Compare commits
13 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
dc591110cc | ||
|
8e9a423400 | ||
|
|
f16a14fc0f | ||
|
8bd3e02fd2 | ||
|
|
571e42aef3 | ||
|
|
e846d42497 | ||
|
|
b7f0f661e3 | ||
|
7033a0543d | ||
|
e03153c634 | ||
|
|
49888d43ab | ||
|
|
418284a2f2 | ||
|
|
5be93ca286 | ||
|
|
5e25ae9c63 |
6
.github/workflows/pr.yml
vendored
6
.github/workflows/pr.yml
vendored
@@ -6,6 +6,8 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
name: Verify commit messages
|
name: Verify commit messages
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v1
|
- uses: actions/checkout@v2
|
||||||
|
with:
|
||||||
|
fetch-depth: 0
|
||||||
- name: Run commitsar
|
- name: Run commitsar
|
||||||
uses: docker://aevea/commitsar
|
uses: docker://aevea/commitsar@sha256:b77adebc0437d4f2bfdf9205a39003e88acbc77a9176fd086b386207a5f3f5cb
|
||||||
|
|||||||
6
.github/workflows/release.yml
vendored
6
.github/workflows/release.yml
vendored
@@ -10,10 +10,12 @@ jobs:
|
|||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Check out code
|
- name: Check out code
|
||||||
uses: actions/checkout@v1
|
uses: actions/checkout@v2
|
||||||
|
with:
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
- name: Release Notary Action
|
- name: Release Notary Action
|
||||||
uses: docker://aevea/release-notary
|
uses: docker://aevea/release-notary@sha256:8b26ced466da96b23a947d5c9e58baac22ee1192fd08200011e5b178f42118a0
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
||||||
|
|||||||
@@ -11,7 +11,11 @@ RUN wget -O /kaniko/jq \
|
|||||||
chmod +x /kaniko/jq && \
|
chmod +x /kaniko/jq && \
|
||||||
wget -O /kaniko/reg \
|
wget -O /kaniko/reg \
|
||||||
https://github.com/genuinetools/reg/releases/download/v0.16.1/reg-linux-386 && \
|
https://github.com/genuinetools/reg/releases/download/v0.16.1/reg-linux-386 && \
|
||||||
chmod +x /kaniko/reg
|
chmod +x /kaniko/reg && \
|
||||||
|
wget -O /crane.tar.gz \
|
||||||
|
https://github.com/google/go-containerregistry/releases/download/v0.1.1/go-containerregistry_Linux_x86_64.tar.gz && \
|
||||||
|
tar -xvzf /crane.tar.gz crane -C /kaniko && \
|
||||||
|
rm /crane.tar.gz
|
||||||
|
|
||||||
COPY entrypoint.sh /
|
COPY entrypoint.sh /
|
||||||
COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
|
COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
|
||||||
|
|||||||
@@ -10,10 +10,13 @@ export TAG=${TAG#$INPUT_STRIP_TAG_PREFIX}
|
|||||||
export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR}
|
export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR}
|
||||||
export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN}
|
export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN}
|
||||||
export REPOSITORY=$IMAGE
|
export REPOSITORY=$IMAGE
|
||||||
export IMAGE_LATEST=${INPUT_TAG_WITH_LATEST:+"$IMAGE:latest"}
|
|
||||||
export IMAGE=$IMAGE:$TAG
|
export IMAGE=$IMAGE:$TAG
|
||||||
export CONTEXT_PATH=${INPUT_PATH}
|
export CONTEXT_PATH=${INPUT_PATH}
|
||||||
|
|
||||||
|
if [[ "$INPUT_TAG_WITH_LATEST" == "true" ]]; then
|
||||||
|
export IMAGE_LATEST="$IMAGE:latest"
|
||||||
|
fi
|
||||||
|
|
||||||
function ensure() {
|
function ensure() {
|
||||||
if [ -z "${1}" ]; then
|
if [ -z "${1}" ]; then
|
||||||
echo >&2 "Unable to find the ${2} variable. Did you set with.${2}?"
