Build #386
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "0 1 1 */2 *" | |
| env: | |
| REGISTRY: ghcr.io | |
| jobs: | |
| build-bitnami-compat: | |
| runs-on: ubuntu-latest | |
| if: >- | |
| ${{ !contains(github.event.head_commit.message, '[ci skip]') && | |
| !contains(github.event.head_commit.message, '[skip ci]') && | |
| !contains(github.event.head_commit.message, 'docs:') }} | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - APP: "acmesolver" | |
| REPO_OWNER: "bitnami" | |
| - APP: "apache" | |
| REPO_OWNER: "bitnami" | |
| - APP: "apache-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "bitnami-shell" | |
| REPO_OWNER: "bitnami" | |
| - APP: "cainjector" | |
| REPO_OWNER: "bitnami" | |
| - APP: "cert-manager" | |
| REPO_OWNER: "bitnami" | |
| - APP: "cert-manager-webhook" | |
| REPO_OWNER: "bitnami" | |
| - APP: "consul" | |
| REPO_OWNER: "bitnami" | |
| - APP: "consul-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "contour" | |
| REPO_OWNER: "bitnami" | |
| - APP: "contour-operator" | |
| REPO_OWNER: "bitnami" | |
| - APP: "discourse" | |
| REPO_OWNER: "bitnami" | |
| - APP: "elasticsearch" | |
| REPO_OWNER: "bitnami" | |
| - APP: "elasticsearch-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "envoy" | |
| REPO_OWNER: "bitnami" | |
| - APP: "etcd" | |
| REPO_OWNER: "bitnami" | |
| - APP: "external-dns" | |
| REPO_OWNER: "bitnami" | |
| - APP: "fluentd" | |
| REPO_OWNER: "bitnami" | |
| - APP: "git" | |
| REPO_OWNER: "bitnami" | |
| - APP: "gitea" | |
| REPO_OWNER: "bitnami" | |
| - APP: "grafana" | |
| REPO_OWNER: "bitnami" | |
| - APP: "java" | |
| REPO_OWNER: "bitnami" | |
| - APP: "jmx-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "kafka" | |
| REPO_OWNER: "bitnami" | |
| - APP: "kafka-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "keycloak" | |
| REPO_OWNER: "bitnami" | |
| - APP: "keycloak-config-cli" | |
| REPO_OWNER: "bitnami" | |
| - APP: "kibana" | |
| REPO_OWNER: "bitnami" | |
| - APP: "kube-state-metrics" | |
| REPO_OWNER: "bitnami" | |
| - APP: "kubectl" | |
| REPO_OWNER: "bitnami" | |
| - APP: "kubernetes-event-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "logstash" | |
| REPO_OWNER: "bitnami" | |
| - APP: "mariadb" | |
| REPO_OWNER: "bitnami" | |
| - APP: "mariadb-galera" | |
| REPO_OWNER: "bitnami" | |
| - APP: "mastodon" | |
| REPO_OWNER: "bitnami" | |
| - APP: "memcached" | |
| REPO_OWNER: "bitnami" | |
| - APP: "memcached-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "minio" | |
| REPO_OWNER: "bitnami" | |
| - APP: "minio-client" | |
| REPO_OWNER: "bitnami" | |
| - APP: "mongodb" | |
| REPO_OWNER: "bitnami" | |
| - APP: "mongodb-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "mongodb-sharded" | |
| REPO_OWNER: "bitnami" | |
| - APP: "mysql" | |
| REPO_OWNER: "bitnami" | |
| - APP: "mysqld-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "nginx" | |
| REPO_OWNER: "bitnami" | |
| - APP: "nginx-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "node" | |
| REPO_OWNER: "bitnami" | |
| - APP: "node-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "openldap" | |
| REPO_OWNER: "bitnami" | |
| - APP: "pgpool" | |
| REPO_OWNER: "bitnami" | |
| - APP: "postgres-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "postgresql" | |
| REPO_OWNER: "bitnami" | |
| - APP: "postgresql-repmgr" | |
| REPO_OWNER: "bitnami" | |
| - APP: "python" | |
| REPO_OWNER: "bitnami" | |
| - APP: "rabbitmq" | |
| REPO_OWNER: "bitnami" | |
| - APP: "rabbitmq-cluster-operator" | |
| REPO_OWNER: "bitnami" | |
| - APP: "redis" | |
| REPO_OWNER: "bitnami" | |
| - APP: "redis-cluster" | |
| REPO_OWNER: "bitnami" | |
| - APP: "redis-exporter" | |
| REPO_OWNER: "bitnami" | |
| - APP: "redis-sentinel" | |
| REPO_OWNER: "bitnami" | |
| - APP: "rmq-default-credential-updater" | |
