From 967e044e06879cfa1484e98776105d1291e775c4 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 10:59:00 +0000 Subject: [PATCH 01/18] add optional submit to certify image action, default to true --- .github/actions/certify-openshift-image/action.yml | 8 ++++++-- .github/workflows/update-docker-images.yml | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/actions/certify-openshift-image/action.yml b/.github/actions/certify-openshift-image/action.yml index f9d423210c..cfbf8a9b89 100644 --- a/.github/actions/certify-openshift-image/action.yml +++ b/.github/actions/certify-openshift-image/action.yml @@ -19,6 +19,10 @@ inputs: description: A comma separated list of architectures in the image manifest to certify required: false default: "" + submit: + description: Submit results to Redhat PYAXIS + required: false + default: true outputs: result: @@ -43,14 +47,14 @@ runs: IFS=',' read -ra arch_list <<< "${{ inputs.platforms }}" for arch in "${arch_list[@]}"; do architecture=("${arch#*/}") - ./preflight check container ${{ inputs.image }} --pyxis-api-token ${{ inputs.pyxis_token }} --certification-project-id ${{ inputs.project_id }} --platform $architecture --submit + ./preflight check container ${{ inputs.image }} --pyxis-api-token ${{ inputs.pyxis_token }} --certification-project-id ${{ inputs.project_id }} --platform $architecture ${{ inputs.submit && '--submit' || '' }} if [ $? -ne 0 ]; then result=1 fi done else # no platforms passed, this is either a manifest or a single platform image - ./preflight check container ${{ inputs.image }} --pyxis-api-token ${{ inputs.pyxis_token }} --certification-project-id ${{ inputs.project_id }} --submit + ./preflight check container ${{ inputs.image }} --pyxis-api-token ${{ inputs.pyxis_token }} --certification-project-id ${{ inputs.project_id }} ${{ inputs.submit && '--submit' || '' }} result=$? fi echo "result=$result" >> $GITHUB_OUTPUT diff --git a/.github/workflows/update-docker-images.yml b/.github/workflows/update-docker-images.yml index 6296a107e9..e9cbdd8587 100644 --- a/.github/workflows/update-docker-images.yml +++ b/.github/workflows/update-docker-images.yml @@ -184,4 +184,4 @@ jobs: project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} platforms: "" - if: ${{ ! inputs.dry_run || false }} + submit: ${{ ! inputs.dry_run || true }} From 2c701994ffe00b968090ac1ed1775cce9728cd14 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 10:59:47 +0000 Subject: [PATCH 02/18] update preflight version to v1.11.1, the latest --- .github/workflows/image-promotion.yml | 1 + .github/workflows/release.yml | 1 + .github/workflows/update-docker-images.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/.github/workflows/image-promotion.yml b/.github/workflows/image-promotion.yml index 2ef1ee58e3..3b5c1ffa1f 100644 --- a/.github/workflows/image-promotion.yml +++ b/.github/workflows/image-promotion.yml @@ -381,6 +381,7 @@ jobs: image: quay.io/nginx/nginx-ingress:edge-ubi project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} + preflight_version: 1.11.1 scan-docker-oss: name: Scan ${{ matrix.image }}-${{ matrix.target }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 72aaca41c8..7a46b6cfbd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -301,6 +301,7 @@ jobs: image: quay.io/nginx/nginx-ingress:${{ inputs.nic_version }}-ubi project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} + preflight_version: 1.11.1 operator: if: ${{ ! cancelled() && ! failure() && ! inputs.dry_run && ! contains(inputs.skip_step, 'operator') && !contains(inputs.skip_step, 'publish-helm-chart') }} diff --git a/.github/workflows/update-docker-images.yml b/.github/workflows/update-docker-images.yml index e9cbdd8587..fe65c8267e 100644 --- a/.github/workflows/update-docker-images.yml +++ b/.github/workflows/update-docker-images.yml @@ -184,4 +184,5 @@ jobs: project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} platforms: "" + preflight_version: 1.11.1 submit: ${{ ! inputs.dry_run || true }} From b8139de72a3818a50216e7957ac48597aa761a0e Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 11:00:08 +0000 Subject: [PATCH 03/18] add workflow to allow certification of past images --- .github/scripts/exclude_ci_files.txt | 1 + .github/workflows/certify-ubi-image.yml | 41 +++++++++++++++++++++++++ 2 files changed, 42 insertions(+) create mode 100644 .github/workflows/certify-ubi-image.yml diff --git a/.github/scripts/exclude_ci_files.txt b/.github/scripts/exclude_ci_files.txt index 8d9cf9407a..c82a068a93 100644 --- a/.github/scripts/exclude_ci_files.txt +++ b/.github/scripts/exclude_ci_files.txt @@ -18,6 +18,7 @@ .github/workflows/build-ubi-dependency.yml .github/workflows/build-single-image.yml .github/workflows/cache-update.yml +.github/workflows/certify-ubi-image.yml .github/workflows/cherry-pick.yml .github/workflows/codeql-analysis.yml .github/workflows/create-release-branch.yml diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml new file mode 100644 index 0000000000..9233f1c5cb --- /dev/null +++ b/.github/workflows/certify-ubi-image.yml @@ -0,0 +1,41 @@ +name: Certify UBI image +run-name: Certify UBI image ${{ inputs.image }} by @${{ github.actor }} + +on: + workflow_dispatch: + inputs: + image: + description: "Image to certify" + required: true + type: string + submit: + description: "Submit results to Redhat" + required: false + type: boolean + default: false + preflight_version: + description: "Preflight version to use" + required: false + type: string + default: "1.11.1" + +defaults: + run: + shell: bash + +permissions: + contents: read + +jobs: + certify-ubi-images: + name: Certify OpenShift UBI images + runs-on: ubuntu-24.04 + steps: + - name: Certify UBI OSS images in quay + uses: ./.github/actions/certify-openshift-image + with: + image: ${{ inputs.image }} + project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} + pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} + preflight_version: ${{ inputs.preflight_version }} + submit: ${{ inputs.submit }} From 06ce1122fa97b6e6ebe46cedd71d71d8276be66b Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 11:03:45 +0000 Subject: [PATCH 04/18] test workflow --- .github/workflows/certify-ubi-image.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 9233f1c5cb..7114c8f30e 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -18,6 +18,9 @@ on: required: false type: string default: "1.11.1" + push: + branches: + - certify-updates defaults: run: @@ -34,8 +37,8 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.6.0-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} - preflight_version: ${{ inputs.preflight_version }} - submit: ${{ inputs.submit }} + preflight_version: ${{ inputs.preflight_version || '1.11.1' }} + submit: ${{ inputs.submit || false }} From 5ec46c49239b341d5077a3ffb44eed42fca6a274 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 11:05:28 +0000 Subject: [PATCH 05/18] checkout repo to allow action to run --- .github/workflows/certify-ubi-image.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 7114c8f30e..6512525614 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -34,6 +34,9 @@ jobs: name: Certify OpenShift UBI images runs-on: ubuntu-24.04 steps: + - name: Checkout + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: From aa55661e7694a0192cfc3e8bee04c487ef7a5911 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 11:13:02 +0000 Subject: [PATCH 06/18] submit test --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 6512525614..f821b22a6c 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -44,4 +44,4 @@ jobs: project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} - submit: ${{ inputs.submit || false }} + submit: ${{ inputs.submit || true }} From becbc83e52e9ed6efa86e0835b1734dad45434c9 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 11:56:50 +0000 Subject: [PATCH 07/18] add platforms --- .github/workflows/certify-ubi-image.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index f821b22a6c..6dfa925da9 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -45,3 +45,4 @@ jobs: pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} submit: ${{ inputs.submit || true }} + platforms: "amd64,arm64,ppc64le,s390x" From a2ec9037b8df43d08012f02344707dd07477248f Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:00:06 +0000 Subject: [PATCH 08/18] add 3.6.1 --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 6dfa925da9..942f94f8f2 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -40,7 +40,7 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.6.0-ubi' }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.6.1-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} From 94cc61a9399b6055d1504e9fac558b4456da70f5 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:02:35 +0000 Subject: [PATCH 09/18] add 3.5.0 --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 942f94f8f2..dfde4f3e1e 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -40,7 +40,7 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.6.1-ubi' }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.5.0-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} From 81454c12a0804a3386b79987606518d49647bcf7 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:05:22 +0000 Subject: [PATCH 10/18] add 3.5.1 --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index dfde4f3e1e..9148c24be3 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -40,7 +40,7 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.5.0-ubi' }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.5.1-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} From 38c9a6d6627709c8ed2f4beb9babf56149eafa11 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:08:04 +0000 Subject: [PATCH 11/18] add 3.5.2 --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 9148c24be3..ee3e59ab3d 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -40,7 +40,7 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.5.1-ubi' }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.5.2-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} From 79e72c6053f30c59b27c7c9d346427b791ed4964 