Skip to content

Commit

Permalink
Merge pull request #140 from scality/improvement/OSIS-146
Browse files Browse the repository at this point in the history
  • Loading branch information
francoisferrand authored Apr 30, 2024
2 parents 57ec0d9 + bc899b2 commit ea5000f
Show file tree
Hide file tree
Showing 10 changed files with 35 additions and 63 deletions.
10 changes: 5 additions & 5 deletions .github/workflows/codeql.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,26 +21,26 @@ jobs:
NEXUS_PWD: ${{ secrets.NEXUS_PASSWORD }}
steps:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@v3
with:
languages: java

- name: Setup Java
uses: actions/setup-java@v3
uses: actions/setup-java@v4
with:
distribution: "corretto"
java-version: "17"

- name: Setup Gradle
uses: gradle/gradle-build-action@v2.4.2
uses: gradle/gradle-build-action@v3
with:
gradle-version: 7.3

- name: Execute build with Gradle wrapper
run: ./gradlew build -PsonatypeUsername=$NEXUS_UNAME -PsonatypePassword=$NEXUS_PWD

- name: Build and analyze
uses: github/codeql-action/analyze@v2
uses: github/codeql-action/analyze@v3
4 changes: 2 additions & 2 deletions .github/workflows/dependency-review.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: 'Dependency Review'
uses: actions/dependency-review-action@v3
uses: actions/dependency-review-action@v4
33 changes: 8 additions & 25 deletions .github/workflows/docker-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,28 +4,13 @@ name: docker-build
on:
workflow_call:
inputs:
namespace:
required: false
type: string
default: osis-dev
tag:
required: false
type: string
default: "${{ github.sha }}"
registry:
required: false
type: string
default: registry.scality.com
secrets:
REGISTRY_LOGIN:
required: true
REGISTRY_PASSWORD:
required: true

env:
NAMESPACE: ${{ inputs.namespace }}
TAG: ${{ inputs.tag }}
REGISTRY: ${{ inputs.registry }}

jobs:
build:
Expand All @@ -34,25 +19,23 @@ jobs:
timeout-minutes: 10
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Login to Registry
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.REGISTRY_LOGIN }}
password: ${{ secrets.REGISTRY_PASSWORD }}
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ github.token }}

- name: Build and push development docker image
uses: docker/build-push-action@v3
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: ${{ env.REGISTRY }}/${{ env.NAMESPACE }}/osis:${{ env.TAG }}
tags: ghcr.io/${{ github.repository }}:${{ env.TAG }}
cache-from: type=gha,scope=osis
cache-to: type=gha,mode=max,scope=osis
build-args: |
NODE_ENV=${{ matrix.build.env }}
6 changes: 3 additions & 3 deletions .github/workflows/gradle-build-and-upload.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,16 +21,16 @@ jobs:
SIGNING_PWD: ${{ secrets.SIGNING_PASSWORD }}
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Setup Java
uses: actions/setup-java@v3
uses: actions/setup-java@v4
with:
distribution: "corretto"
java-version: "17"

- name: Setup Gradle
uses: gradle/gradle-build-action@v2
uses: gradle/gradle-build-action@v3
with:
gradle-version: 7.3

Expand Down
6 changes: 1 addition & 5 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,7 @@ jobs:
name: Docker image
uses: ./.github/workflows/docker-build.yml
with:
namespace: osis
tag: ${{ github.event.inputs.tag }}
secrets:
REGISTRY_LOGIN: ${{ secrets.REGISTRY_LOGIN }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}

github-release:
name: Creating GitHub Release
Expand All @@ -27,7 +23,7 @@ jobs:
- docker-build
steps:
- name: Github Release
uses: softprops/action-gh-release@v1
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
Expand Down
11 changes: 4 additions & 7 deletions .github/workflows/security.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,15 +18,12 @@ jobs:
contents: read
packages: write
uses: ./.github/workflows/docker-build.yml
secrets:
REGISTRY_LOGIN: ${{ secrets.REGISTRY_LOGIN }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}

trivy:
needs: build
name: Trivy Vulnerability Scan for Code
uses: scality/workflows/.github/workflows/trivy.yaml@v1
uses: scality/workflows/.github/workflows/trivy.yaml@v2
with:
name: osis
namespace: osis-dev
registry: registry.scality.com
name: ${{ github.event.repository.name }}
namespace: ${{ github.repository_owner }}
registry: ghcr.io
5 changes: 1 addition & 4 deletions .github/workflows/test-and-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,17 +16,14 @@ jobs:
docker-build:
name: Development docker image
uses: ./.github/workflows/docker-build.yml
secrets:
REGISTRY_LOGIN: ${{ secrets.REGISTRY_LOGIN }}
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}

