From 4df60052af6d09df8e18c5db700cbb27bad18cbd Mon Sep 17 00:00:00 2001 From: Jauder Ho Date: Mon, 9 Aug 2021 10:21:10 +0000 Subject: [PATCH] Use GH Action to build new container images upon push --- .github/workflows/docker-3.0.yml | 67 ++++++++++++++++++++++++++++ .github/workflows/docker-3.1dev.yml | 68 +++++++++++++++++++++++++++++ Dockerfile.git | 24 ++++++++++ 3 files changed, 159 insertions(+) create mode 100644 .github/workflows/docker-3.0.yml create mode 100644 .github/workflows/docker-3.1dev.yml create mode 100644 Dockerfile.git diff --git a/.github/workflows/docker-3.0.yml b/.github/workflows/docker-3.0.yml new file mode 100644 index 0000000..2b0d6ec --- /dev/null +++ b/.github/workflows/docker-3.0.yml @@ -0,0 +1,67 @@ +name: docker-3.0 + +on: + push: + branches: + - 3.0 + workflow_dispatch: + schedule: + - cron: "0 8 * * 1" + +env: + BUILD_VERSION: "3.0" + DOCKER_CLI_EXPERIMENTAL: enabled + #REPOSITORY: ${{ github.actor }}/${{ github.workflow }} + REPOSITORY: ${{ github.actor }}/testssl.sh + +jobs: + + deploy: + runs-on: ubuntu-20.04 + + steps: + - name: Source checkout + uses: actions/checkout@v2.3.4 + + - name: Setup QEMU + id: qemu + uses: docker/setup-qemu-action@v1.2.0 + + - name: Setup Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + + - name: Set Docker metadata + id: docker_meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.REPOSITORY }} + labels: | + org.opencontainers.image.version=${{ env.BUILD_VERSION }} + org.opencontainers.image.revision=${{ github.sha }} + org.opencontainers.image.title=${{ env.REPOSITORY }} + + - name: GitHub login + if: ${{ github.event_name != 'pull_request' }} + uses: docker/login-action@v1.10.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v2.6.1 + with: + push: ${{ github.event_name != 'pull_request' }} + #context: ${{ github.workflow }} + #context: docker + context: . + file: Dockerfile.git + #platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7,linux/arm/v6 + platforms: linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6,linux/ppc64le + build-args: BUILD_VERSION + cache-from: type=gha, scope=${{ github.workflow }} + cache-to: type=gha, scope=${{ github.workflow }} + labels: ${{ steps.docker_meta.outputs.labels }} + tags: | + ghcr.io/${{ env.REPOSITORY }}:${{ env.BUILD_VERSION }} diff --git a/.github/workflows/docker-3.1dev.yml b/.github/workflows/docker-3.1dev.yml new file mode 100644 index 0000000..918b8f8 --- /dev/null +++ b/.github/workflows/docker-3.1dev.yml @@ -0,0 +1,68 @@ +name: docker-3.1dev + +on: + push: + branches: + - 3.1dev + workflow_dispatch: + schedule: + - cron: "0 8 * * 1" + +env: + BUILD_VERSION: "3.1dev" + DOCKER_CLI_EXPERIMENTAL: enabled + #REPOSITORY: ${{ github.actor }}/${{ github.workflow }} + REPOSITORY: ${{ github.actor }}/testssl.sh + +jobs: + + deploy: + runs-on: ubuntu-20.04 + + steps: + - name: Source checkout + uses: actions/checkout@v2.3.4 + + - name: Setup QEMU + id: qemu + uses: docker/setup-qemu-action@v1.2.0 + + - name: Setup Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + + - name: Set Docker metadata + id: docker_meta + uses: docker/metadata-action@v3 + with: + images: ${{ env.REPOSITORY }} + labels: | + org.opencontainers.image.version=${{ env.BUILD_VERSION }} + org.opencontainers.image.revision=${{ github.sha }} + org.opencontainers.image.title=${{ env.REPOSITORY }} + + - name: GitHub login + if: ${{ github.event_name != 'pull_request' }} + uses: docker/login-action@v1.10.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v2.6.1 + with: + push: ${{ github.event_name != 'pull_request' }} + #context: ${{ github.workflow }} + #context: docker + #context: . + file: Dockerfile.git + #platforms: linux/amd64,linux/arm64,linux/386,linux/arm/v7,linux/arm/v6 + platforms: linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6,linux/ppc64le + build-args: BUILD_VERSION + cache-from: type=gha, scope=${{ github.workflow }} + cache-to: type=gha, scope=${{ github.workflow }} + labels: ${{ steps.docker_meta.outputs.labels }} + tags: | + ghcr.io/${{ env.REPOSITORY }}:${{ env.BUILD_VERSION }} + ghcr.io/${{ env.REPOSITORY }}:latest diff --git a/Dockerfile.git b/Dockerfile.git new file mode 100644 index 0000000..50106a3 --- /dev/null +++ b/Dockerfile.git @@ -0,0 +1,24 @@ +# Build using git repo + +FROM alpine:3.14 + +WORKDIR /home/testssl + +ARG BUILD_VERSION +ARG ARCHIVE_URL=https://github.com/drwetter/testssl.sh/archive/ +ARG URL=https://github.com/drwetter/testssl.sh.git + +RUN test -n "${BUILD_VERSION}" \ + && apk update \ + && apk add --no-cache bash procps drill git coreutils libidn curl socat openssl xxd \ + && git clone --depth 1 --branch ${BUILD_VERSION} $URL /home/testssl \ + && addgroup testssl \ + && adduser -G testssl -g "testssl user" -s /bin/bash -D testssl \ + && ln -s /home/testssl/testssl.sh /usr/local/bin/ \ + && mkdir -m 755 -p /home/testssl/etc /home/testssl/bin + +USER testssl + +ENTRYPOINT ["testssl.sh"] + +CMD ["--help"]