actions - fix manifest error with buildx and load
This commit is contained in:
parent
6bb6facd88
commit
37090dc66e
|
@ -12,6 +12,20 @@ jobs:
|
|||
- name: Checkout source code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
# temp fix : can't use buildx + load because of manifest error
|
||||
# so we need to build the image the traditional way
|
||||
- name: Temp build to check security issues
|
||||
run: docker build -t bunkerized-nginx-autoconf -f autoconf/Dockerfile .
|
||||
|
||||
- name: Run Trivy security scanner
|
||||
uses: aquasecurity/trivy-action@master
|
||||
with:
|
||||
image-ref: 'bunkerized-nginx-autoconf'
|
||||
format: 'table'
|
||||
exit-code: '1'
|
||||
ignore-unfixed: true
|
||||
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
|
||||
|
||||
- name: Set variables
|
||||
run: |
|
||||
VER=$(cat VERSION | tr -d '\n')
|
||||
|
@ -45,9 +59,8 @@ jobs:
|
|||
context: .
|
||||
file: autoconf/Dockerfile
|
||||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
load: true
|
||||
push: false
|
||||
tags: bunkerized-nginx-autoconf
|
||||
push: true
|
||||
tags: bunkerity/bunkerized-nginx-autoconf:dev
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||
|
||||
|
@ -57,38 +70,6 @@ jobs:
|
|||
rm -rf /tmp/.buildx-cache
|
||||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
||||
|
||||
- name: Build (master)
|
||||
uses: docker/build-push-action@v2
|
||||
if: github.ref == 'refs/heads/master'
|
||||
with:
|
||||
context: .
|
||||
file: autoconf/Dockerfile
|
||||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
load: true
|
||||
push: false
|
||||
tags: bunkerized-nginx-autoconf
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-master
|
||||
|
||||
- name: Run Trivy security scanner
|
||||
uses: aquasecurity/trivy-action@master
|
||||
with:
|
||||
image-ref: 'bunkerized-nginx-autoconf'
|
||||
format: 'table'
|
||||
exit-code: '1'
|
||||
ignore-unfixed: true
|
||||
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
|
||||
|
||||
- name: Push (dev)
|
||||
uses: docker/build-push-action@v2
|
||||
if: github.ref == 'refs/heads/dev'
|
||||
with:
|
||||
context: .
|
||||
file: autoconf/Dockerfile
|
||||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
push: true
|
||||
tags: bunkerity/bunkerized-nginx-autoconf:dev
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
|
||||
- name: Push (master)
|
||||
uses: docker/build-push-action@v2
|
||||
if: github.ref == 'refs/heads/master'
|
||||
|
@ -98,4 +79,4 @@ jobs:
|
|||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
push: true
|
||||
tags: bunkerity/bunkerized-nginx-autoconf:latest,bunkerity/bunkerized-nginx-autoconf:${{ env.VERSION }}
|
||||
cache-from: type=local,src=/tmp/.buildx-cache-master
|
||||
|
||||
|
|
|
@ -12,6 +12,20 @@ jobs:
|
|||
- name: Checkout source code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
# temp fix : can't use buildx + load because of manifest error
|
||||
# so we need to build the image the traditional way
|
||||
- name: Temp build to check security issues
|
||||
run: docker build -t bunkerized-nginx-ui -f ui/Dockerfile .
|
||||
|
||||
- name: Run Trivy security scanner
|
||||
uses: aquasecurity/trivy-action@master
|
||||
with:
|
||||
image-ref: 'bunkerized-nginx-ui'
|
||||
format: 'table'
|
||||
exit-code: '1'
|
||||
ignore-unfixed: true
|
||||
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
|
||||
|
||||
- name: Set variables
|
||||
run: |
|
||||
VER=$(cat VERSION | tr -d '\n')
|
||||
|
@ -45,9 +59,8 @@ jobs:
|
|||
context: .
|
||||
file: ui/Dockerfile
|
||||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
load: true
|
||||
push: false
|
||||
tags: bunkerized-nginx-ui
|
||||
push: true
|
||||
tags: bunkerity/bunkerized-nginx-ui:dev
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||
|
||||
|
@ -57,38 +70,6 @@ jobs:
|
|||
rm -rf /tmp/.buildx-cache
|
||||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
||||
|
||||
- name: Build (master)
|
||||
uses: docker/build-push-action@v2
|
||||
if: github.ref == 'refs/heads/master'
|
||||
with:
|
||||
context: .
