ci: added publishing intel trust authority AS docker

- Refactored directory structure for building KBS docker images - Added publishing KBS intel trust authority AS docker image on ghcr.io - Fixed building KBS ITA AS image - moved from OpenSSL 1 to OpenSSL 3 Signed-off-by: Pawel Proskurnicki <[email protected]>
pawelpros · Jun 14, 2024 · 0aae6a0 · 0aae6a0
1 parent 7b986f7
commit 0aae6a0
Show file tree

Hide file tree

Showing 6 changed files with 12 additions and 5 deletions.
diff --git a/.github/workflows/kbs-build-and-push.yaml b/.github/workflows/kbs-build-and-push.yaml
@@ -31,4 +31,9 @@ jobs:
     - name: Build Container Image KBS (gRPC AS)
       run: |
         commit_sha=${{ github.sha }}
-        DOCKER_BUILDKIT=1 docker build -t ghcr.io/confidential-containers/staged-images/kbs-grpc-as:${commit_sha} -t ghcr.io/confidential-containers/staged-images/kbs-grpc-as:latest . -f kbs/docker/Dockerfile.coco-as-grpc --push
+        DOCKER_BUILDKIT=1 docker build -t ghcr.io/confidential-containers/staged-images/kbs-grpc-as:${commit_sha} -t ghcr.io/confidential-containers/staged-images/kbs-grpc-as:latest . -f kbs/docker/coco-as-grpc/Dockerfile --push
+
+    - name: Build Container Image KBS (intel-trust-authority AS)
+      run: |
+        commit_sha=${{ github.sha }}
+        DOCKER_BUILDKIT=1 docker build -t ghcr.io/confidential-containers/staged-images/kbs-intel-trust-authority-as:${commit_sha} -t ghcr.io/confidential-containers/staged-images/kbs-intel-trust-authority-as:latest . -f kbs/docker/intel-trust-authority/Dockerfile --push
diff --git a/.github/workflows/kbs-docker-build.yml b/.github/workflows/kbs-docker-build.yml
@@ -16,5 +16,6 @@ jobs:
       run: |
         DOCKER_BUILDKIT=1 docker build -t kbs:coco-as . -f kbs/docker/Dockerfile; \
         DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-openssl --build-arg KBS_FEATURES=coco-as-builtin,openssl,resource,opa . -f kbs/docker/Dockerfile; \
-        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-grpc . -f kbs/docker/Dockerfile.coco-as-grpc; \
-        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-rhel-ubi . -f kbs/docker/Dockerfile.rhel-ubi
+        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-grpc . -f kbs/docker/coco-as-grpc/Dockerfile; \
+        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-rhel-ubi . -f kbs/docker/rhel-ubi/Dockerfile; \
+        DOCKER_BUILDKIT=1 docker build -t kbs:coco-as-intel-trust-authority . -f kbs/docker/intel-trust-authority/Dockerfile
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -3,7 +3,7 @@ services:
   kbs:
     build:
       context: .
-      dockerfile: ./kbs/docker/Dockerfile.coco-as-grpc
+      dockerfile: ./kbs/docker/coco-as-grpc/Dockerfile
     #image: ghcr.io/confidential-containers/key-broker-service:latest
     command: [
         "/usr/local/bin/kbs",

diff --git a/kbs/docker/Dockerfile.coco-as-grpc → kbs/docker/coco-as-grpc/Dockerfile b/kbs/docker/Dockerfile.coco-as-grpc → kbs/docker/coco-as-grpc/Dockerfile
diff --git a/kbs/docker/Dockerfile.intel-trust-authority → kbs/docker/intel-trust-authority/Dockerfile b/kbs/docker/Dockerfile.intel-trust-authority → kbs/docker/intel-trust-authority/Dockerfile
@@ -6,7 +6,8 @@ COPY . .
 RUN apt-get update && apt install -y git
 
 # Build and Install KBS
-RUN cargo install --path kbs/src/kbs --no-default-features --features intel-trust-authority-as,rustls,resource,opa
+ARG KBS_FEATURES=intel-trust-authority-as,rustls,resource,opa
+RUN cargo install --path kbs/src/kbs --no-default-features --features ${KBS_FEATURES}
 
 FROM ubuntu:22.04
 

diff --git a/kbs/docker/Dockerfile.rhel-ubi → kbs/docker/rhel-ubi/Dockerfile b/kbs/docker/Dockerfile.rhel-ubi → kbs/docker/rhel-ubi/Dockerfile