Skip to content

Commit 69d9686

Browse files
fcostaoliveirafcostaoliveira
committed
Docker publish setup
1 parent 9117041 commit 69d9686

File tree

9 files changed

+930
-4
lines changed

9 files changed

+930
-4
lines changed

.dockerignore

Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
# Compiled binaries
2+
pubsub-sub-bench
3+
*.exe
4+
*.exe~
5+
*.dll
6+
*.so
7+
*.dylib
8+
9+
# Test binaries
10+
*.test
11+
12+
# Coverage files
13+
coverage.txt
14+
*.out
15+
16+
# Profiling files
17+
*.pprof
18+
cpuprofile-extended.pprof
19+
v10.pprof
20+
v6.pprof
21+
22+
# Log files
23+
*.log
24+
25+
# OS generated files
26+
.DS_Store
27+
.DS_Store?
28+
._*
29+
.Spotlight-V100
30+
.Trashes
31+
ehthumbs.db
32+
Thumbs.db
33+
34+
# IDE files
35+
.idea/
36+
.vscode/
37+
.project
38+
*.swp
39+
*.swo
40+
*~
41+
42+
# Git files
43+
.git/
44+
.gitignore
45+
46+
# CI/CD files
47+
.github/
48+
49+
# Documentation
50+
README.md
51+
LICENSE
52+
53+
# JavaScript/Node.js directories (not needed for Go build)
54+
js/
55+
node_modules/
56+
package-lock.json
57+
58+
# Distribution directories
59+
dist/
60+
out/
61+
62+
# Temporary files
63+
tmp/
64+
temp/
65+
66+
# Archive files
67+
*.7z
68+
*.dmg
69+
*.gz
70+
*.iso
71+
*.jar
72+
*.rar
73+
*.tar
74+
*.zip
75+
*.bz2
76+
77+
# Database files
78+
*.sql
79+
*.sqlite
80+
81+
# Makefile (we're using Docker build instead)
82+
Makefile
83+
84+
# Docker files themselves
85+
Dockerfile*
86+
.dockerignore
87+
docker-compose*.yml

.github/workflows/docker-publish-master.yml

Lines changed: 91 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,91 @@
1+
name: Docker Publish - Master
2+
3+
on:
4+
push:
5+
branches: [master]
6+
paths-ignore:
7+
- '**.md'
8+
- 'docs/**'
9+
- 'js/**'
10+
- '.github/workflows/unit-tests.yml'
11+
- '.github/workflows/codeql-analysis.yml'
12+
- '.github/workflows/release-drafter.yml'
13+
14+
env:
15+
REGISTRY: docker.io
16+
IMAGE_NAME: filipe958/pubsub-sub-bench
17+
18+
jobs:
19+
docker-publish:
20+
runs-on: ubuntu-latest
21+
permissions:
22+
contents: read
23+
packages: write
24+
25+
steps:
26+
- name: Checkout repository
27+
uses: actions/checkout@v4
28+
with:
29+
fetch-depth: 0 # Fetch full history for Git info
30+
31+
- name: Set up Docker Buildx
32+
uses: docker/setup-buildx-action@v3
33+
34+
- name: Log in to Docker Hub
35+
uses: docker/login-action@v3
36+
with:
37+
registry: ${{ env.REGISTRY }}
38+
username: ${{ secrets.DOCKER_USERNAME }}
39+
password: ${{ secrets.DOCKER_PASSWORD }}
40+
41+
- name: Extract Git metadata
42+
id: meta
43+
run: |
44+
GIT_SHA=$(git rev-parse HEAD)
45+
GIT_DIRTY=$(git diff --no-ext-diff 2>/dev/null | wc -l)
46+
echo "git_sha=${GIT_SHA}" >> $GITHUB_OUTPUT
47+
echo "git_dirty=${GIT_DIRTY}" >> $GITHUB_OUTPUT
48+
echo "short_sha=${GIT_SHA:0:7}" >> $GITHUB_OUTPUT
49+
50+
- name: Extract metadata for Docker
51+
id: docker_meta
52+
uses: docker/metadata-action@v5
53+
with:
54+
images: ${{ env.IMAGE_NAME }}
55+
tags: |
56+
type=raw,value=latest
57+
type=raw,value=master-{{sha}}
58+
type=raw,value=master-{{date 'YYYYMMDD-HHmmss'}}
59+
60+
- name: Build and push Docker image
61+
uses: docker/build-push-action@v5
62+
with:
63+
context: .
64+
platforms: linux/amd64,linux/arm64
65+
push: true
66+
tags: ${{ steps.docker_meta.outputs.tags }}
67+
labels: ${{ steps.docker_meta.outputs.labels }}
68+
build-args: |
69+
GIT_SHA=${{ steps.meta.outputs.git_sha }}
70+
GIT_DIRTY=${{ steps.meta.outputs.git_dirty }}
71+
cache-from: type=gha
72+
cache-to: type=gha,mode=max
73+
74+
- name: Generate summary
75+
run: |
76+
echo "## 🐳 Docker Image Published" >> $GITHUB_STEP_SUMMARY
77+
echo "" >> $GITHUB_STEP_SUMMARY
78+
echo "**Repository:** \`${{ env.IMAGE_NAME }}\`" >> $GITHUB_STEP_SUMMARY
79+
echo "**Tags:**" >> $GITHUB_STEP_SUMMARY
80+
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
81+
echo "${{ steps.docker_meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY
82+
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
83+
echo "" >> $GITHUB_STEP_SUMMARY
84+
echo "**Git SHA:** \`${{ steps.meta.outputs.git_sha }}\`" >> $GITHUB_STEP_SUMMARY
85+
echo "" >> $GITHUB_STEP_SUMMARY
86+
echo "**Usage:**" >> $GITHUB_STEP_SUMMARY
87+
echo "\`\`\`bash" >> $GITHUB_STEP_SUMMARY
88+
echo "docker run --rm ${{ env.IMAGE_NAME }}:latest --help" >> $GITHUB_STEP_SUMMARY
89+
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
90+
echo "" >> $GITHUB_STEP_SUMMARY
91+
echo "🔗 [View on Docker Hub](https://hub.docker.com/r/filipe958/pubsub-sub-bench)" >> $GITHUB_STEP_SUMMARY

