Skip to content

Commit 741695c

Browse files
PierreJeanjacquotPierreJeanjacquot
committed
refactor: use env to deduplicate variables
1 parent 60d21d6 commit 741695c

File tree

1 file changed

+16
-14
lines changed

1 file changed

+16
-14
lines changed

.github/workflows/sconify.yml

Lines changed: 16 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -86,6 +86,10 @@ on:
8686
jobs:
8787
build:
8888
runs-on: ubuntu-latest
89+
env:
90+
FROM_IMAGE: ${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}
91+
DEBUG_IMAGE: ${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-debug-${{ inputs.sconify-version }}
92+
PROD_IMAGE: ${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-prod-${{ inputs.sconify-version }}
8993
outputs:
9094
debug-image: ${{ steps.push-debug.outputs.image }}
9195
debug-mrenclave: ${{ steps.push-debug.outputs.mrenclave }}
@@ -122,8 +126,8 @@ jobs:
122126
-v /var/run/docker.sock:/var/run/docker.sock \
123127
registry.scontain.com/scone-production/iexec-sconify-image:${{ inputs.sconify-version }} \
124128
sconify_iexec \
125-
--from=${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }} \
126-
--to=${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-debug-${{ inputs.sconify-version }} \
129+
--from=$FROM_IMAGE \
130+
--to=$DEBUG_IMAGE \
127131
--binary-fs \
128132
--fs-dir=${{ inputs.fs-dir }} \
129133
--host-path=/etc/hosts \
@@ -139,11 +143,10 @@ jobs:
139143
if: ${{ inputs.sconify-debug }}
140144
id: push-debug
141145
run: |
142-
docker push ${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-debug-${{ inputs.sconify-version }}
143-
echo "image=${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-debug-${{ inputs.sconify-version }}" >> "$GITHUB_OUTPUT"
144-
echo "checksum=$(docker image inspect ${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-debug-${{ inputs.sconify-version }} \
145-
| jq .[0].RepoDigests[0] | sed 's/"//g' | awk -F '@sha256:' '{print $2}')" >> "$GITHUB_OUTPUT"
146-
echo "mrenclave=$(docker run --rm -e SCONE_HASH=1 ${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-debug-${{ inputs.sconify-version }})" >> "$GITHUB_OUTPUT"
146+
docker push $DEBUG_IMAGE
147+
echo "image=$DEBUG_IMAGE" >> "$GITHUB_OUTPUT"
148+
echo "checksum=$(docker image inspect $DEBUG_IMAGE | jq .[0].RepoDigests[0] | sed 's/"//g' | awk -F '@sha256:' '{print $2}')" >> "$GITHUB_OUTPUT"
149+
echo "mrenclave=$(docker run --rm -e SCONE_HASH=1 $DEBUG_IMAGE)" >> "$GITHUB_OUTPUT"
147150
148151
- name: Sconify Image Prod
149152
if: ${{ inputs.sconify-prod }}
@@ -156,8 +159,8 @@ jobs:
156159
-v $HOME/sig/enclave-key.pem:/sig/enclave-key.pem \
157160
registry.scontain.com/scone-production/iexec-sconify-image:${{ inputs.sconify-version }} \
158161
sconify_iexec \
159-
--from=${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }} \
160-
--to=${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-prod-${{ inputs.sconify-version }} \
162+
--from=$FROM_IMAGE \
163+
--to=$PROD_IMAGE \
161164
--binary-fs \
162165
--fs-dir=${{ inputs.fs-dir }} \
163166
--host-path=/etc/hosts \
@@ -174,8 +177,7 @@ jobs:
174177
if: ${{ inputs.sconify-prod }}
175178
id: push-prod
176179
run: |
177-
docker push ${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-prod-${{ inputs.sconify-version }}
178-
echo "image=${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-prod-${{ inputs.sconify-version }}" >> "$GITHUB_OUTPUT"
179-
echo "checksum=$(docker image inspect ${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-prod-${{ inputs.sconify-version }} \
180-
| jq .[0].RepoDigests[0] | sed 's/"//g' | awk -F '@sha256:' '{print $2}')" >> "$GITHUB_OUTPUT"
181-
echo "mrenclave=$(docker run --rm -e SCONE_HASH=1 ${{ inputs.docker-registry }}/${{ inputs.image-name }}:${{ inputs.image-tag }}-scone-prod-${{ inputs.sconify-version }})" >> "$GITHUB_OUTPUT"
180+
docker push $PROD_IMAGE
181+
echo "image=$PROD_IMAGE" >> "$GITHUB_OUTPUT"
182+
echo "checksum=$(docker image inspect $PROD_IMAGE | jq .[0].RepoDigests[0] | sed 's/"//g' | awk -F '@sha256:' '{print $2}')" >> "$GITHUB_OUTPUT"
183+
echo "mrenclave=$(docker run --rm -e SCONE_HASH=1 $PROD_IMAGE)" >> "$GITHUB_OUTPUT"

0 commit comments

Comments
 (0)