-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yml
122 lines (109 loc) · 3.88 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
name: 'Container Build and Publish'
description: 'GitHub Action with a pipeline to build, test and publish a container image'
inputs:
workdir:
description: "Working directory of bake execution"
required: false
default: '.'
test-targets:
description: "List of bake targets for testing"
required: false
default: 'local'
dockerhub-username:
description: 'Username used to log against the Docker registry'
required: false
default: ''
dockerhub-password:
description: 'Password or personal access token used to log against the Docker registry'
required: false
default: ''
run-lint-stage:
description: 'Run lint stage'
required: false
default: true
run-test-stage:
description: 'Run test stage'
required: false
default: true
test-image:
description: 'Test image'
requires: false
default: ''
test-entrypoint:
description: 'Test entrypoint'
requires: false
default: '/bin/bash'
runs:
using: 'composite'
steps:
- uses: actions/checkout@v4
- name: Check the Containerfile with hadolint
if: ${{ inputs.run-list-stage }}
shell: bash
working-directory: ${{ inputs.workdir }}
run: |
$(git rev-parse --show-toplevel)/bin/lint.sh
- name: Install QEMU static binaries
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: Build locally for testing
uses: docker/bake-action@v4
if: ${{ inputs.run-test-stage }}
with:
workdir: ${{ inputs.workdir }}
targets: ${{ inputs.test-targets }}
load: true
- name: Run tests on the image with cinc-auditor
if: ${{ inputs.run-test-stage }}
shell: bash
working-directory: ${{ inputs.workdir }}
run: |
json_data="$(docker buildx bake local --print 2>/dev/null)"
test_image=${{ inputs.test-image }}
if [ -z "${{ inputs.test-image }}" ]; then
test_image=$(echo "$json_data" | jq -r '.target | to_entries[0].value | .tags[0]')
fi
$(git rev-parse --show-toplevel)/bin/test-matrix.sh $test_image ${{ inputs.test-entrypoint }}
- name: Login to DockerHub
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v3
with:
username: ${{ inputs.dockerhub-username }}
password: ${{ inputs.dockerhub-password }}
- name: Build and push
uses: docker/bake-action@v4
with:
workdir: ${{ inputs.workdir }}
push: ${{ github.event_name != 'pull_request' }}
- name: Get the image name
if: ${{ github.event_name != 'pull_request' }}
id: image_name
shell: bash
working-directory: ${{ inputs.workdir }}
run: |
echo "image_name=$($(git rev-parse --show-toplevel)/bin/image-name.sh)" >> $GITHUB_ENV
- name: Get the image description
if: ${{ github.event_name != 'pull_request' }}
id: image_description
shell: bash
working-directory: ${{ inputs.workdir }}
run: |
echo "image_description=$($(git rev-parse --show-toplevel)/bin/image-description.sh)" >> $GITHUB_ENV
- name: Get the image readme filepath
if: ${{ github.event_name != 'pull_request' }}
id: image_readme_filepath
shell: bash
working-directory: ${{ inputs.workdir }}
run: |
echo "image_readme_filepath=$($(git rev-parse --show-toplevel)/bin/image-readme.sh)" >> $GITHUB_ENV
- name: Update Docker Hub Description
if: ${{ github.event_name != 'pull_request' }}
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ inputs.dockerhub-username }}
password: ${{ inputs.dockerhub-password }}
repository: boxcutter/${{ env.image_name }}
short-description: ${{ env.image_description }}
readme-filepath: ${{ env.image_readme_filepath }}