Skip to content

Commit

Permalink
Migrate from docker/build-push-action to stacker-build-push-action
Browse files Browse the repository at this point in the history
Signed-off-by: Petu Eusebiu <[email protected]>
  • Loading branch information
eusebiu-constantin-petu-dbk committed Apr 18, 2022
1 parent 89c5f4f commit 16c666d
Show file tree
Hide file tree
Showing 7 changed files with 286 additions and 51 deletions.
133 changes: 104 additions & 29 deletions .github/workflows/ci-cd.yml
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ jobs:

push-image:
if: github.event_name == 'release' && github.event.action== 'published'
name: Push Docker image to GitHub Packages
name: Push OCI images to GitHub Packages
runs-on: ubuntu-latest
strategy:
matrix:
Expand All @@ -101,66 +101,141 @@ jobs:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build zot container image
uses: docker/build-push-action@v2
- name: Build and push zot container image
uses: project-stacker/stacker-build-push-action@main
with:
file: 'stacker.yaml'
build-args: |
COMMIT=${{ github.event.release.tag_name }}-${{ github.sha }}
OS=${{ matrix.os }}
ARCH=${{ matrix.arch }}
push: true
file: Dockerfile
tags: |
ghcr.io/${{ github.repository }}-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
ghcr.io/${{ github.repository }}-${{ matrix.os }}-${{ matrix.arch }}:latest
- name: Build zot-minimal container image
uses: docker/build-push-action@v2
REPO_NAME=zot-${{ matrix.os }}-${{ matrix.arch }}
url: docker://ghcr.io/${{ github.repository_owner }}
tags: ${{ github.event.release.tag_name }} latest
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Run zot container image with docker
run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
docker run ghcr.io/${{ github.repository_owner }}/zot-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
fi
env:
OS: ${{ matrix.os }}
ARCH: ${{ matrix.arch }}
- name: Run zot container image with podman
run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
podman run ghcr.io/${{ github.repository_owner }}/zot-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
fi
env:
OS: ${{ matrix.os }}
ARCH: ${{ matrix.arch }}
- name: Build and push zot-minimal container image
uses: project-stacker/stacker-build-push-action@main
with:
file: 'stacker.yaml'
build-args: |
COMMIT=${{ github.event.release.tag_name }}-${{ github.sha }}
OS=${{ matrix.os }}
ARCH=${{ matrix.arch }}
push: true
file: Dockerfile-minimal
tags: |
ghcr.io/${{ github.repository }}-minimal-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
ghcr.io/${{ github.repository }}-minimal-${{ matrix.os }}-${{ matrix.arch }}:latest
- name: Build zot-exporter container image
uses: docker/build-push-action@v2
EXT=-minimal
REPO_NAME=zot-minimal-${{ matrix.os }}-${{ matrix.arch }}
url: docker://ghcr.io/${{ github.repository_owner }}
tags: ${{ github.event.release.tag_name }} latest
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Run zot-minimal container image with docker
run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
docker run ghcr.io/${{ github.repository_owner }}/zot-minimal-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
fi
env:
OS: ${{ matrix.os }}
ARCH: ${{ matrix.arch }}
- name: Run zot-minimal container image with podman
run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
podman run ghcr.io/${{ github.repository_owner }}/zot-minimal-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
fi
env:
OS: ${{ matrix.os }}
ARCH: ${{ matrix.arch }}
- name: Build and push zot-exporter container image
uses: project-stacker/stacker-build-push-action@main
with:
file: 'stacker-zxp.yaml'
build-args: |
COMMIT=${{ github.event.release.tag_name }}-${{ github.sha }}
OS=${{ matrix.os }}
ARCH=${{ matrix.arch }}
push: true
file: Dockerfile-zxp
tags: |
ghcr.io/${{ github.repository }}-zxp-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
ghcr.io/${{ github.repository }}-zxp-${{ matrix.os }}-${{ matrix.arch }}:latest
- name: Build zb container image
uses: docker/build-push-action@v2
REPO_NAME=zxp-${{ matrix.os }}-${{ matrix.arch }}
url: docker://ghcr.io/${{ github.repository_owner }}
tags: ${{ github.event.release.tag_name }} latest
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Run zot-exporter container image with docker
run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
