Skip to content

Commit 4c3c7e4

Browse files
christiangdachristiangda
authored
Merge pull request #503 from slashdevops/fix/container-images
fix: replace Docker with Podman and simplify container image publishing
2 parents 07a8a7c + d82d0a7 commit 4c3c7e4

9 files changed

Lines changed: 161 additions & 286 deletions

File tree

.github/workflows/container-image.yml

Lines changed: 34 additions & 63 deletions
Original file line numberDiff line numberDiff line change
@@ -2,95 +2,66 @@ name: "Container Image"
22

33
on:
44
workflow_call:
5-
secrets:
6-
DOCKER_HUB_TOKEN:
7-
required: true
8-
DOCKER_HUB_USER:
9-
required: true
10-
GH_PAT:
11-
required: true
12-
GH_USER:
13-
required: true
14-
AWS_OIDC_ROLE_TO_ASSUME:
15-
required: true
165
workflow_dispatch:
176

187
env:
19-
AWS_REGION: us-east-1
8+
MAKE_STOP_ON_ERRORS: true
9+
MAKE_DEBUG: true
2010

2111
permissions:
2212
id-token: write
23-
contents: read
13+
contents: write
14+
packages: write
2415

2516
jobs:
26-
build_publish_container_images:
17+
build:
2718
name: Build and Publish Container Images
2819
runs-on: ubuntu-latest
2920
steps:
3021
- name: Check out code
3122
uses: actions/checkout@v6
3223

33-
- name: Set up Go 1.x
34-
id: go
35-
uses: actions/setup-go@v6
36-
with:
37-
go-version-file: ./go.mod
38-
39-
- name: Go version
24+
- name: Install Podman
4025
run: |
41-
go version
26+
sudo apt-get update
27+
sudo apt-get install -y podman
4228
43-
- name: Git Current branch name (Version)
29+
- name: Tools and versions
4430
run: |
45-
echo ${{ github.ref_name }}
31+
echo "# Container Image Summary" > $GITHUB_STEP_SUMMARY
32+
echo "" >> $GITHUB_STEP_SUMMARY
33+
echo "## Tools and versions" >> $GITHUB_STEP_SUMMARY
4634
47-
- name: Docker Version
48-
run: |
49-
docker version
35+
podman_version=$(podman --version | awk '{print $3}')
36+
echo "Podman version: $podman_version"
37+
echo "**Podman Version:** $podman_version" >> $GITHUB_STEP_SUMMARY
5038
51-
- name: Set up QEMU
52-
uses: docker/setup-qemu-action@v4
39+
make_version=$(make --version | head -n 1)
40+
echo "Make version: $make_version"
41+
echo "**Make Version:** $make_version" >> $GITHUB_STEP_SUMMARY
5342
54-
- name: Set up Docker Buildx
55-
uses: docker/setup-buildx-action@v4
43+
- name: Download Distribution files
44+
uses: actions/download-artifact@v7
45+
with:
46+
name: dist
47+
path: ./dist/
5648

57-
- name: Build container images
49+
- name: Make container-build
5850
run: |
59-
GIT_VERSION=${{ github.ref_name }} make container-build
51+
echo "## Make container-build" >> $GITHUB_STEP_SUMMARY
52+
GIT_VERSION=${{ github.ref_name }} make container-build | tee -a $GITHUB_STEP_SUMMARY
6053
6154
- name: Show container images
6255
run: |
63-
docker images
64-
65-
- name: Logging in Docker Hub
66-
run: |
67-
echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USER }} --password-stdin
68-
69-
- name: Publish Images in Docker Hub
70-
run: |
71-
GIT_VERSION=${{ github.ref_name }} make container-publish-docker
72-
73-
- name: Logging in GitHub Registry
74-
run: |
75-
echo ${{ secrets.GH_PAT }} | docker login ghcr.io -u ${{ secrets.GH_USER }} --password-stdin
76-
77-
- name: Publish Images in GitHub Registry
78-
run: |
79-
GIT_VERSION=${{ github.ref_name }} make container-publish-github
80-
81-
- name: Configure AWS Credentials
82-
uses: aws-actions/configure-aws-credentials@v5
83-
with:
84-
role-to-assume: ${{ secrets.AWS_OIDC_ROLE_TO_ASSUME }}
85-
role-session-name: publish-ecr-public-images
86-
aws-region: ${{ env.AWS_REGION }}
56+
echo "## Show container images" >> $GITHUB_STEP_SUMMARY
57+
podman images | tee -a $GITHUB_STEP_SUMMARY
8758
88-
- name: Logging in AWS ECR Public Repository
89-
env:
90-
AWS_REGION: ${{ env.AWS_REGION }}
59+
- name: Make container-login
9160
run: |
92-
aws ecr-public get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin public.ecr.aws
61+
echo "## Make container-login" >> $GITHUB_STEP_SUMMARY
62+
GIT_VERSION=${{ github.ref_name }} REPOSITORY_REGISTRY_TOKEN=${{ secrets.GITHUB_TOKEN }} REPOSITORY_REGISTRY_USERNAME=${{ github.actor }} make container-login | tee -a $GITHUB_STEP_SUMMARY
9363
94-
- name: Publish Images in GitHub Packages
64+
- name: Make container-publish
9565
run: |
96-
GIT_VERSION=${{ github.ref_name }} make container-publish-aws-ecr
66+
echo "## Make container-publish" >> $GITHUB_STEP_SUMMARY
67+
GIT_VERSION=${{ github.ref_name }} make container-publish | tee -a $GITHUB_STEP_SUMMARY

