diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index cc3d8cb..0000000 --- a/.drone.yml +++ /dev/null @@ -1,40 +0,0 @@ -workspace: - base: /go - path: src/github.com/uswitch/vault-creds - -pipeline: - test: - image: golang:1.15 - environment: - - GO111MODULE=on - commands: - - go test -v -cover $(go list ./... | grep -v /vendor) - - build: - image: golang:1.15 - environment: - - GO111MODULE=on - commands: - - CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "-X main.SHA=${DRONE_COMMIT_SHA}" -o bin/vaultcreds cmd/*.go - - docker-latest: - image: plugins/docker - repo: quay.io/uswitch/vault-creds - registry: quay.io - secrets: [ docker_username, docker_password ] - tags: - - latest - - ${DRONE_COMMIT_SHA} - when: - event: push - branch: master - - docker-tagged: - when: - event: tag - image: plugins/docker - repo: quay.io/uswitch/vault-creds - registry: quay.io - secrets: [ docker_username, docker_password ] - tags: - - ${DRONE_TAG} diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml new file mode 100644 index 0000000..aa17394 --- /dev/null +++ b/.github/workflows/push.yaml @@ -0,0 +1,50 @@ +name: push +on: push +permissions: + contents: read + id-token: write +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v4 + with: + go-version: "1.15" + - run: go test -v -cover $(go list ./... | grep -v /vendor) + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v4 + with: + go-version: "1.15" + - run: CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "-X main.SHA=${{ github.sha }}" -o bin/vaultcreds cmd/*.go + - uses: actions/upload-artifact@v3 + with: + name: bin + path: bin/ + docker-build-push: + if: github.ref_name == 'master' || startsWith(github.ref, 'refs/tags/v') + needs: [test, build] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/download-artifact@v3 + with: + name: bin + path: bin/ + - id: meta + uses: docker/metadata-action@v4 + with: + images: quay.io/uswitch/vault-creds + tags: | + type=semver,pattern={{version}} + type=sha,prefix=,format=long, + - uses: docker/build-push-action@v4 + with: + context: . + labels: ${{ steps.meta.outputs.labels }} + push: true + tags: ${{ steps.meta.outputs.tags }} + diff --git a/Dockerfile b/Dockerfile index 163c2ce..5392867 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ FROM scratch ADD bin/vaultcreds /vaultcreds -COPY --from=base /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ +COPY --chmod=755 --from=base /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ ENTRYPOINT ["/vaultcreds"] CMD []