerized-nginx:${{ env.VERSION }}
cache-from: type=local,src=/tmp/.buildx-cache-master