Generate SSL certificate for EST subsystem #2118
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build PKI | |
on: [push, pull_request] | |
env: | |
BASE_IMAGE: ${{ vars.BASE_IMAGE || 'registry.fedoraproject.org/fedora:latest' }} | |
COPR_REPO: ${{ vars.COPR_REPO || '@pki/master' }} | |
NAMESPACE: ${{ vars.REGISTRY_NAMESPACE || 'dogtagpki' }} | |
jobs: | |
# docs/development/Building_PKI.md | |
build: | |
name: Building PKI | |
runs-on: ubuntu-latest | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
- name: Update Dockerfile | |
run: | | |
# update registry namespace | |
sed -i "s/quay.io\/dogtagpki\//quay.io\/$NAMESPACE\//g" Dockerfile | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Cache Docker layers | |
id: cache-buildx | |
uses: actions/cache@v4 | |
with: | |
key: buildx-${{ hashFiles('pki.spec') }} | |
path: /tmp/.buildx-cache | |
- name: Build pki-deps image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-deps | |
target: pki-deps | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
if: steps.cache-buildx.outputs.cache-hit != 'true' | |
- name: Build pki-builder-deps image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-builder-deps | |
target: pki-builder-deps | |
cache-to: type=local,dest=/tmp/.buildx-cache | |
if: steps.cache-buildx.outputs.cache-hit != 'true' | |
- name: Build pki-builder image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-builder | |
target: pki-builder | |
cache-from: type=local,src=/tmp/.buildx-cache | |
outputs: type=docker | |
- name: Build pki-dist image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-dist | |
target: pki-dist | |
cache-from: type=local,src=/tmp/.buildx-cache | |
outputs: type=docker | |
- name: Build pki-runner image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-runner | |
target: pki-runner | |
cache-from: type=local,src=/tmp/.buildx-cache | |
outputs: type=docker | |
- name: Build pki-server image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-server | |
target: pki-server | |
cache-from: type=local,src=/tmp/.buildx-cache | |
outputs: type=docker | |
- name: Build pki-ca image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-ca | |
target: pki-ca | |
cache-from: type=local,src=/tmp/.buildx-cache | |
outputs: type=docker | |
- name: Build pki-kra image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-kra | |
target: pki-kra | |
cache-from: type=local,src=/tmp/.buildx-cache | |
outputs: type=docker | |
- name: Build pki-ocsp image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-ocsp | |
target: pki-ocsp | |
cache-from: type=local,src=/tmp/.buildx-cache | |
outputs: type=docker | |
- name: Build pki-tks image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-tks | |
target: pki-tks | |
cache-from: type=local,src=/tmp/.buildx-cache | |
outputs: type=docker | |
- name: Build pki-tps image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
build-args: | | |
BASE_IMAGE=${{ env.BASE_IMAGE }} | |
COPR_REPO=${{ env.COPR_REPO }} | |
tags: pki-tps | |
target: pki-tps | |
cache-from: type=local,src=/tmp/.buildx-cache | |
outputs: type=docker | |
- name: Save PKI images | |
run: | | |
docker images | |
docker save -o pki-images.tar \ | |
pki-dist \ | |
pki-runner \ | |
pki-server \ | |
pki-ca \ | |
pki-kra \ | |
pki-ocsp \ | |
pki-tks \ | |
pki-tps | |
- name: Store PKI images | |
uses: actions/cache@v4 | |
with: | |
key: pki-images-${{ github.sha }} | |
path: pki-images.tar |