code_coverage:
name: code coverage
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
name: codecov-osis
8 changes: 4 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,11 @@ This project is for OSIS, which integrates [Scality RING](https://www.scality.co
```
Dev:
```sh
$ docker pull registry.scality.com/vmware-ose-scality-dev/vmware-ose-scality:<short SHA-1 commit hash>
docker pull ghcr.io/scality/osis:<short SHA-1 commit hash>
```
Production image:
```sh
$ docker pull registry.scality.com/vmware-ose-scality/vmware-ose-scality:<tag>
docker pull ghcr.io/scality/osis:<tag>
```
1. Generate a self-signed SSL certificate and store it in a binary PKCS#12 format file with extension `.p12` file. (Refer [here](#To-generate-PKCS12-file-for-self-signed-SSL-certificate))

Expand Down Expand Up @@ -57,7 +57,7 @@ This project is for OSIS, which integrates [Scality RING](https://www.scality.co
-v <absolute_path_to_.p12_file>:/app/lib/osis.p12:ro,z \
-v <absolute_path_to_crypto.yml_file>:/conf/crypto.yml:ro,z \
-v <absolute_path_to_application.properties_file>:/conf/application.properties:ro,z \
registry.scality.com/vmware-ose-scality-dev/vmware-ose-scality:<short SHA-1 commit hash>
ghcr.io/scality/osis:<short SHA-1 commit hash>
```
Production image:
```sh
Expand All @@ -68,7 +68,7 @@ This project is for OSIS, which integrates [Scality RING](https://www.scality.co
-v <absolute_path_to_.p12_file>:/app/lib/osis.p12:ro,z \
-v <absolute_path_to_crypto.yml_file>:/conf/crypto.yml:ro,z \
-v <absolute_path_to_application.properties_file>:/conf/application.properties:ro,z \
registry.scality.com/vmware-ose-scality/vmware-ose-scality:<tag>
ghcr.io/scality/osis:<tag>
```
Expand Down
11 changes: 5 additions & 6 deletions docs/RELEASE.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,10 @@

## Docker Image generation

Docker images are hosted on registry.scality.com.
It has two names spaces for Vmware-ose-scality:
Docker images are hosted on ghcr.io/scality.
It has one image:

* Production Namespace: registry.scality.com/vmware-ose-scality
* Dev Namespace: registry.scality.com/vmware-ose-scality-dev
* Production container image: ghcr.io/scality/osis

Production namespace provides write access to a few admins and CI while read
access is given to all the developers. Dev namespace provides write access
Expand All @@ -17,8 +16,8 @@ images to be used by developers, CI builds, build chain and so on.
## How to pull docker images

```sh
docker pull registry.scality.com/vmware-ose-scality-dev/vmware-ose-scality:<short SHA-1 commit hash>
docker pull registry.scality.com/vmware-ose-scality/vmware-ose-scality:<tag>
docker pull ghcr.io/scality/osis:<short SHA-1 commit hash>
docker pull ghcr.io/scality/osis:<tag>
```

## Release Process
Expand Down
4 changes: 2 additions & 2 deletions docs/milestone-2-steps.md
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ docker restart scality-vault-1
- Pull this docker image. Use the latest commit from thew repository as SHA in the below command.
```sh
docker pull registry.scality.com/vmware-ose-scality-dev/vmware-ose-scality:<SHA>
docker pull ghcr.io/scality/osis:<SHA>

```
Expand Down Expand Up @@ -105,7 +105,7 @@ docker pull registry.scality.com/vmware-ose-scality-dev/vmware-ose-scality:<SHA>
-p 8443:8443 \
-v /root/keyStore.p12:/app/lib/osis.p12:ro,z \
-v /root/crypto.yml:/app/config/crypto.yml:ro,z \
registry.scality.com/vmware-ose-scality-dev/vmware-ose-scality:<SHA1>
ghcr.io/scality/osis:<SHA1>
```
Note: For S3 Connector, use the host network as shows in the example above.
Expand Down

0 comments on commit ea5000f

Please sign in to comment.