.github/workflows/release.yml

Lines changed: 13 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -7,14 +7,15 @@ on:
77
- v[0-9].[0-9]+.[0-9]*
88

99
env:
10-
AWS_REGION: us-east-1
10+
MAKE_STOP_ON_ERRORS: true
1111

1212
permissions:
1313
id-token: write
1414
security-events: write
1515
actions: write
1616
contents: write
1717
pull-requests: read
18+
packages: write
1819

1920
jobs:
2021
test:
@@ -55,82 +56,51 @@ jobs:
5556
run: |
5657
go version
5758
58-
- name: Git Current branch name (Version)
59-
run: |
60-
echo ${{ github.ref_name }}
61-
6259
- name: Build Distribution Cross-Platform
6360
run: |
6461
GIT_VERSION=${{ github.ref_name }} make build-dist
6562
63+
- name: Build Distribution zip Assets
64+
run: |
65+
GIT_VERSION=${{ github.ref_name }} make build-dist-zip
66+
6667
- name: Upload Distribution files
6768
uses: actions/upload-artifact@v6
6869
with:
6970
name: dist
7071
path: ./dist/
72+
retention-days: 1
73+
74+
container_image:
75+
name: Publish Container Images
76+
needs: build
77+
uses: ./.github/workflows/container-image.yml
7178

7279
create-github-release:
7380
name: Create Github Release
7481
needs: build
7582
runs-on: ubuntu-latest
7683
steps:
77-
- name: Check out code
78-
uses: actions/checkout@v6
79-
80-
- name: Set up Go 1.x
81-
id: go
82-
uses: actions/setup-go@v6
83-
with:
84-
go-version-file: ./go.mod
85-
86-
- name: Go version
87-
run: |
88-
go version
89-
90-
- name: Docker Version
91-
run: |
92-
docker version
93-
94-
- name: Git Current branch name (Version)
95-
run: |
96-
echo ${{ github.ref_name }}
97-
9884
- name: Download Distribution files
9985
uses: actions/download-artifact@v7
10086
with:
10187
name: dist
10288
path: ./dist/
10389

104-
- name: Build Distribution zip Assets
105-
run: |
106-
GIT_VERSION=${{ github.ref_name }} make build-dist-zip
107-
10890
- name: Create Release
10991
id: create-github-release
11092
uses: softprops/action-gh-release@v2
11193
with:
11294
tag_name: ${{ github.ref_name }}
11395
name: ${{ github.ref_name }}
114-
# body: |
115-
# See the file: CHANGELOG.md
11696
draft: false
11797
prerelease: false
11898
generate_release_notes: true
99+
make_latest: true
119100
token: ${{ secrets.GITHUB_TOKEN }}
120101
files: |
121102
dist/assets/**
122103
123-
container_image:
124-
name: Create and Publish Container Image
125-
needs: create-github-release
126-
uses: slashdevops/idp-scim-sync/.github/workflows/container-image.yml@main
127-
secrets:
128-
GH_PAT: ${{ secrets.GH_PAT }}
129-
GH_USER: ${{ secrets.GH_USER }}
130-
DOCKER_HUB_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }}
131-
DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
132-
AWS_OIDC_ROLE_TO_ASSUME: ${{ secrets.AWS_OIDC_ROLE_TO_ASSUME }}
133-
134104
aws_sam:
135105
name: Create and Publish AWS SAM Serverless Application
136106
needs: create-github-release

Containerfile

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
FROM alpine
2+
3+
ARG SERVICE_NAME="idpscim"
4+
ARG GOOS="linux"
5+
ARG GOARCH="amd64"
6+
ARG BUILD_DATE=""
7+
ARG BUILD_VERSION=""
8+
ARG DESCRIPTION="Container image for idp-scim-sync"
9+
ARG REPO_URL="https://github.com/slashdevops/idp-scim-sync"
10+
11+
ENV HOME="/app"
12+
13+
LABEL name="${SERVICE_NAME}" \
14+
org.opencontainers.image.created="${BUILD_DATE}" \
15+
org.opencontainers.image.version="${BUILD_VERSION}" \
16+
org.opencontainers.image.description="${DESCRIPTION}" \
17+
org.opencontainers.image.url="${REPO_URL}" \
18+
org.opencontainers.image.source="${REPO_URL}"
19+
20+
RUN apk add --no-cache --update \
21+
ca-certificates \
22+
&& rm -rf /tmp/* /var/tmp/* /var/cache/apk/*
23+
24+
RUN mkdir -p $HOME && \
25+
chown -R nobody:nobody $HOME
26+
27+
COPY dist/$SERVICE_NAME-$GOOS-$GOARCH $HOME/$SERVICE_NAME
28+
29+
ENV PATH="${PATH}:${HOME}"
30+
31+
USER nobody:nobody
32+
WORKDIR $HOME
33+
34+
CMD ["/app/idpscim", "--help"]

Dockerfile

Lines changed: 0 additions & 29 deletions
This file was deleted.

0 commit comments

Comments
 (0)