Skip to content

ubi: Restrict rpmkey import to specific keys #572

ubi: Restrict rpmkey import to specific keys

ubi: Restrict rpmkey import to specific keys #572

Workflow file for this run

name: GitHub CI
on:
pull_request:
branches-ignore:
- next
paths-ignore:
- examples
- Dockerfile.template
- LICENSE
- README.md
push:
branches-ignore:
- next
paths-ignore:
- examples
- Dockerfile.template
- LICENSE
- README.md
defaults:
run:
shell: "bash -Eeuo pipefail -x {0}"
jobs:
checks:
name: Checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
with:
ignore_paths: initdb.d
ignore_names: generate-stackbrew-library.sh
- name: Run Hadolint
uses: hadolint/[email protected]
with:
dockerfile: Dockerfile.template
generate-jobs:
name: Generate Jobs
runs-on: ubuntu-latest
outputs:
strategy: ${{ steps.generate-jobs.outputs.strategy }}
steps:
- uses: actions/checkout@v3
- uses: docker-library/[email protected]
- id: generate-jobs
name: Generate Jobs
run: |
strategy="$(GITHUB_REPOSITORY='mariadb' "$BASHBREW_SCRIPTS/github-actions/generate.sh" | jq -c '.matrix.include |= map(.meta.entries[0].tags[0] as $tag | .runs.mariadbtest = "./.test/run.sh " + $tag)')"
echo "strategy=$strategy" >> "$GITHUB_OUTPUT"
jq . <<<"$strategy" # sanity check / debugging aid
test:
needs: generate-jobs
strategy: ${{ fromJson(needs.generate-jobs.outputs.strategy) }}
name: ${{ matrix.name }}
runs-on: ${{ matrix.os }}
env:
DEPLOY_IMAGES: false
steps:
- uses: actions/checkout@v3
- name: Check for registry credentials
if: github.repository == 'MariaDB/mariadb-docker' && github.ref == 'refs/heads/master'
run: |
missing=()
[[ -n "${{ secrets.MARIADB_OPERATOR_TOKEN }}" ]] || missing+=(MARIADB_OPERATOR_TOKEN)
for i in "${missing[@]}"; do
echo "Missing github secret: $i"
done
if (( ${#missing[@]} == 0 )); then
echo "DEPLOY_IMAGES=true" >> $GITHUB_ENV
else
echo "Not pushing images to registry or doing operator test"
fi
- name: Prepare Environment
run: ${{ matrix.runs.prepare }}
- name: Pull Dependencies
run: ${{ matrix.runs.pull }}
- name: Build ${{ matrix.name }}
run: ${{ matrix.runs.build }}
- name: History ${{ matrix.name }}
run: ${{ matrix.runs.history }}
- name: Test ${{ matrix.name }}
run: ${{ matrix.runs.test }}
- name: Extra MariaDB Tests ${{ matrix.name }}
run: ${{ matrix.runs.mariadbtest }}
- name: '"docker images"'
run: ${{ matrix.runs.images }}
- name: login to registry
if: ${{ env.DEPLOY_IMAGES == 'true' }}
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: tag
if: ${{ env.DEPLOY_IMAGES == 'true' }}
run: docker tag mariadb:${{ matrix.name }} ghcr.io/mariadb/mariadb:${{ matrix.name }}
- name: push
if: ${{ env.DEPLOY_IMAGES == 'true' }}
run: docker push ghcr.io/mariadb/mariadb:${{ matrix.name }}
- name: MariaDB Operator Test
if: ${{ env.DEPLOY_IMAGES == 'true' }}
run: gh workflow run test-image.yml --repo mariadb-operator/mariadb-operator -f mariadb_image=ghcr.io/mariadb/mariadb:${{ matrix.name }}
env:
GITHUB_TOKEN: "${{ secrets.MARIADB_OPERATOR_TOKEN }}"