Skip to content

chore(deps): update k8s related bumps #921

chore(deps): update k8s related bumps

chore(deps): update k8s related bumps #921

Workflow file for this run

name: Build and Publish Docker Images
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
workflow_dispatch:
env:
#DOCKERHUB_ORG: orangecloudfoundry
DOCKERHUB_ORG: elpaasoci
BASE_IMAGES: cf-cli curl-ssl git-ssh k8s-tools terraform bosh-cli-v2 spruce
IMAGES_WITH_DEPENDENCIES: awscli bosh-cli-v2-cf-cli
jobs:
build_and_publish:
name: build, test and publish
runs-on: ubuntu-latest
permissions:
packages: write
steps:
- uses: actions/checkout@v4
- uses: ruby/setup-ruby@v1
with:
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
-
name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
-
name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: build docker images
run: | # shellcheck disable=SC2086
for image in $BASE_IMAGES;do
echo "Processing $image"
bundle exec rake build:$image
done
-
name: test docker images
run: | # shellcheck disable=SC2086
for image in $BASE_IMAGES;do
echo "Processing $image"
bundle exec rake spec:$image
done
-
name: publish curl-ssl image
uses: docker/build-push-action@v6.9.0
with:
context: ${{env.IMAGE}}
push: true
tags: |
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:latest
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:${{github.sha}}
env:
IMAGE: curl-ssl
-
name: publish git-ssh image
uses: docker/build-push-action@v6.9.0
with:
context: ${{env.IMAGE}}
push: true
tags: |
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:latest
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:${{github.sha}}
env:
IMAGE: git-ssh
-
name: publish cf-cli image
uses: docker/build-push-action@v6.9.0
with:
context: ${{env.IMAGE}}
push: true
tags: |
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:latest
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:${{github.sha}}
env:
IMAGE: cf-cli
-
name: publish k8s-tools image
uses: docker/build-push-action@v6.9.0
with:
context: ${{env.IMAGE}}
push: true
tags: |
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:latest
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:${{github.sha}}
env:
IMAGE: k8s-tools
-
name: publish bosh-cli-v2 image
uses: docker/build-push-action@v6.9.0
with:
context: ${{env.IMAGE}}
push: true
tags: |
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:latest
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:${{github.sha}}
env:
IMAGE: bosh-cli-v2
-
name: publish terraform image
uses: docker/build-push-action@v6.9.0
with:
context: ${{env.IMAGE}}
push: true
tags: |
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:latest
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:${{github.sha}}
env:
IMAGE: terraform
-
name: publish spruce image
uses: docker/build-push-action@v6.9.0
with:
context: ${{env.IMAGE}}
push: true
tags: |
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:latest
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:${{github.sha}}
env:
IMAGE: spruce
-
name: build docker images with dependencies
run: | # shellcheck disable=SC2086
for image in $IMAGES_WITH_DEPENDENCIES;do
echo "Processing $image"
bundle exec rake build:$image
done
-
name: test docker images with dependencies
run: |# shellcheck disable=SC2086
for image in $IMAGES_WITH_DEPENDENCIES;do
echo "Processing $image"
bundle exec rake spec:$image
done
-
name: publish awscli image
uses: docker/build-push-action@v6.9.0
with:
context: ${{env.IMAGE}}
push: true
tags: |
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:latest
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:${{github.sha}}
env:
IMAGE: awscli
-
name: publish bosh-cli-v2-cf-cli image
uses: docker/build-push-action@v6.9.0
with:
context: ${{env.IMAGE}}
push: true
tags: |
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:latest
${{env.DOCKERHUB_ORG}}/${{env.IMAGE}}:${{github.sha}}
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:latest
ghcr.io/${{ github.repository }}/${{env.IMAGE}}:${{github.sha}}
env:
IMAGE: bosh-cli-v2-cf-cli
check_published_images:
name: check published images
runs-on: ubuntu-latest
needs: [ build_and_publish ]
steps:
- # Currently we cannot use `docker manifest` without authentication, it results in "unauthorized: access token has insufficient scopes"
# Also, to save network bandwidth and reduce build time we avoid using `docker pull`
name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
-
name: check docker public images
run: | # shellcheck disable=SC2086
for image in $BASE_IMAGES $IMAGES_WITH_DEPENDENCIES;do
echo "Processing $image: checking manifest for $DOCKERHUB_ORG/$image:$GITHUB_SHA"
docker manifest inspect $DOCKERHUB_ORG/$image:$GITHUB_SHA
done
push_for_renovate:
name: Publish commit for renovate
runs-on: ubuntu-latest
needs: [ check_published_images ]
steps:
- uses: actions/checkout@v4
with:
ref: main
if: ${{ github.ref_name == 'main' }}
-
name: push
uses: github-actions-x/commit@v2.9
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
push-branch: 'main-validated'
force-push: true
if: ${{ github.ref_name == 'main' }}