This application is an example of how you can approach leveraging secure base images and Github Actions to improve the supply chain security of an application.
The exemplar application is based on Google's JIB examples:
This is an example of how to easily build a Docker image for a Spring Boot application with Jib.
Gradle:
./gradlew jib --image=<your image, eg. gcr.io/my-project/spring-boot-jib>
Make sure you have kubectl installed and configured with a cluster.
IMAGE=<your image, eg. gcr.io/my-project/spring-boot-jib>
./mvnw compile jib:build -Dimage=$IMAGE
kubectl run spring-boot-jib --image=$IMAGE --port=8080 --restart=Never
# Wait until pod is running
kubectl port-forward spring-boot-jib 8080curl localhost:8080
> Greetings from Spring Boot and Jib!* If you are using Gradle, use ./gradlew jib --image=$IMAGE instead of the ./mvnw command
Give it a
Learn more about Jib.
