117 lines
3.9 KiB
YAML
117 lines
3.9 KiB
YAML
name: Build and push Almalinux 8 container images
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
|
|
jobs:
|
|
build:
|
|
name: Build almalinux8 container images
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: quay.io/almalinuxorg/9-minimal:9.5
|
|
strategy:
|
|
matrix:
|
|
flavor: ["default", "micro"]
|
|
version: ["8.10"]
|
|
steps:
|
|
- name: Setup requirement
|
|
shell: bash
|
|
run: |
|
|
microdnf -y install git nodejs buildah podman
|
|
- name: Check out repository code
|
|
uses: actions/checkout@v4
|
|
- if: ${{ matrix.flavor == 'default' }}
|
|
name: Build almalinux default image
|
|
uses: redhat-actions/buildah-build@v2
|
|
with:
|
|
context: .
|
|
containerfiles: |
|
|
8/Containerfile.${{ matrix.flavor }}
|
|
build-args: |
|
|
ALMALINUX_VERSION=${{ matrix.version }}
|
|
tags: |
|
|
quay.io/sindigilive/almalinux:${{ matrix.version }}
|
|
- if: ${{ matrix.flavor == 'default' }}
|
|
name: Push To quay.io
|
|
uses: redhat-actions/push-to-registry@v2
|
|
with:
|
|
tags: quay.io/sindigilive/almalinux:${{ matrix.version }}
|
|
registry: quay.io
|
|
username: ${{ vars.QUAY_USERNAME }}
|
|
password: ${{ secrets.QUAY_SECRET }}
|
|
- if: ${{ matrix.flavor == 'default' }}
|
|
name: Scan almalinux image with Trivy
|
|
uses: aquasecurity/trivy-action@0.20.0
|
|
with:
|
|
image-ref: 'quay.io/sindigilive/almalinux:${{ matrix.version }}'
|
|
format: 'sarif'
|
|
output: 'trivy-results.sarif'
|
|
- if: ${{ matrix.flavor != 'default' }}
|
|
name: Build and push almalinux flavor
|
|
uses: redhat-actions/buildah-build@v2
|
|
with:
|
|
context: .
|
|
containerfiles: |
|
|
8/Dockerfile.${{ matrix.flavor }}
|
|
build-args: |
|
|
ALMALINUX_VERSION=${{ matrix.version }}
|
|
tags: |
|
|
quay.io/sindigilive/almalinux:${{ matrix.version }}-${{ matrix.flavor }}
|
|
- if: ${{ matrix.flavor != 'default' }}
|
|
name: Push almalinux flavor image to quay.io
|
|
uses: redhat-actions/push-to-registry@v2
|
|
with:
|
|
tags: quay.io/sindigilive/almalinux:${{ matrix.version }}-${{ matrix.flavor }}
|
|
registry: quay.io
|
|
username: ${{ vars.QUAY_USERNAME }}
|
|
password: ${{ secrets.QUAY_SECRET }}
|
|
- if: ${{ matrix.flavor != 'default' }}
|
|
name: Scan almalinux flavor image with Trivy
|
|
uses: aquasecurity/trivy-action@0.20.0
|
|
with:
|
|
image-ref: 'quay.io/sindigilive/almalinux:${{ matrix.version }}-${{ matrix.flavor }}'
|
|
format: 'sarif'
|
|
output: 'trivy-results.sarif'
|
|
|
|
build-latest:
|
|
name: Build latest almalinux8 container images
|
|
runs-on: almalinux-latest
|
|
needs:
|
|
- build
|
|
container:
|
|
image: quay.io/almalinuxorg/9-minimal:9.5
|
|
steps:
|
|
- name: Setup requirement
|
|
shell: bash
|
|
run: |
|
|
microdnf -y install git nodejs buildah podman
|
|
- name: Check out repository code
|
|
uses: actions/checkout@v4
|
|
- name: Build and push latest almalinux8-micro
|
|
uses: redhat-actions/buildah-build@v2
|
|
with:
|
|
context: .
|
|
containerfiles: |
|
|
8/Dockerfile.micro
|
|
tags: |
|
|
quay.io/sindigilive/almalinux:8-micro
|
|
- name: Build and push latest-almalinux8
|
|
uses: redhat-actions/buildah-build@v2
|
|
with:
|
|
context: .
|
|
containerfiles: |
|
|
8/Dockerfile.micro
|
|
tags: |
|
|
quay.io/sindigilive/almalinux:8
|
|
- name: Push latest almalinux image to quay.io
|
|
uses: redhat-actions/push-to-registry@v2
|
|
with:
|
|
registry: quay.io
|
|
username: ${{ vars.QUAY_USERNAME }}
|
|
password: ${{ secrets.QUAY_SECRET }}
|
|
tags: |
|
|
quay.io/sindigilive/almalinux:8-micro
|
|
quay.io/sindigilive/almalinux:8
|