docker run ghcr.io/${{ github.repository_owner }}/zxp-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
fi
env:
OS: ${{ matrix.os }}
ARCH: ${{ matrix.arch }}
- name: Run zot-exporter container image with podman
run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
podman run ghcr.io/${{ github.repository_owner }}/zxp-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
fi
env:
OS: ${{ matrix.os }}
ARCH: ${{ matrix.arch }}
- name: Build and push zb container image
uses: project-stacker/stacker-build-push-action@main
with:
file: 'stacker-zb.yaml'
build-args: |
COMMIT=${{ github.event.release.tag_name }}-${{ github.sha }}
OS=${{ matrix.os }}
ARCH=${{ matrix.arch }}
push: true
file: Dockerfile-zb
tags: |
ghcr.io/${{ github.repository }}-zb-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
ghcr.io/${{ github.repository }}-zb-${{ matrix.os }}-${{ matrix.arch }}:latest
REPO_NAME=zb-${{ matrix.os }}-${{ matrix.arch }}
url: docker://ghcr.io/${{ github.repository_owner }}
tags: ${{ github.event.release.tag_name }} latest
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Run zb container image with docker
run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
docker run ghcr.io/${{ github.repository_owner }}/zb-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
fi
env:
OS: ${{ matrix.os }}
ARCH: ${{ matrix.arch }}
- name: Run zb container image with podman
run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
podman run ghcr.io/${{ github.repository_owner }}/zb-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
fi
env:
OS: ${{ matrix.os }}
ARCH: ${{ matrix.arch }}
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'ghcr.io/${{ github.repository }}-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}'
format: 'sarif'
output: 'trivy-results.sarif'
env:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- name: Run Trivy vulnerability scanner (minimal)
uses: aquasecurity/trivy-action@master
with:
image-ref: 'ghcr.io/${{ github.repository }}-minimal-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}'
format: 'sarif'
output: 'trivy-results.sarif'
env:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v1
with:
Expand Down
26 changes: 10 additions & 16 deletions .github/workflows/oci-conformance-action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,25 +18,19 @@ jobs:
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: setup docker
uses: docker-practice/[email protected]
with:
docker_version: 18.09
docker_channel: stable
- name: checkout this PR
uses: actions/checkout@v2
- name: Install go 1.17
uses: actions/setup-go@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
path: zot
repository: project-zot/zot
- name: start zot server
go-version: 1.17.x
- name: Checkout this PR
uses: actions/checkout@v2
- name: Start zot server
run: |
cd ./zot
cd $GITHUB_WORKSPACE
make binary
RUNNER_TRACKING_ID="" && ./bin/zot-linux-amd64 serve examples/config-conformance.json &
IP=`hostname -I | awk '{print $1}'`
echo "SERVER_URL=http://${IP}:5000" >> $GITHUB_ENV
IMAGE_REF="local-zot:v$(date +%Y%m%d%H%M%S)"
docker build -f ./Dockerfile-conformance -t "${IMAGE_REF}" .
docker run --rm -p 5000:5000 -v "$(pwd)":/go/src/github.com/project-zot/zot -idt "${IMAGE_REF}"
echo "SERVER_URL=http://${IP}:8080" >> $GITHUB_ENV
- name: Run OCI Distribution Spec conformance tests
uses: opencontainers/distribution-spec@main
env:
Expand Down
2 changes: 1 addition & 1 deletion examples/config-conformance.json
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"dedupe": false
},
"http": {
"address":"127.0.0.1",
"address":"0.0.0.0",
"port":"8080"
},
"log":{
Expand Down
57 changes: 57 additions & 0 deletions stacker-conformance.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
build:
from:
type: docker
url: docker://ghcr.io/project-zot/golang:1.17
binds:
- . -> /zotcopy
run: |
export GO111MODULE=on
export GOPATH='/go'
export HOME='/root'
export PATH='/go/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
go get -u github.com/swaggo/swag/cmd/swag
mkdir -p /go/src/github.com/project-zot
cd /go/src/github.com/project-zot
git clone /zotcopy zot
cd /go/src/github.com/project-zot/zot
make COMMIT=${{COMMIT}} OS=${{OS}} ARCH=${{ARCH}} binary
cat > config.json << EOF
{
"storage":{
"rootDirectory":"/var/lib/registry",
"gc": false,
"dedupe": false
},
"http":{
"address":"0.0.0.0",
"port":"5000"
},
"log":{
"level":"debug"
}
}
EOF
cat config.json
build_only: true

