librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

ci/cd - fix wrong cache name in container build workflow

This commit is contained in:
florian 2023-04-30 00:24:35 +02:00
parent 93d0a991a9
commit 4bfc5b693f
No known key found for this signature in database
GPG Key ID: 3D80806F12602A7C
2 changed files with 33 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
.github/workflows/beta.yml vendored
View File

@ -17,11 +17,10 @@ jobs:
DOCKERFILE: src/bw/Dockerfile
CACHE: false
PUSH: false
CACHE_SUFFIX: amd64
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
build-bw-386:
uses: ./.github/workflows/container-build.yml
with:
@ -31,11 +30,10 @@ jobs:
DOCKERFILE: src/bw/Dockerfile
CACHE: false
PUSH: false
CACHE_SUFFIX: 386
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# Build SC amd64 + i386 images
build-sc-amd64:
@ -47,11 +45,10 @@ jobs:
DOCKERFILE: src/scheduler/Dockerfile
CACHE: false
PUSH: false
CACHE_SUFFIX: amd64
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
build-sc-386:
uses: ./.github/workflows/container-build.yml
with:
@ -61,11 +58,10 @@ jobs:
DOCKERFILE: src/scheduler/Dockerfile
CACHE: false
PUSH: false
CACHE_SUFFIX: 386
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# Build AU amd64 + i386 images
build-au-amd64:
@ -77,11 +73,10 @@ jobs:
DOCKERFILE: src/autoconf/Dockerfile
CACHE: false
PUSH: false
CACHE_SUFFIX: amd64
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
build-au-386:
uses: ./.github/workflows/container-build.yml
with:
@ -91,11 +86,10 @@ jobs:
DOCKERFILE: src/autoconf/Dockerfile
CACHE: false
PUSH: false
CACHE_SUFFIX: 386
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# Build UI amd64 + i386 images
build-ui-amd64:
@ -107,11 +101,10 @@ jobs:
DOCKERFILE: src/ui/Dockerfile
CACHE: false
PUSH: false
CACHE_SUFFIX: amd64
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
build-ui-386:
uses: ./.github/workflows/container-build.yml
with:
@ -121,11 +114,10 @@ jobs:
DOCKERFILE: src/ui/Dockerfile
CACHE: false
PUSH: false
CACHE_SUFFIX: 386
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# Build arm64 + arm/v7 images
build-bw-arm:
@ -137,11 +129,11 @@ jobs:
DOCKERFILE: src/bw/Dockerfile
CACHE: false
PUSH: false
CACHE_SUFFIX: arm
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
build-sc-arm:
needs: ["build-bw-arm"]
uses: ./.github/workflows/container-build.yml

24
.github/workflows/container-build.yml vendored
View File

@ -23,6 +23,10 @@ on:
required: false
type: boolean
default: true
CACHE_SUFFIX:
required: false
type: boolean
default: ""
secrets:
DOCKER_USERNAME:
required: true
@ -32,6 +36,10 @@ on:
required: false
PRIVATE_REGISTRY_TOKEN:
required: false
ARM_SSH_KEY:
required: false
ARM_SSH_CONFIG:
required: false
jobs:
build:
@ -54,6 +62,20 @@ jobs:
registry: ${{ secrets.PRIVATE_REGISTRY }}
username: registry
password: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
- name: Setup SSH for ARM node
if: inputs.CACHE_SUFFIX == 'arm'
run: |
mkdir -p ~/.ssh
echo "$SSH_KEY" > ~/.ssh/id_rsa_arm
chmod 600 ~/.ssh/id_rsa_arm
echo "$SSH_CONFIG" > ~/.ssh/config
env:
SSH_KEY: ${{ secrets.ARM_SSH_KEY }}
SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }}
- name: Append ARM node to buildx
if: inputs.CACHE_SUFFIX == 'arm'
run: |
docker buildx create --append --name ${{ steps.buildx.outputs.name }} --node arm --platform linux/arm64,linux/arm/v7,linux/arm/v6 ssh://ubuntu@arm
# Build cached image
- name: Build image
if: inputs.CACHE == true
@ -76,7 +98,7 @@ jobs:
platforms: ${{ inputs.ARCH }}
load: true
tags: local/${{ inputs.IMAGE }}
cache-to: type=registry,ref=bunkerity/cache:${{ inputs.IMAGE }}-${{ inputs.RELEASE }}-${{ inputs.ARCH }},mode=min
cache-to: type=registry,ref=bunkerity/cache:${{ inputs.IMAGE }}-${{ inputs.RELEASE }}-${{ inputs.CACHE_SUFFIX }},mode=min
# Check OS vulnerabilities
- name: Check OS vulnerabilities
uses: aquasecurity/trivy-action@master