-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 5b8fed0
Showing
4 changed files
with
157 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| name: Branch を Push したらイメージをビルドする | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - '*' # matches every branch that doesn't contain a '/' | ||
| - '*/*' # matches every branch containing a single '/' | ||
| - '**' # matches every branch | ||
| - '!main' # excludes main | ||
|
|
||
| env: | ||
| IMAGE_NAME: my-ubuntu:dev | ||
|
|
||
| jobs: | ||
| build-test-image: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
| attestations: write | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Check go test | ||
| uses: actions/setup-go@v5 | ||
| with: | ||
| go-version-file: go.mod | ||
| - run: make test | ||
|
|
||
| - name: Check Dockerfile | ||
| run: | | ||
| docker run --rm -i hadolint/hadolint < Dockerfile | ||
| - name: Build a image | ||
| id: push | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| push: false | ||
| tags: ${{ env.IMAGE_NAME }} | ||
| labels: ${{ env.IMAGE_NAME }} | ||
|
|
||
| - name: Check vulnerabilities | ||
| run: | | ||
| docker images | ||
| docker run -v /var/run/docker.sock:/var/run/docker.sock --rm aquasec/trivy image --no-progress ${{ env.IMAGE_NAME }} | ||
| - name: Test a container from the image | ||
| run: | | ||
| docker images | ||
| docker run -it --name test ${{ env.IMAGE_NAME }} ls -lR / | ||
| docker ps -a | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| name: タグを付与してリリースすると、イメージを作成する | ||
|
|
||
| on: | ||
| release: | ||
| types: [published] | ||
|
|
||
| env: | ||
| REGISTRY: ghcr.io | ||
| IMAGE_NAME: ${{ github.repository }} | ||
|
|
||
| jobs: | ||
| build-and-push-image: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
| attestations: write | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@v3 | ||
|
|
||
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
|
|
||
| - name: Log in to the Container registry | ||
| uses: docker/login-action@v3 | ||
| with: | ||
| registry: ${{ env.REGISTRY }} | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Extract metadata (tags, labels) for Docker | ||
| id: meta | ||
| uses: docker/metadata-action@v5 | ||
| with: | ||
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | ||
|
|
||
| - name: Build and push Docker image | ||
| id: push | ||
| uses: docker/build-push-action@v5 | ||
| with: | ||
| context: . | ||
| push: true | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| platforms: linux/amd64,linux/arm64 | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| # syntax=docker/dockerfile:1 | ||
| FROM ubuntu:22.04 | ||
|
|
||
| # モジュールをインストール | ||
| RUN apt-get update && apt-get install -y python3 python3-pip iputils-ping dnsutils curl iproute2 zip unzip groff | ||
| RUN curl -LJO https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 | ||
| RUN mv yq_linux_amd64 /usr/local/bin/yq | ||
| RUN chmod a+x /usr/local/bin/yq | ||
| RUN ARCH=`arch` && curl "https://awscli.amazonaws.com/awscli-exe-linux-$ARCH.zip" -o "awscliv2.zip" | ||
| RUN unzip awscliv2.zip && ./aws/install && rm /awscliv2.zip && rm -fr /aws | ||
| WORKDIR / | ||
| USER 65534:65534 | ||
|
|
||
| # コンテナの停止防止 | ||
| CMD ["tail", "-f", "/dev/null"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| # ビルド | ||
| ``` | ||
| docker build -t my-ubuntu:0.3 . | ||
| ``` | ||
|
|
||
| ## コンテナへ入る | ||
| ``` | ||
| docker exec -it my-ubuntu:0.3 bash | ||
| ``` | ||
|
|
||
| ## イメージをレジストリへ登録 | ||
|
|
||
| ### GHCR | ||
| ``` | ||
| export CR_PAT=YOUR_TOKEN | ||
| export USERNAME=YOUR USERID | ||
| echo $CR_PAT | docker login ghcr.io -u $USERNAME --password-stdin | ||
| docker tag my-ubuntu:0.3 ghcr.io/takara9/my-ubuntu:0.3 | ||
| docker push ghcr.io/takara9/my-ubuntu:0.3 | ||
| ``` | ||
|
|
||
| ### DockerHub | ||
| ``` | ||
| docker login | ||
| docker tag my-ubuntu:0.3 maho/my-ubuntu:0.3 | ||
| docker push maho/my-ubuntu:0.3 | ||
| ``` | ||
|
|
||
|
|
||
| ## 使用法(どちらかを選択) | ||
| - docker run -it my-ubuntu:0.3 bash | ||
| - docker run -it ghcr.io/takara9/my-ubuntu:0.3 bash | ||
| - docker run -it maho/my-ubuntu:0.3 bash | ||
| - kubectl run -it mypod --rm --image maho/my-ubuntu:0.3 -- bash | ||
|
|
||
|
|
||
|
|