"${{REPO_NAME:zot}}":
from:
type: docker
url: docker://centos:latest
import:
- stacker://build/go/src/github.com/project-zot/zot/bin/zot-${{OS}}-${{ARCH}}
- stacker://build/go/src/github.com/project-zot/zot/config.json
- stacker://build/etc/ssl/certs/ca-certificates.crt
run: |
cp /stacker/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
cp /stacker/zot-${{OS}}-${{ARCH}} /usr/bin/zot
mkdir -p /etc/zot
cp /stacker/config.json /etc/zot/config.json
entrypoint:
- /usr/bin/zot
volumes:
- /var/lib/registry
cmd:
- serve
- /etc/zot/config.json
28 changes: 28 additions & 0 deletions stacker-zb.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
build:
from:
type: docker
url: docker://ghcr.io/project-zot/golang:1.17
binds:
- . -> /zotcopy
run: |
export GO111MODULE=on
export GOPATH='/go'
export HOME='/root'
export PATH='/go/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
mkdir -p /go/src/github.com/project-zot
cd /go/src/github.com/project-zot
git clone /zotcopy zot
cd /go/src/github.com/project-zot/zot
make COMMIT=${{COMMIT}} OS=${{OS}} ARCH=${{ARCH}} clean bench
build_only: true

"${{REPO_NAME:zb}}":
from:
type: docker
url: docker://centos:latest
import:
- stacker://build/go/src/github.com/project-zot/zot/bin/zb-${{OS}}-${{ARCH}}
run: |
cp /stacker/zb-${{OS}}-${{ARCH}} /usr/bin/zb
entrypoint:
- /usr/bin/zb
52 changes: 52 additions & 0 deletions stacker-zxp.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
build:
from:
type: docker
url: docker://ghcr.io/project-zot/golang:1.17
binds:
- . -> /zotcopy
run: |
export GO111MODULE=on
export GOPATH='/go'
export HOME='/root'
export PATH='/go/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
mkdir -p /go/src/github.com/project-zot
cd /go/src/github.com/project-zot
git clone /zotcopy zot
cd /go/src/github.com/project-zot/zot
make COMMIT=${{COMMIT}} OS=${{OS}} ARCH=${{ARCH}} clean exporter-minimal
cat > config.json << EOF
{
"Server":{
"protocol":"http",
"host": "127.0.0.1",
"port": "5000"
},
"Exporter":{
"port":"5001",
"log":{
"level":"debug"
}
}
}
EOF
cat config.json
build_only: true

"${{REPO_NAME:zxp}}":
from:
type: docker
url: docker://centos:latest
import:
- stacker://build/go/src/github.com/project-zot/zot/bin/zxp-${{OS}}-${{ARCH}}
- stacker://build/go/src/github.com/project-zot/zot/config.json
run: |
cp /stacker/zxp-${{OS}}-${{ARCH}} /usr/bin/zxp
mkdir -p /etc/zxp
cp /stacker/config.json /etc/zxp/config.json
entrypoint:
- /usr/bin/zxp
cmd:
- config
- /etc/zxp/config.json
Loading

0 comments on commit 16c666d

Please sign in to comment.