Skip to content

fix(crux-ui): submit hook #21

fix(crux-ui): submit hook

fix(crux-ui): submit hook #21

name: tester_image_builder
on:
push:
branches: [develop]
paths: [images/playwright/**, .github/workflows/image-tester.yml]
pull_request:
paths: [images/playwright/**, .github/workflows/image-tester.yml]
permissions:
contents: read
pull-requests: read
packages: write
env:
GITHUB_REGISTRY: ghcr.io
TESTER_IMAGE_NAME: dyrector-io/dyrectorio/playwright
jobs:
build:
runs-on: ubuntu-22.04
container:
image: ghcr.io/dyrector-io/dyrectorio/builder-images/protobuf:1
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Docker build
run: docker build -t ${GITHUB_REGISTRY}/${TESTER_IMAGE_NAME}:latest ./images/playwright
- name: Docker save
run: docker save ${GITHUB_REGISTRY}/${TESTER_IMAGE_NAME}:latest | gzip -f > tester.zstd
- name: Artifact upload
uses: actions/upload-artifact@v3
with:
name: tester
path: ./tester.zstd
push:
runs-on: ubuntu-22.04
needs: build
container:
image: ghcr.io/dyrector-io/dyrectorio/builder-images/signer:2
if: github.ref_name == 'develop'
environment: Workflow - Protected
steps:
- name: Artifact download
uses: actions/download-artifact@v3
with:
name: tester
path: artifacts
- name: Docker load
run: zcat artifacts/tester.zstd | docker load
- name: Login to GHCR
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
- name: Docker push
run: docker push ${GITHUB_REGISTRY}/${TESTER_IMAGE_NAME}:latest
- name: Write signing key to disk
run: echo "${{ secrets.COSIGN_PRIVATE_KEY }}" > cosign.key
- name: Sign container image
run: |
cosign sign --yes --key cosign.key $(docker inspect --format='{{index .RepoDigests 0}}' ${GITHUB_REGISTRY}/${TESTER_IMAGE_NAME}:latest )
env:
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}