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:10:56 +0000 Subject: [PATCH 12/18] add 3.6.2 --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index ee3e59ab3d..8ed37b4c15 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -40,7 +40,7 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.5.2-ubi' }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.6.2-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} From 9ce26b85cfd7528ed948b03ee87c9a0e463a6377 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:15:07 +0000 Subject: [PATCH 13/18] add default platforms to action --- .github/actions/certify-openshift-image/action.yml | 2 +- .github/workflows/certify-ubi-image.yml | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/actions/certify-openshift-image/action.yml b/.github/actions/certify-openshift-image/action.yml index cfbf8a9b89..b4da12ad14 100644 --- a/.github/actions/certify-openshift-image/action.yml +++ b/.github/actions/certify-openshift-image/action.yml @@ -18,7 +18,7 @@ inputs: platforms: description: A comma separated list of architectures in the image manifest to certify required: false - default: "" + default: "amd64,arm64,ppc64le,s390x" submit: description: Submit results to Redhat PYAXIS required: false diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 8ed37b4c15..1631cb1199 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -18,6 +18,10 @@ on: required: false type: string default: "1.11.1" + platforms: + description: A comma separated list of architectures in the image manifest to certify + required: false + default: "amd64,arm64,ppc64le,s390x" push: branches: - certify-updates @@ -45,4 +49,4 @@ jobs: pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} submit: ${{ inputs.submit || true }} - platforms: "amd64,arm64,ppc64le,s390x" + platforms: ${{ inputs.platforms || 'amd64,arm64,ppc64le,s390x' }} From 99a2c750e9501267502fa11968476478aa9190bb Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:15:15 +0000 Subject: [PATCH 14/18] add 3.7.0 --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 1631cb1199..b070edeb0b 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -44,7 +44,7 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.6.2-ubi' }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.7.0-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} From 5c2e30a08ddbf19ba6e4de153e00c1956b62c50d Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:18:22 +0000 Subject: [PATCH 15/18] add 3.7.1 --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index b070edeb0b..70be7bec4b 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -44,7 +44,7 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.7.0-ubi' }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.7.1-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} From d5ff0ac3bb49f5a3c219c8fa3772c24961059167 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:21:11 +0000 Subject: [PATCH 16/18] add 3.7.2 --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 70be7bec4b..5a51b2dcb7 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -44,7 +44,7 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.7.1-ubi' }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.7.2-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} From d4ef9dc4db02cdd88d7e0406a225a0924ec4d045 Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:24:24 +0000 Subject: [PATCH 17/18] add 4.0.0 --- .github/workflows/certify-ubi-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 5a51b2dcb7..43382502ae 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -44,7 +44,7 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:3.7.2-ubi' }} + image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:4.0.0-ubi' }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} preflight_version: ${{ inputs.preflight_version || '1.11.1' }} From b3d7e44f96430eeed0e31e51295596cb19f6325d Mon Sep 17 00:00:00 2001 From: Paul Abel Date: Wed, 18 Dec 2024 12:33:03 +0000 Subject: [PATCH 18/18] remove testing --- .github/workflows/certify-ubi-image.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/certify-ubi-image.yml b/.github/workflows/certify-ubi-image.yml index 43382502ae..fd8a5aeac0 100644 --- a/.github/workflows/certify-ubi-image.yml +++ b/.github/workflows/certify-ubi-image.yml @@ -22,9 +22,6 @@ on: description: A comma separated list of architectures in the image manifest to certify required: false default: "amd64,arm64,ppc64le,s390x" - push: - branches: - - certify-updates defaults: run: @@ -44,9 +41,9 @@ jobs: - name: Certify UBI OSS images in quay uses: ./.github/actions/certify-openshift-image with: - image: ${{ inputs.image || 'quay.io/nginx/nginx-ingress:4.0.0-ubi' }} + image: ${{ inputs.image }} project_id: ${{ secrets.CERTIFICATION_PROJECT_ID }} pyxis_token: ${{ secrets.PYXIS_API_TOKEN }} - preflight_version: ${{ inputs.preflight_version || '1.11.1' }} + preflight_version: ${{ inputs.preflight_version }} submit: ${{ inputs.submit || true }} - platforms: ${{ inputs.platforms || 'amd64,arm64,ppc64le,s390x' }} + platforms: ${{ inputs.platforms }}