Skip to content

Merge pull request #123 from keitaroinc/security_ci #53

Merge pull request #123 from keitaroinc/security_ci

Merge pull request #123 from keitaroinc/security_ci #53

Workflow file for this run

name: Docker Image Build
on:
push:
branches: master
jobs:
build-ckan-2-10:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: |
/tmp/.buildx-cache-alpine-2-10
/tmp/.buildx-cache-ubuntu-2-10
key: ${{ runner.os }}-buildx-2-10-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-2-10
- name: Get docker tag for Alpine image
id: alpine
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/ckan/2.10/Dockerfile)"
- name: Build and push CKAN 2.10 alpine
uses: docker/build-push-action@v2
with:
context: ./images/ckan/2.10
file: ./images/ckan/2.10/Dockerfile
push: true
tags: |
keitaro/ckan:${{ steps.alpine.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/ckan:${{ steps.alpine.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-alpine-2-10
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-alpine-2-10
- name: Get docker tag for Ubuntu image
id: ubuntu
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/ckan/2.10/Dockerfile.focal)"
- name: Build and push CKAN 2.10 ubuntu
uses: docker/build-push-action@v2
with:
context: ./images/ckan/2.10
file: ./images/ckan/2.10/Dockerfile.focal
push: true
tags: |
keitaro/ckan:${{ steps.ubuntu.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/ckan:${{ steps.ubuntu.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-ubuntu-2-10
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-ubuntu-2-10
build-ckan-2-9:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: |
/tmp/.buildx-cache-alpine-2-9
/tmp/.buildx-cache-ubuntu-2-9
key: ${{ runner.os }}-buildx-2-9-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-2-9
- name: Get docker tag for Alpine image
id: alpine
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/ckan/2.9/Dockerfile)"
- name: Build and push CKAN 2.9 alpine
uses: docker/build-push-action@v2
with:
context: ./images/ckan/2.9
file: ./images/ckan/2.9/Dockerfile
push: true
tags: |
keitaro/ckan:${{ steps.alpine.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/ckan:${{ steps.alpine.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-alpine-2-9
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-alpine-2-9
- name: Get docker tag for Ubuntu image
id: ubuntu
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/ckan/2.9/Dockerfile.focal)"
- name: Build and push CKAN 2.9 ubuntu
uses: docker/build-push-action@v2
with:
context: ./images/ckan/2.9
file: ./images/ckan/2.9/Dockerfile.focal
push: true
tags: |
keitaro/ckan:${{ steps.ubuntu.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/ckan:${{ steps.ubuntu.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-ubuntu-2-9
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-ubuntu-2-9
build-ckan-2-8:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: |
/tmp/.buildx-cache-alpine-2-8
/tmp/.buildx-cache-ubuntu-2-8
key: ${{ runner.os }}-buildx-2-8-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-2-8
- name: Get docker tag for Alpine image
id: alpine
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/ckan/2.8/Dockerfile)"
- name: Build and push CKAN 2.8 alpine
uses: docker/build-push-action@v2
with:
context: ./images/ckan/2.8
file: ./images/ckan/2.8/Dockerfile
push: true
tags: |
keitaro/ckan:${{ steps.alpine.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/ckan:${{ steps.alpine.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-alpine-2-8
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-alpine-2-8
- name: Get docker tag for Ubuntu image
id: ubuntu
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/ckan/2.8/Dockerfile.focal)"
- name: Build and push CKAN 2.8 ubuntu
uses: docker/build-push-action@v2
with:
context: ./images/ckan/2.8
file: ./images/ckan/2.8/Dockerfile.focal
push: true
tags: |
keitaro/ckan:${{ steps.ubuntu.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/ckan:${{ steps.ubuntu.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-ubuntu-2-8
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-ubuntu-2-8
build-ckan-2-7:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: |
/tmp/.buildx-cache-alpine-2-7
/tmp/.buildx-cache-ubuntu-2-7
key: ${{ runner.os }}-buildx-2-7-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-2-7
- name: Get docker tag for Alpine image
id: alpine
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/ckan/2.7/Dockerfile)"
- name: Build and push CKAN 2.7 alpine
uses: docker/build-push-action@v2
with:
context: ./images/ckan/2.7
file: ./images/ckan/2.7/Dockerfile
push: true
tags: |
keitaro/ckan:${{ steps.alpine.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/ckan:${{ steps.alpine.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-alpine-2-7
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-alpine-2-7
- name: Get docker tag for Ubuntu image
id: ubuntu
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/ckan/2.7/Dockerfile.focal)"
- name: Build CKAN 2.7 ubuntu
uses: docker/build-push-action@v2
with:
context: ./images/ckan/2.7
file: ./images/ckan/2.7/Dockerfile.focal
push: true
tags: |
keitaro/ckan:${{ steps.ubuntu.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/ckan:${{ steps.ubuntu.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-ubuntu-2-7
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-ubuntu-2-7
build-ckan-datapusher:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache-datapusher
key: ${{ runner.os }}-buildx-datapusher-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-datapusher
- name: Get docker tag for datapusher image
id: datapusher
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/datapusher/Dockerfile)"
- name: Build and push CKAN datapusher
uses: docker/build-push-action@v2
with:
context: ./images/datapusher
file: ./images/datapusher/Dockerfile
push: true
tags: |
keitaro/datapusher:${{ steps.datapusher.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/datapusher:${{ steps.datapusher.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-datapusher
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-datapusher
build-psql-init:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache-psql-init
key: ${{ runner.os }}-buildx-psql-init-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-psql-init
- name: Get docker tag for psql-init image
id: psql-init
run: |
echo "::set-output name=IMAGE_TAG::$(awk -F '=' '/IMAGE_TAG/{print $2}' ./images/psql-init/Dockerfile)"
- name: Build and push psql-init
uses: docker/build-push-action@v2
with:
context: ./images/psql-init
file: ./images/psql-init/Dockerfile
push: true
tags: |
keitaro/psql-init:${{ steps.psql-init.outputs.IMAGE_TAG }}
ghcr.io/keitaroinc/psql-init:${{ steps.psql-init.outputs.IMAGE_TAG }}
cache-from: type=local,src=/tmp/.buildx-cache-psql-init
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-psql-init