|
echo >&2 "Unable to find the ${2} variable. Did you set with.${2}?"
|
||||||
@@ -28,7 +31,7 @@ ensure "${IMAGE}" "image"
|
|||||||
ensure "${TAG}" "tag"
|
ensure "${TAG}" "tag"
|
||||||
ensure "${CONTEXT_PATH}" "path"
|
ensure "${CONTEXT_PATH}" "path"
|
||||||
|
|
||||||
if [ "$REGISTRY" == "docker.pkg.github.com" ]; then
|
if [ "$REGISTRY" == "ghcr.io" ]; then
|
||||||
IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
|
IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
|
||||||
export IMAGE="$IMAGE_NAMESPACE/$IMAGE"
|
export IMAGE="$IMAGE_NAMESPACE/$IMAGE"
|
||||||
export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
|
export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
|
||||||
@@ -61,7 +64,7 @@ export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
|
|||||||
export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
|
export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
|
||||||
|
|
||||||
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
|
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
|
||||||
export DESTINATION="--no-push --digest-file digest"
|
export DESTINATION="--digest-file digest --no-push --tarPath image.tar --destination $IMAGE"
|
||||||
else
|
else
|
||||||
export DESTINATION="--destination $IMAGE"
|
export DESTINATION="--destination $IMAGE"
|
||||||
if [ ! -z $IMAGE_LATEST ]; then
|
if [ ! -z $IMAGE_LATEST ]; then
|
||||||
@@ -88,8 +91,8 @@ EOF
|
|||||||
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
|
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
|
||||||
export DIGEST=$(cat digest)
|
export DIGEST=$(cat digest)
|
||||||
|
|
||||||
if [ "$REGISTRY" == "docker.pkg.github.com" ]; then
|
if [ "$REGISTRY" == "ghcr.io" ]; then
|
||||||
wget -q -O manifest --header "Authorization: Basic $(echo -n $USERNAME:$PASSWORD | base64)" https://docker.pkg.github.com/v2/$REPOSITORY/manifests/latest || true
|
wget -q -O manifest --header "Authorization: Basic $(echo -n $USERNAME:$PASSWORD | base64 | tr -d \\n)" https://ghcr.io/v2/$REPOSITORY/manifests/latest || true
|
||||||
export REMOTE="sha256:$(cat manifest | sha256sum | awk '{ print $1 }')"
|
export REMOTE="sha256:$(cat manifest | sha256sum | awk '{ print $1 }')"
|
||||||
else
|
else
|
||||||
export REMOTE=$(reg digest -u $USERNAME -p $PASSWORD $REGISTRY/$REPOSITORY | tail -1)
|
export REMOTE=$(reg digest -u $USERNAME -p $PASSWORD $REGISTRY/$REPOSITORY | tail -1)
|
||||||
@@ -101,16 +104,15 @@ if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
|
|||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
export DESTINATION="--destination $IMAGE"
|
|
||||||
if [ ! -z $IMAGE_LATEST ]; then
|
|
||||||
export DESTINATION="$DESTINATION --destination $IMAGE_LATEST"
|
|
||||||
fi
|
|
||||||
|
|
||||||
export ARGS="$CACHE $CONTEXT $DOCKERFILE $TARGET $DESTINATION $INPUT_EXTRA_ARGS"
|
|
||||||
|
|
||||||
echo "Pushing image..."
|
echo "Pushing image..."
|
||||||
|
|
||||||
/kaniko/executor --reproducible $ARGS >/dev/null 2>&1
|
/kaniko/crane auth login $REGISTRY -u $USERNAME -p $PASSWORD
|
||||||
|
/kaniko/crane push image.tar $IMAGE
|
||||||
|
|
||||||
|
if [ ! -z $IMAGE_LATEST ]; then
|
||||||
|
echo "Tagging latest..."
|
||||||
|
/kaniko/crane tag $IMAGE latest
|
||||||
|
fi
|
||||||
|
|
||||||
echo "Done 🎉️"
|
echo "Done 🎉️"
|
||||||
fi
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user