|
||||
file: ui/Dockerfile
|
||||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
load: true
|
||||
push: false
|
||||
tags: bunkerized-nginx-ui
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-master
|
||||
|
||||
- name: Run Trivy security scanner
|
||||
uses: aquasecurity/trivy-action@master
|
||||
with:
|
||||
image-ref: 'bunkerized-nginx-ui'
|
||||
format: 'table'
|
||||
exit-code: '1'
|
||||
ignore-unfixed: true
|
||||
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
|
||||
|
||||
- name: Push (dev)
|
||||
uses: docker/build-push-action@v2
|
||||
if: github.ref == 'refs/heads/dev'
|
||||
with:
|
||||
context: .
|
||||
file: ui/Dockerfile
|
||||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
push: true
|
||||
tags: bunkerity/bunkerized-nginx-ui:dev
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
|
||||
- name: Push (master)
|
||||
uses: docker/build-push-action@v2
|
||||
if: github.ref == 'refs/heads/master'
|
||||
|
@ -98,4 +79,3 @@ jobs:
|
|||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
push: true
|
||||
tags: bunkerity/bunkerized-nginx-ui:latest,bunkerity/bunkerized-nginx-ui:${{ env.VERSION }}
|
||||
cache-from: type=local,src=/tmp/.buildx-cache-master
|
||||
|
|
|
@ -12,6 +12,23 @@ jobs:
|
|||
- name: Checkout source code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
# temp fix : can't use buildx + load because of manifest error
|
||||
# so we need to build the image the traditional way
|
||||
- name: Temp build to check security issues
|
||||
run: docker build -t bunkerized-nginx .
|
||||
|
||||
- name: Run Trivy security scanner
|
||||
uses: aquasecurity/trivy-action@master
|
||||
with:
|
||||
image-ref: 'bunkerized-nginx'
|
||||
format: 'table'
|
||||
exit-code: '1'
|
||||
ignore-unfixed: true
|
||||
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
|
||||
|
||||
- name: Run autotest
|
||||
run: docker run bunkerized-nginx test
|
||||
|
||||
- name: Set variables
|
||||
run: |
|
||||
VER=$(cat VERSION | tr -d '\n')
|
||||
|
@ -44,9 +61,8 @@ jobs:
|
|||
with:
|
||||
context: .
|
||||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
load: true
|
||||
push: false
|
||||
tags: bunkerized-nginx
|
||||
push: true
|
||||
tags: bunkerized-nginx:dev
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||
|
||||
|
@ -56,39 +72,6 @@ jobs:
|
|||
rm -rf /tmp/.buildx-cache
|
||||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
||||
|
||||
- name: Build (master)
|
||||
uses: docker/build-push-action@v2
|
||||
if: github.ref == 'refs/heads/master'
|
||||
with:
|
||||
context: .
|
||||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
load: true
|
||||
push: false
|
||||
tags: bunkerized-nginx
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-master
|
||||
|
||||
- name: Run autotest
|
||||
run: docker run bunkerized-nginx test
|
||||
|
||||
- name: Run Trivy security scanner
|
||||
uses: aquasecurity/trivy-action@master
|
||||
with:
|
||||
image-ref: 'bunkerized-nginx'
|
||||
format: 'table'
|
||||
exit-code: '1'
|
||||
ignore-unfixed: true
|
||||
severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
|
||||
|
||||
- name: Push (dev)
|
||||
uses: docker/build-push-action@v2
|
||||
if: github.ref == 'refs/heads/dev'
|
||||
with:
|
||||
context: .
|
||||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
push: true
|
||||
tags: bunkerity/bunkerized-nginx:dev
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
|
||||
- name: Push (master)
|
||||
uses: docker/build-push-action@v2
|
||||
if: github.ref == 'refs/heads/master'
|
||||
|
@ -97,4 +80,3 @@ jobs:
|
|||
platforms: linux/amd64,linux/386,linux/arm/v7,linux/arm64/v8
|
||||
push: true
|
||||
tags: bunkerity/bunkerized-nginx:latest,bunkerity/bunkerized-nginx:${{ env.VERSION }}
|
||||
cache-from: type=local,src=/tmp/.buildx-cache-master
|
||||
|
|
Loading…
Reference in New Issue