.github/workflows/docker-publish-release.yml

Lines changed: 105 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,105 @@
1+
name: Docker Publish - Release
2+
3+
on:
4+
release:
5+
types: [published]
6+
7+
env:
8+
REGISTRY: docker.io
9+
IMAGE_NAME: filipe958/pubsub-sub-bench
10+
11+
jobs:
12+
docker-publish:
13+
runs-on: ubuntu-latest
14+
permissions:
15+
contents: read
16+
packages: write
17+
18+
steps:
19+
- name: Checkout repository
20+
uses: actions/checkout@v4
21+
with:
22+
fetch-depth: 0 # Fetch full history for Git info
23+
24+
- name: Set up Docker Buildx
25+
uses: docker/setup-buildx-action@v3
26+
27+
- name: Log in to Docker Hub
28+
uses: docker/login-action@v3
29+
with:
30+
registry: ${{ env.REGISTRY }}
31+
username: ${{ secrets.DOCKER_USERNAME }}
32+
password: ${{ secrets.DOCKER_PASSWORD }}
33+
34+
- name: Extract Git metadata
35+
id: meta
36+
run: |
37+
GIT_SHA=$(git rev-parse HEAD)
38+
GIT_DIRTY=$(git diff --no-ext-diff 2>/dev/null | wc -l)
39+
echo "git_sha=${GIT_SHA}" >> $GITHUB_OUTPUT
40+
echo "git_dirty=${GIT_DIRTY}" >> $GITHUB_OUTPUT
41+
echo "short_sha=${GIT_SHA:0:7}" >> $GITHUB_OUTPUT
42+
43+
- name: Extract metadata for Docker
44+
id: docker_meta
45+
uses: docker/metadata-action@v5
46+
with:
47+
images: ${{ env.IMAGE_NAME }}
48+
tags: |
49+
type=ref,event=tag
50+
type=semver,pattern={{version}}
51+
type=semver,pattern={{major}}.{{minor}}
52+
type=semver,pattern={{major}}
53+
type=raw,value=latest,enable={{is_default_branch}}
54+
55+
- name: Build and push Docker image
56+
uses: docker/build-push-action@v5
57+
with:
58+
context: .
59+
platforms: linux/amd64,linux/arm64
60+
push: true
61+
tags: ${{ steps.docker_meta.outputs.tags }}
62+
labels: ${{ steps.docker_meta.outputs.labels }}
63+
build-args: |
64+
GIT_SHA=${{ steps.meta.outputs.git_sha }}
65+
GIT_DIRTY=${{ steps.meta.outputs.git_dirty }}
66+
cache-from: type=gha
67+
cache-to: type=gha,mode=max
68+
69+
- name: Run Trivy vulnerability scanner
70+
uses: aquasecurity/trivy-action@master
71+
with:
72+
image-ref: ${{ env.IMAGE_NAME }}:${{ github.ref_name }}
73+
format: 'sarif'
74+
output: 'trivy-results.sarif'
75+
76+
- name: Upload Trivy scan results to GitHub Security tab
77+
uses: github/codeql-action/upload-sarif@v2
78+
if: always()
79+
with:
80+
sarif_file: 'trivy-results.sarif'
81+
82+
- name: Generate summary
83+
run: |
84+
echo "## 🚀 Docker Release Published" >> $GITHUB_STEP_SUMMARY
85+
echo "" >> $GITHUB_STEP_SUMMARY
86+
echo "**Repository:** \`${{ env.IMAGE_NAME }}\`" >> $GITHUB_STEP_SUMMARY
87+
echo "**Release:** \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
88+
echo "**Tags:**" >> $GITHUB_STEP_SUMMARY
89+
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
90+
echo "${{ steps.docker_meta.outputs.tags }}" >> $GITHUB_STEP_SUMMARY
91+
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
92+
echo "" >> $GITHUB_STEP_SUMMARY
93+
echo "**Git SHA:** \`${{ steps.meta.outputs.git_sha }}\`" >> $GITHUB_STEP_SUMMARY
94+
echo "" >> $GITHUB_STEP_SUMMARY
95+
echo "**Usage:**" >> $GITHUB_STEP_SUMMARY
96+
echo "\`\`\`bash" >> $GITHUB_STEP_SUMMARY
97+
echo "# Latest release" >> $GITHUB_STEP_SUMMARY
98+
echo "docker run --rm ${{ env.IMAGE_NAME }}:${{ github.ref_name }} --help" >> $GITHUB_STEP_SUMMARY
99+
echo "" >> $GITHUB_STEP_SUMMARY
100+
echo "# Specific version" >> $GITHUB_STEP_SUMMARY
101+
echo "docker run --rm ${{ env.IMAGE_NAME }}:latest --help" >> $GITHUB_STEP_SUMMARY
102+
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
103+
echo "" >> $GITHUB_STEP_SUMMARY
104+
echo "🔗 [View on Docker Hub](https://hub.docker.com/r/filipe958/pubsub-sub-bench)" >> $GITHUB_STEP_SUMMARY
105+
echo "🔒 [Security Scan Results](https://github.com/${{ github.repository }}/security/code-scanning)" >> $GITHUB_STEP_SUMMARY

