From f30fc715c33f1ee30bbc245402d1c5e60c0cac11 Mon Sep 17 00:00:00 2001 From: Sebastain Plattner Date: Tue, 11 Jan 2022 10:06:53 +0100 Subject: [PATCH 1/2] try to fix the release action --- .github/workflows/release.yaml | 5 ++--- deploy/charts/webshell/Chart.yaml | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 6d6cb3d..1d00c06 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,9 +1,8 @@ name: Build & deploy Release Version on: - push: - tags: - - 'webshell-*' # This is created when push on main when Helm Chart version was changed + release: + types: [published] jobs: build: diff --git a/deploy/charts/webshell/Chart.yaml b/deploy/charts/webshell/Chart.yaml index 0ded556..9ae438f 100644 --- a/deploy/charts/webshell/Chart.yaml +++ b/deploy/charts/webshell/Chart.yaml @@ -2,5 +2,5 @@ apiVersion: v2 name: webshell description: A Helm chart to deploy a webshell environment type: application -version: 0.1.13 -appVersion: "0.1.13" +version: 0.1.14 +appVersion: "0.1.14" From 8644465d388acdc9f06ca3670b89f4ed660009ca Mon Sep 17 00:00:00 2001 From: Sebastain Plattner Date: Tue, 11 Jan 2022 10:12:12 +0100 Subject: [PATCH 2/2] also push to & cleanup ghcr.io --- .github/workflows/build.yaml | 10 ++++++++++ .github/workflows/pr-cleanup.yaml | 28 ++++++++++++++++++++++++++++ .github/workflows/push-main.yaml | 10 ++++++++++ .github/workflows/release.yaml | 9 +++++++++ 4 files changed, 57 insertions(+) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 0d71e36..2646260 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -25,6 +25,15 @@ jobs: registry: quay.io username: ${{ secrets.QUAYIO_USERNAME }} password: ${{ secrets.QUAYIO_TOKEN }} + + - + name: Login to the ghcr.io Container registry + uses: docker/login-action@5fcefb941de79536616e9422226e33fd39f1706f + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build PR Version uses: docker/build-push-action@v2 @@ -34,6 +43,7 @@ jobs: push: true tags: | quay.io/acend/theia:pr-${{ github.event.pull_request.number }} + ghcr.io/acend/theia:pr-${{ github.event.pull_request.number }} - name: Run vulnerability scanner uses: aquasecurity/trivy-action@master diff --git a/.github/workflows/pr-cleanup.yaml b/.github/workflows/pr-cleanup.yaml index a5d5b44..f0c3d66 100644 --- a/.github/workflows/pr-cleanup.yaml +++ b/.github/workflows/pr-cleanup.yaml @@ -20,3 +20,31 @@ jobs: QUAYIO_API_TOKEN: '${{ secrets.QUAYIO_API_TOKEN }}' run: | curl -X DELETE -H "Authorization: Bearer ${QUAYIO_API_TOKEN}" https://quay.io/api/v1/repository/acend/theia/tag/pr-${PR_NUMBER}{,-puzzle} + + - + name: Delete PR Tag on ghcr.io + env: + PR_NUMBER: '${{ github.event.pull_request.number }}' + REPOSITORY: '${{ github.repository }}' + run : | + ORG=$(echo $REPOSITORY | cut -d "/" -f1) + REPO=$(echo $REPOSITORY | cut -d "/" -f2) + for PACKAGE_VERSION_ID in $(curl -s -H "Authorization: Bearer ${{ secrets.GH_PAT_DELETE_PACKAGES }}" https://api.github.com/orgs/${ORG}/packages/container/${REPO}/versions | jq --arg PR pr-$PR_NUMBER '.[] | select (.metadata.container.tags[] | contains ($PR)) | .id') + do + echo "Delete package with id ${PACKAGE_VERSION_ID}" + curl -X DELETE -H "Authorization: Bearer ${{ secrets.GH_PAT_DELETE_PACKAGES }}" https://api.github.com/orgs/${ORG}/packages/container/${REPO}/versions/${PACKAGE_VERSION_ID} + done + + - + name: Delete untagged on ghcr.io + env: + PR_NUMBER: '${{ github.event.pull_request.number }}' + REPOSITORY: '${{ github.repository }}' + run : | + ORG=$(echo $REPOSITORY | cut -d "/" -f1) + REPO=$(echo $REPOSITORY | cut -d "/" -f2) + for PACKAGE_VERSION_ID in $(curl -s -H "Authorization: Bearer ${{ secrets.GH_PAT_DELETE_PACKAGES }}" https://api.github.com/orgs/${ORG}/packages/container/${REPO}/versions | jq '.[] | select( (.metadata.container.tags | length) == 0) | .id') + do + echo "Delete untagged package with id ${PACKAGE_VERSION_ID}" + curl -X DELETE -H "Authorization: Bearer ${{ secrets.GH_PAT_DELETE_PACKAGES }}" https://api.github.com/orgs/${ORG}/packages/container/${REPO}/versions/${PACKAGE_VERSION_ID} + done diff --git a/.github/workflows/push-main.yaml b/.github/workflows/push-main.yaml index a9c2fab..fccb011 100644 --- a/.github/workflows/push-main.yaml +++ b/.github/workflows/push-main.yaml @@ -51,6 +51,15 @@ jobs: registry: quay.io username: ${{ secrets.QUAYIO_USERNAME }} password: ${{ secrets.QUAYIO_TOKEN }} + + - + name: Log in to the ghcr.io Container registry + uses: docker/login-action@5fcefb941de79536616e9422226e33fd39f1706f + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build Latest Version uses: docker/build-push-action@v2 @@ -60,6 +69,7 @@ jobs: push: true tags: | quay.io/acend/theia:latest + ghcr.io/acend/theia:latest - name: Run vulnerability scanner uses: aquasecurity/trivy-action@master diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1d00c06..6e8f81d 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -27,6 +27,14 @@ jobs: username: ${{ secrets.QUAYIO_USERNAME }} password: ${{ secrets.QUAYIO_TOKEN }} + - + name: Log in to the ghcr.io Container registry + uses: docker/login-action@5fcefb941de79536616e9422226e33fd39f1706f + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Get the version # strip away "ref/tags/webshell-" id: get_version @@ -41,6 +49,7 @@ jobs: push: true tags: | quay.io/acend/theia:${{ steps.get_version.outputs.VERSION }} + ghcr.io/acend/theia:${{ steps.get_version.outputs.VERSION }} - name: Run vulnerability scanner uses: aquasecurity/trivy-action@master