NGINX: Migrate auth cache key to NJS. #660
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Container Images | |
on: | |
pull_request: | |
branches: | |
- "*" | |
paths: | |
- 'images/**' | |
push: | |
branches: | |
- main | |
paths: | |
- 'images/**' | |
permissions: | |
contents: write | |
packages: write | |
env: | |
PLATFORMS: linux/amd64 | |
jobs: | |
changes: | |
permissions: | |
contents: read # for dorny/paths-filter to fetch a list of changed files | |
pull-requests: read # for dorny/paths-filter to read pull requests | |
runs-on: ubuntu-latest | |
outputs: | |
custom-error-pages: ${{ steps.filter.outputs.custom-error-pages }} | |
cfssl: ${{ steps.filter.outputs.cfssl }} | |
fastcgi-helloserver: ${{ steps.filter.outputs.fastcgi-helloserver }} | |
e2e-test-echo: ${{ steps.filter.outputs.e2e-test-echo }} | |
go-grpc-greeter-server: ${{ steps.filter.outputs.go-grpc-greeter-server }} | |
httpbun: ${{ steps.filter.outputs.httpbun }} | |
kube-webhook-certgen: ${{ steps.filter.outputs.kube-webhook-certgen }} | |
ext-auth-example-authsvc: ${{ steps.filter.outputs.ext-auth-example-authsvc }} | |
nginx: ${{ steps.filter.outputs.nginx }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
id: filter | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
filters: | | |
custom-error-pages: | |
- 'images/custom-error-pages/**' | |
cfssl: | |
- 'images/cfssl/**' | |
fastcgi-helloserver: | |
- 'images/fastcgi-helloserver/**' | |
e2e-test-echo: | |
- 'images/e2e-test-echo/**' | |
go-grpc-greeter-server: | |
- 'images/go-grpc-greeter-server/**' | |
httpbun: | |
- 'images/httpbun/**' | |
kube-webhook-certgen: | |
- 'images/kube-webhook-certgen/**' | |
ext-auth-example-authsvc: | |
- 'images/ext-auth-example-authsvc/**' | |
nginx: | |
- 'images/nginx/**' | |
#### TODO: Make the below jobs 'less dumb' and use the job name as parameter (the github.job context does not work here) | |
cfssl: | |
needs: changes | |
if: | | |
(needs.changes.outputs.cfssl == 'true') | |
uses: ./.github/workflows/zz-tmpl-images.yaml | |
with: | |
name: cfssl | |
secrets: inherit | |
custom-error-pages: | |
needs: changes | |
if: | | |
(needs.changes.outputs.custom-error-pages == 'true') | |
uses: ./.github/workflows/zz-tmpl-images.yaml | |
with: | |
name: custom-error-pages | |
secrets: inherit | |
e2e-test-echo: | |
needs: changes | |
if: | | |
(needs.changes.outputs.e2e-test-echo == 'true') | |
uses: ./.github/workflows/zz-tmpl-images.yaml | |
with: | |
name: e2e-test-echo | |
secrets: inherit | |
ext-auth-example-authsvc: | |
needs: changes | |
if: | | |
(needs.changes.outputs.ext-auth-example-authsvc == 'true') | |
uses: ./.github/workflows/zz-tmpl-images.yaml | |
with: | |
name: ext-auth-example-authsvc | |
secrets: inherit | |
fastcgi-helloserver: | |
needs: changes | |
if: | | |
(needs.changes.outputs.fastcgi-helloserver == 'true') | |
uses: ./.github/workflows/zz-tmpl-images.yaml | |
with: | |
name: fastcgi-helloserver | |
secrets: inherit | |
go-grpc-greeter-server: | |
needs: changes | |
if: | | |
(needs.changes.outputs.go-grpc-greeter-server == 'true') | |
uses: ./.github/workflows/zz-tmpl-images.yaml | |
with: | |
name: go-grpc-greeter-server | |
secrets: inherit | |
httpbun: | |
needs: changes | |
if: | | |
(needs.changes.outputs.httpbun == 'true') | |
uses: ./.github/workflows/zz-tmpl-images.yaml | |
with: | |
name: httpbun | |
secrets: inherit | |
kube-webhook-certgen: | |
runs-on: ubuntu-latest | |
needs: changes | |
if: | | |
(needs.changes.outputs.kube-webhook-certgen == 'true') | |
strategy: | |
matrix: | |
k8s: [v1.28.15, v1.29.10, v1.30.6, v1.31.2] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Get go version | |
run: echo "GOLANG_VERSION=$(cat GOLANG_VERSION)" >> $GITHUB_ENV | |
- name: Set up Go | |
id: go | |
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: ${{ env.GOLANG_VERSION }} | |
check-latest: true | |
- name: image build | |
run: | | |
cd images/ && make NAME=kube-webhook-certgen build | |
- name: Create Kubernetes cluster | |
id: kind | |
run: | | |
kind create cluster --image=kindest/node:${{ matrix.k8s }} | |
- name: image test | |
run: | | |
cd images/ && make NAME=kube-webhook-certgen test test-e2e | |
nginx: | |
permissions: | |
contents: write | |
packages: write | |
runs-on: ubuntu-latest | |
needs: changes | |
if: | | |
(github.event_name == 'push' && github.ref == 'refs/heads/main' && needs.changes.outputs.nginx == 'true') | |
env: | |
PLATFORMS: linux/amd64,linux/arm,linux/arm64 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 | |
with: | |
version: latest | |
platforms: ${{ env.PLATFORMS }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
with: | |
username: ${{ secrets.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: build-image | |
run: | | |
export TAG=$(cat images/nginx/TAG) | |
cd images/nginx/rootfs && docker buildx build --platform=${{ env.PLATFORMS }} --push -t ingressnginx/nginx:${TAG} . |