| REPO_OWNER: "bitnami" | |
| - APP: "rmq-messaging-topology-operator" | |
| REPO_OWNER: "bitnami" | |
| - APP: "sealed-secrets" | |
| REPO_OWNER: "bitnami" | |
| - APP: "solr" | |
| REPO_OWNER: "bitnami" | |
| - APP: "thanos" | |
| REPO_OWNER: "bitnami" | |
| - APP: "tomcat" | |
| REPO_OWNER: "bitnami" | |
| - APP: "wordpress" | |
| REPO_OWNER: "bitnami" | |
| - APP: "wordpress-nginx" | |
| REPO_OWNER: "bitnami" | |
| - APP: "zookeeper" | |
| REPO_OWNER: "bitnami" | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: Submodule init | |
| shell: bash | |
| run: git submodule init | |
| - name: Checkout bitnami recipe | |
| shell: bash | |
| run: git submodule update containers | |
| - name: Set up QEMU dependency | |
| uses: docker/setup-qemu-action@v2 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Log in to the container registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Log in to the container registry | |
| uses: docker/login-action@v2 | |
| with: | |
| username: zcube | |
| password: ${{ secrets.DOCKER_HUB_KEY }} | |
| - name: install crane | |
| run: | | |
| if ! hash crane 2>/dev/null | |
| then | |
| if [[ "$OSTYPE" == "linux-gnu"* ]]; then | |
| OS=Linux | |
| elif [[ "$OSTYPE" == "darwin"* ]]; then | |
| OS=Darwin | |
| else | |
| OS=Unknown | |
| fi | |
| ARCH="" | |
| case $(uname -m) in | |
| x86_64) ARCH="x86_64" ;; | |
| aarch64) ARCH="arm64" ;; | |
| esac | |
| echo ${OS}_${ARCH} | |
| mkdir -p /tmp/go-containerregistry | |
| cd /tmp/go-containerregistry | |
| curl -o go-containerregistry.tar.gz -sL "https://github.com/google/go-containerregistry/releases/latest/download/go-containerregistry_${OS}_${ARCH}.tar.gz" | |
| tar zxvf go-containerregistry.tar.gz | |
| cp -f crane /usr/local/bin/crane | |
| cp -f gcrane /usr/local/bin/gccrane | |
| cp -f krane /usr/local/bin/krane | |
| cd - | |
| fi | |
| - name: login | |
| shell: bash | |
| run: | | |
| echo "${{ secrets.GITHUB_TOKEN }}" | crane auth login ghcr.io --username "dummy" --password-stdin | |
| - name: Set up Go | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version: 1.19 | |
| - name: Build Docker Image And Push To GHCR | |
| shell: bash | |
| run: | | |
| export repository=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') | |
| go run main.go generate --app=${{ matrix.APP }} | |
| set -euo pipefail | |
| n=0 | |
| until [ "$n" -ge 5 ] # retry 5 times | |
| do | |
| go run main.go build --app=${{ matrix.APP }} --tag=${{ env.REGISTRY }}/${repository}/cache/ --cache-from --cache-to --push --platforms=linux/amd64,linux/arm64 && break | |
| n=$((n+1)) | |
| sleep 15 | |
| done | |
| if [ "$n" -ge 5 ]; then | |
| echo "Failed after 5 attempts!" | |
| exit 1 | |
| fi | |
| n=0 | |
| export APP=${{ matrix.APP }} | |
| until [ "$n" -ge 5 ] # retry 5 times | |
| do | |
| ./scripts/squash_image.sh && break | |
| n=$((n+1)) | |
| sleep 15 | |
| done | |
| if [ "$n" -ge 5 ]; then | |
| echo "Failed after 5 attempts!" | |
| exit 1 | |
| fi | |
| - name: Push To Docker Hub | |
| shell: bash | |
| run: | | |
| export repository=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') | |
| set -euo pipefail | |
| n=0 | |
| until [ "$n" -ge 5 ] # retry 5 times | |
| do | |
| go run main.go push --app=${{ matrix.APP }} --tag=${{ env.REGISTRY }}/${repository}/ --tag-to docker.io/zcube/bitnami-compat- --dest-creds=zcube:${{ secrets.DOCKER_HUB_KEY }} && break | |
| n=$((n+1)) | |
| sleep 15 | |
| done | |
| if [ "$n" -ge 5 ]; then | |
| echo "Failed after 5 attempts!" | |
| exit 1 | |
| fi | |
| - name: Trivy | |
| shell: bash | |
| run: | | |
| export repository=$(echo ${{ github.repository }} | tr '[:upper:]' '[:lower:]') | |
| go run main.go trivy --app=${{ matrix.APP }} --tag=${{ env.REGISTRY }}/${repository}/ || true |