forked from mattermost/mattermost
-
Notifications
You must be signed in to change notification settings - Fork 0
114 lines (99 loc) · 3.87 KB
/
build-server-image.yml
File metadata and controls
114 lines (99 loc) · 3.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
name: BuildEnv Docker Image
on:
push:
branches:
- master
paths:
- server/build/Dockerfile.buildenv
- server/build/Dockerfile.buildenv-fips
- .github/workflows/build-server-image.yml
pull_request:
paths:
- server/build/Dockerfile.buildenv
- server/build/Dockerfile.buildenv-fips
- .github/workflows/build-server-image.yml
workflow_dispatch:
env:
CHAINCTL_IDENTITY: ee399b4c72dd4e58e3d617f78fc47b74733c9557/922f2d48307d6f5f
# Permissions required for chainguard-dev/setup-chainctl
permissions:
id-token: write
contents: read
jobs:
build-image:
runs-on: ubuntu-22.04
steps:
- name: buildenv/checkout-repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: buildenv/docker-login
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: buildenv/build
uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6.17.0
with:
provenance: false
file: server/build/Dockerfile.buildenv
load: true
push: false
pull: false
tags: mattermost/mattermost-build-server:test
- name: buildenv/test
run: |
docker run --rm mattermost/mattermost-build-server:test /bin/sh -c "go version && node --version"
- name: buildenv/calculate-golang-version
id: go
run: |
GO_VERSION=$(docker run --rm mattermost/mattermost-build-server:test go version | awk '{print $3}' | sed 's/go//')
echo "GO_VERSION=${GO_VERSION}" >> "${GITHUB_OUTPUT}"
- name: buildenv/push
if: github.ref == 'refs/heads/master'
uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6.17.0
with:
provenance: false
file: server/build/Dockerfile.buildenv
load: false
push: true
pull: true
tags: mattermost/mattermost-build-server:${{ steps.go.outputs.GO_VERSION }}
build-image-fips:
runs-on: ubuntu-22.04
steps:
- uses: chainguard-dev/setup-chainctl@f4ed65b781b048c44d4f033ae854c025c5531c19 # v0.3.2
with:
identity: ${{ env.CHAINCTL_IDENTITY }}
- name: buildenv/checkout-repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: buildenv/docker-login
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: buildenv/build
uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6.17.0
with:
provenance: false
file: server/build/Dockerfile.buildenv-fips
load: true
push: false
pull: false
tags: mattermost/mattermost-build-server-fips:test
- name: buildenv/test
run: |
docker run --rm --entrypoint bash mattermost/mattermost-build-server-fips:test -c "go version && node --version"
- name: buildenv/calculate-golang-version
id: go
run: |
GO_VERSION=$(docker run --rm --entrypoint bash mattermost/mattermost-build-server-fips:test -c "go version" | awk '{print $3}' | sed 's/go//')
echo "GO_VERSION=${GO_VERSION}" >> "${GITHUB_OUTPUT}"
- name: buildenv/push
if: github.ref == 'refs/heads/master'
uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6.17.0
with:
provenance: false
file: server/build/Dockerfile.buildenv-fips
load: false
push: true
pull: true
tags: mattermost/mattermost-build-server-fips:${{ steps.go.outputs.GO_VERSION }}