Skip to content
Image

Image #66

Sign in to view logs

Image

Image #66

Workflow file for this run

.github/workflows/docker-latest.yml at 5433005
name: "Image"
on:
workflow_dispatch:
schedule:
- cron: '32 5 15 * *' # At 05:32 on day-of-month 15.
jobs:
docker:
name: Build container image
# https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2404-Readme.md
runs-on: ubuntu-2404
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
# Add support for more platforms with QEMU
# https://github.com/marketplace/actions/docker-setup-qemu
- name: Set up QEMU 🔧
uses: docker/setup-qemu-action@v3
with:
platforms: 'arm64'
# Login
# https://github.com/marketplace/actions/docker-login
- name: Login to GitHub container registry 🏭
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build 🧪
run: |
podman manifest create "cloud-tools-container" && \
podman build \
--manifest "cloud-tools-container" \
--platform "linux/amd64,linux/arm64" \
--tag "ghcr.io/cyclenerd/cloud-tools-container:test" \
. && \
podman manifest inspect "cloud-tools-container" | jq && \
podman manifest inspect "cloud-tools-container" | grep -o "amd64" && \
podman manifest inspect "cloud-tools-container" | grep -o "arm64" && \
podman manifest push --all "cloud-tools-container" "docker://ghcr.io/cyclenerd/cloud-tools-container:test"
docker-test:
name: Test container image
needs: [docker]
runs-on: ubuntu-latest
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
# Inspect
- name: Inspect test image 💿
run: |
skopeo inspect --raw "docker://ghcr.io/cyclenerd/cloud-tools-container:test" | jq && \
skopeo inspect --raw "docker://ghcr.io/cyclenerd/cloud-tools-container:test" | grep -o "amd64" && \
skopeo inspect --raw "docker://ghcr.io/cyclenerd/cloud-tools-container:test" | grep -o "arm64"
# Run test
- name: Pull test image 💿
run: |
docker pull "ghcr.io/cyclenerd/cloud-tools-container:test"
docker tag "ghcr.io/cyclenerd/cloud-tools-container:test" "cloud-tools-container"
- name: Images 📏
run: docker images
# Tests
- name: Test 📏
run: bash test.sh
container-scan:
name: Container image scan
runs-on: ubuntu-latest
needs: [docker-test]
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
# Scan with Grype vulnerability scanner
# https://github.com/anchore/scan-action
- name: Scan 🧐
uses: anchore/scan-action@v3
id: scan
with:
image: "ghcr.io/cyclenerd/cloud-tools-container:test"
# Do not fail to upload the SARIF report in the next step...
fail-build: false
severity-cutoff: critical
output-format: sarif
- name: Upload SARIF report 📤
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
github-registry-latest:
name: Push image to GitHub
runs-on: ubuntu-latest
needs: [container-scan]
steps:
- name: Login to GitHub container registry 🏭
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push image to GitHub container registry as latest version 🚢
run: skopeo copy --all "docker://ghcr.io/cyclenerd/cloud-tools-container:test" "docker://ghcr.io/cyclenerd/cloud-tools-container:latest"
docker-hub-latest:
name: Push image to Docker Hub
runs-on: ubuntu-latest
needs: [container-scan]
steps:
- name: Login to Docker Hub registry 🏭
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
- name: Push image to Docker Hub registry as latest version 🚢
run: skopeo copy --all "docker://ghcr.io/cyclenerd/cloud-tools-container:test" "docker://cyclenerd/cloud-tools-container:latest"
readme:
name: Update README
runs-on: ubuntu-latest
needs: [docker-hub-latest, github-registry-latest]
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Update 📰
run: bash readme.sh