forked from openshift/compliance-operator
-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update action to build image on new PR
This triggers action to run on every new PR created
- Loading branch information
1 parent
97c897c
commit 512bcbf
Showing
1 changed file
with
152 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,152 @@ | ||
| name: Release PR image | ||
|
|
||
| on: | ||
| pull_request: | ||
| types: | ||
| - opened | ||
| - reopened | ||
| - synchronize | ||
|
|
||
| jobs: | ||
| get-pr-number: | ||
| name: Get PR number | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| pr-number: ${{ steps.get-pr-number.outputs.pr-number }} | ||
| steps: | ||
| - name: Get PR number | ||
| id: get-pr-number | ||
| run: echo "::set-output name=pr-number::$(echo ${GITHUB_REF#refs/pull/} | cut -d'/' -f1)" | ||
| operator-container-push-pr: | ||
| needs: get-pr-number | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| packages: write | ||
| uses: metal-toolbox/container-push/.github/workflows/container-push.yml@main | ||
| with: | ||
| name: compliance-operator | ||
| registry_org: complianceascode | ||
| tag: ${{ needs.get-pr-number.outputs.pr-number }} | ||
| dockerfile_path: build/Dockerfile | ||
| vendor: 'Compliance Operator Authors' | ||
|
|
||
| bundle-container-push-pr: | ||
| needs: get-pr-number | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| packages: write | ||
| uses: metal-toolbox/container-push/.github/workflows/container-push.yml@main | ||
| with: | ||
| name: compliance-operator-bundle | ||
| registry_org: complianceascode | ||
| tag: ${{ needs.get-pr-number.outputs.pr-number }} | ||
| dockerfile_path: bundle.Dockerfile | ||
| vendor: 'Compliance Operator Authors' | ||
|
|
||
| openscap-container-push-pr: | ||
| needs: get-pr-number | ||
| permissions: | ||
| contents: read | ||
| id-token: write | ||
| packages: write | ||
| uses: metal-toolbox/container-push/.github/workflows/container-push.yml@main | ||
| with: | ||
| name: openscap-ocp | ||
| registry_org: complianceascode | ||
| tag: ${{ needs.get-pr-number.outputs.pr-number }} | ||
| dockerfile_path: images/openscap/Dockerfile | ||
| vendor: 'Compliance Operator Authors' | ||
|
|
||
| catalog-container-push-pr: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - get-pr-number | ||
| - bundle-container-push-pr | ||
| if: always() # remove this after we fix signing | ||
|
|
||
| permissions: | ||
| packages: write | ||
| contents: read | ||
|
|
||
| outputs: | ||
| image-digest: ${{ steps.container_info.outputs.image-digest }} | ||
| image-tags: ${{ steps.container_info.outputs.image-tags }} | ||
|
|
||
| steps: | ||
| - name: Checkout | ||
| uses: actions/[email protected] | ||
|
|
||
| - name: Login to ghcr.io | ||
| uses: docker/[email protected] | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@v2 | ||
|
|
||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v2 | ||
|
|
||
| - name: Docker metadata | ||
| id: meta | ||
| uses: docker/metadata-action@v4 | ||
| with: | ||
| images: ghcr.io/complianceascode/compliance-operator-catalog | ||
| tags: | | ||
| type=raw,value=${{ needs.get-pr-number.outputs.pr-number }} | ||
| type=sha,format=long | ||
| labels: | | ||
| org.opencontainers.image.source=${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} | ||
| org.opencontainers.image.title=compliance-operator-catalog | ||
| org.opencontainers.image.version=latest | ||
| org.opencontainers.image.licenses='Apache-2.0' | ||
| org.opencontainers.image.vendor='Compliance Operator Authors' | ||
| - name: Generate catalog dockerfile | ||
| id: generate_catalog_dockerfile | ||
| run: | | ||
| make catalog-docker BUNDLE_IMGS=ghcr.io/complianceascode/compliance-operator-bundle:${{ needs.get-pr-number.outputs.pr-number }} | ||
| - name: Build container images and push | ||
| id: docker_build | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| file: catalog.Dockerfile | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
| push: true | ||
| platforms: 'linux/amd64' | ||
|
|
||
| - name: Get container info | ||
| id: container_info | ||
| run: | | ||
| image_tags="${{ needs.get-pr-number.outputs.pr-number }}" | ||
| echo "::set-output name=image-digest::${{ steps.docker_build.outputs.digest }}" | ||
| echo "::set-output name=image-tags::${image_tags}" | ||
| comment-pr: | ||
| needs: | ||
| - operator-container-push-pr | ||
| - bundle-container-push-pr | ||
| - openscap-container-push-pr | ||
| - catalog-container-push-pr | ||
| - get-pr-number | ||
| runs-on: ubuntu-latest | ||
| name: Comment on the PR | ||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v3 | ||
|
|
||
| - name: Comment PR | ||
| uses: thollander/actions-comment-pull-request@v2 | ||
| with: | ||
| message: | | ||
| :robot: To deploy this PR, run the following command: | ||
| ``` | ||
| make catalog-deploy CATALOG_IMG=ghcr.io/complianceascode/compliance-operator-catalog:${{ needs.get-pr-number.outputs.pr-number }} | ||
| ``` |