Skip to content
This repository has been archived by the owner on Feb 13, 2024. It is now read-only.

Build vault-workertools image #129

Build vault-workertools image

Build vault-workertools image #129

Workflow file for this run

name: Build vault-workertools image
on:
schedule:
- cron: '0 5 * * *'
workflow_dispatch:
jobs:
get-vault-version:
runs-on: windows-latest
outputs:
VERSION: ${{ steps.choco.outputs.VERSION }}
CONTINUE: ${{ steps.choco.outputs.CONTINUE }}
steps:
- uses: actions/checkout@v3
- id: choco
name: Compare latest version with container
run: |
$chocoInformationRaw = choco info vault --limitoutput
$versionOutput = ($chocoInformationRaw.Split("|"))[1]
[System.Version]$version = $null
$versionParsed = [System.Version]::TryParse($versionOutput, [ref]$version)
if(-not $versionParsed) {
Write-Host "Unable to parse '$versionOutput' as a valid version. Won't continue"
echo "CONTINUE=No" >> $env:GITHUB_OUTPUT
}
else {
$versionToCompare = "$($version.Major).$($version.Minor).$($version.Build)"
Write-Host "Parsed version as $versionToCompare"
echo "VERSION=$versionToCompare" >> $env:GITHUB_OUTPUT
$response = try {
$repositoryTags = Invoke-RestMethod "https://registry.hub.docker.com/v2/repositories/octopuslabs/vault-workertools/tags"
Write-Host "Retrieval successful!"
} catch [System.Net.WebException] {
$_.Exception.Response
Write-Host "Retrieval failed!!"
}
if ($null -eq $response)
{
$matchingTag = $repositoryTags.results | Where-Object {$_.Name -eq $versionToCompare}
if ($null -ne $matchingTag)
{
Write-Host "Docker container already has latest version."
echo "CONTINUE=No" >> $env:GITHUB_OUTPUT
}
else
{
Write-Host "HashiCorp Vault has been updated, create new image."
echo "CONTINUE=Yes" >> $env:GITHUB_OUTPUT
}
}
else
{
if ($response.StatusCode.value__ -eq 404)
{
Write-Host "No tags exist for repo, assuming first build."
echo "CONTINUE=Yes" >> $env:GITHUB_OUTPUT
}
}
}
shell: powershell
# This workflow contains a single job called "build"
build-linux:
# define needs
needs: [get-vault-version]
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
# Login to docker
- name: Docker Hub login
env:
USERNAME: ${{ secrets.DOCKER_HUB_USER }}
PASSWORD: ${{ secrets.DOCKER_HUB_PAT }}
run: docker login --username $USERNAME --password "$PASSWORD"
if: ${{ needs.get-vault-version.outputs.CONTINUE == 'Yes' }}
- name: Build the ubuntu-22.04 Docker image
env:
VERSION_NUMBER: ${{ needs.get-vault-version.outputs.VERSION }}
run: docker build ./ubuntu-2204 --build-arg VAULT_VERSION=${{ needs.get-vault-version.outputs.VERSION }} --tag octopuslabs/vault-workertools:$VERSION_NUMBER-ubuntu.2204 --tag octopuslabs/vault-workertools:latest-ubuntu.2204
if: ${{ needs.get-vault-version.outputs.CONTINUE == 'Yes' }}
- name: Push the ubuntu-22.04 version image
env:
VERSION_NUMBER: ${{ needs.get-vault-version.outputs.VERSION }}
run: docker push octopuslabs/vault-workertools:$VERSION_NUMBER-ubuntu.2204
if: ${{ needs.get-vault-version.outputs.CONTINUE == 'Yes' }}
- name: Push the latest ubuntu.2204 image
env:
VERSION_NUMBER: ${{ needs.get-vault-version.outputs.VERSION }}
run: docker push octopuslabs/vault-workertools:latest-ubuntu.2204
if: ${{ needs.get-vault-version.outputs.CONTINUE == 'Yes' }}
build-docker-manifest:
needs: [build-linux, get-vault-version]
runs-on: ubuntu-latest
steps:
- name: Docker hub login
env:
USERNAME: ${{ secrets.DOCKER_HUB_USER }}
PASSWORD: ${{ secrets.DOCKER_HUB_PAT }}
run: docker login --username $USERNAME --password "$PASSWORD"
if: ${{ needs.get-vault-version.outputs.CONTINUE == 'Yes' }}
- name: Build manifests
env:
VERSION_NUMBER: ${{ needs.get-vault-version.outputs.VERSION }}
run: |
docker manifest create octopuslabs/vault-workertools:latest octopuslabs/vault-workertools:latest-ubuntu.2204
docker manifest create octopuslabs/vault-workertools:$VERSION_NUMBER octopuslabs/vault-workertools:$VERSION_NUMBER-ubuntu.2204
if: ${{ needs.get-vault-version.outputs.CONTINUE == 'Yes' }}
- name: Push manifests
env:
VERSION_NUMBER: ${{ needs.get-vault-version.outputs.VERSION }}
run: |
docker manifest push octopuslabs/vault-workertools:latest
docker manifest push octopuslabs/vault-workertools:$VERSION_NUMBER
if: ${{ needs.get-vault-version.outputs.CONTINUE == 'Yes' }}