.github/workflows/publish.yml

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,3 +31,59 @@ jobs:
3131
build_command: "make build"
3232
retry: 5
3333
overwrite: true
34+
35+
docker-publish:
36+
runs-on: ubuntu-latest
37+
permissions:
38+
contents: read
39+
packages: write
40+
41+
steps:
42+
- name: Checkout repository
43+
uses: actions/checkout@v4
44+
with:
45+
fetch-depth: 0 # Fetch full history for Git info
46+
47+
- name: Set up Docker Buildx
48+
uses: docker/setup-buildx-action@v3
49+
50+
- name: Log in to Docker Hub
51+
uses: docker/login-action@v3
52+
with:
53+
registry: docker.io
54+
username: ${{ secrets.DOCKER_USERNAME }}
55+
password: ${{ secrets.DOCKER_PASSWORD }}
56+
57+
- name: Extract Git metadata
58+
id: meta
59+
run: |
60+
GIT_SHA=$(git rev-parse HEAD)
61+
GIT_DIRTY=$(git diff --no-ext-diff 2>/dev/null | wc -l)
62+
echo "git_sha=${GIT_SHA}" >> $GITHUB_OUTPUT
63+
echo "git_dirty=${GIT_DIRTY}" >> $GITHUB_OUTPUT
64+
65+
- name: Extract metadata for Docker
66+
id: docker_meta
67+
uses: docker/metadata-action@v5
68+
with:
69+
images: filipe958/pubsub-sub-bench
70+
tags: |
71+
type=ref,event=tag
72+
type=semver,pattern={{version}}
73+
type=semver,pattern={{major}}.{{minor}}
74+
type=semver,pattern={{major}}
75+
type=raw,value=latest,enable={{is_default_branch}}
76+
77+
- name: Build and push Docker image
78+
uses: docker/build-push-action@v5
79+
with:
80+
context: .
81+
platforms: linux/amd64,linux/arm64
82+
push: true
83+
tags: ${{ steps.docker_meta.outputs.tags }}
84+
labels: ${{ steps.docker_meta.outputs.labels }}
85+
build-args: |
86+
GIT_SHA=${{ steps.meta.outputs.git_sha }}
87+
GIT_DIRTY=${{ steps.meta.outputs.git_dirty }}
88+
cache-from: type=gha
89+
cache-to: type=gha,mode=max

0 commit comments

Comments
 (0)