From fe9a543269b2b777a4c059db9a6353fc88711c72 Mon Sep 17 00:00:00 2001 From: DmitriyLewen <91113035+DmitriyLewen@users.noreply.github.com> Date: Wed, 23 Aug 2023 12:39:36 +0600 Subject: [PATCH] feat(ci): add action to push test images (#30) --- .github/workflows/push.yaml | 57 +++++++++++++++++++++++++++++++++++++ Makefile | 24 ++++++++++++++++ push.sh => copy-images.sh | 47 ------------------------------ 3 files changed, 81 insertions(+), 47 deletions(-) create mode 100644 .github/workflows/push.yaml create mode 100644 Makefile rename push.sh => copy-images.sh (86%) diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml new file mode 100644 index 0000000..7e34768 --- /dev/null +++ b/.github/workflows/push.yaml @@ -0,0 +1,57 @@ +name: push + +on: + push: + branches: + - master + +env: + TEST_IMAGE: 'ghcr.io/${{ github.repository_owner }}/trivy-test-images' # used in Makefile + GH_USER: "aqua-bot" + +jobs: + changed_files: + runs-on: ubuntu-latest + name: Push changed images + steps: + - uses: actions/checkout@v3 + + - name: Login to ghcr.io registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ env.GH_USER }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Setup Go + uses: actions/setup-go@v4 + + - name: Get changed files + id: changed-files-yaml + uses: tj-actions/changed-files@v37 + with: + files_yaml: | + busybox: + - 'busybox-with-lockfile/**' + containerd: + - 'containerd/**' + spring4shell: + - 'spring4shell/**' + crane-images: + - push-crane-images.sh + + - name: Push `busybox-with-lockfile` image + if: steps.changed-files-yaml.outputs.busybox_any_changed == 'true' + run: make build-busybox + + - name: Push `containerd` image + if: steps.changed-files-yaml.outputs.containerd_any_changed == 'true' + run: make build-containerd + + - name: Push `spring4shell` image + if: steps.changed-files-yaml.outputs.spring4shell_any_changed == 'true' + run: make build-spring4shell + + - name: Copy images + if: steps.changed-files-yaml.outputs.crane-images_any_changed == 'true' + run: make copy-images \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..7665f5f --- /dev/null +++ b/Makefile @@ -0,0 +1,24 @@ +ifndef TEST_IMAGE + export TEST_IMAGE=ghcr.io/aquasecurity/trivy-test-images +endif + +build-busybox: + docker build -t $(TEST_IMAGE):busybox-with-lockfile busybox-with-lockfile + docker push $(TEST_IMAGE):busybox-with-lockfile + docker rmi -f $(TEST_IMAGE):busybox-with-lockfile + +build-containerd: + docker build -t $(TEST_IMAGE)/containerd:latest containerd + docker push $(TEST_IMAGE)/containerd:latest + docker rmi -f $(TEST_IMAGE)/containerd:latest + +build-spring4shell: + docker build --target jre11 -t $(TEST_IMAGE):spring4shell-jre11 spring4shell + docker push $(TEST_IMAGE):spring4shell-jre11 + docker rmi -f $(TEST_IMAGE):spring4shell-jre11 + docker build --target jre8 -t $(TEST_IMAGE):spring4shell-jre8 spring4shell + docker push $(TEST_IMAGE):spring4shell-jre8 + docker rmi -f $(TEST_IMAGE):spring4shell-jre8 + +copy-images: + ./copy-images.sh \ No newline at end of file diff --git a/push.sh b/copy-images.sh similarity index 86% rename from push.sh rename to copy-images.sh index 51c503b..d7771fa 100755 --- a/push.sh +++ b/copy-images.sh @@ -5,39 +5,6 @@ if !(type "crane" > /dev/null 2>&1); then go install github.com/google/go-containerregistry/cmd/crane@latest fi -TEST_IMAGE=ghcr.io/aquasecurity/trivy-test-images - - -cat <