From 54f3e18b389520c6bc065398db062705a81a070e Mon Sep 17 00:00:00 2001 From: Robert Schardt Date: Fri, 20 Sep 2024 14:49:20 +0200 Subject: [PATCH 1/9] Refactor container.yml Refactor 'set IS_VERSION_TAG' into determine-tags-action composite action --- .../actions/determine-tags-action/action.yml | 30 +++++++++++ .github/workflows/container.yml | 51 ++++++++----------- 2 files changed, 52 insertions(+), 29 deletions(-) create mode 100644 .github/actions/determine-tags-action/action.yml diff --git a/.github/actions/determine-tags-action/action.yml b/.github/actions/determine-tags-action/action.yml new file mode 100644 index 00000000..7efd2f05 --- /dev/null +++ b/.github/actions/determine-tags-action/action.yml @@ -0,0 +1,30 @@ +name: 'determine-tags-action' +description: 'Determine version and latest tags' +runs: + using: "composite" + steps: + - name: "set IS_VERSION_TAG" + run: | + echo "IS_VERSION_TAG=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}" >> $GITHUB_ENV + # set defaults + echo "IS_LATEST_TAG=false" >> $GITHUB_ENV + - name: "set IS_LATEST_TAG" + if: ( env.IS_VERSION_TAG ) + run: | + # find the latest version that is not ourself + export LATEST_VERSION=$(git tag -l | grep -v '${{ github.ref_name }}' | sort -r --version-sort) + # get major minor patch versions + IFS='.' read -r latest_major latest_minor latest_patch << EOF + $LATEST_VERSION + EOF + IFS='.' read -r tag_major tag_minor tag_patch << EOF + ${{ github.ref_name }} + EOF + # remove leading v + latest_major=$(echo $latest_major | cut -c2-) + tag_major=$(echo $tag_major | cut -c2-) + echo "$tag_major >= $latest_major" + if [[ $tag_major -ge $latest_major && ($tag_minor -ne 0 || $tag_patch -ne 0) ]]; then + # set this tag to latest and stable + echo "IS_LATEST_TAG=true" >> $GITHUB_ENV + fi diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index bba5d6a9..4a561d41 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -9,37 +9,14 @@ on: workflow_dispatch: jobs: - production: - name: Production Images + build-push-debian-stable-container: + name: Build and push debian:stable container runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 - - name: "set IS_VERSION_TAG" - run: | - echo "IS_VERSION_TAG=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}" >> $GITHUB_ENV - # set defaults - echo "IS_LATEST_TAG=false" >> $GITHUB_ENV - - name: "set IS_LATEST_TAG" - if: ( env.IS_VERSION_TAG ) - run: | - # find the latest version that is not ourself - export LATEST_VERSION=$(git tag -l | grep -v '${{ github.ref_name }}' | sort -r --version-sort) - # get major minor patch versions - IFS='.' read -r latest_major latest_minor latest_patch << EOF - $LATEST_VERSION - EOF - IFS='.' read -r tag_major tag_minor tag_patch << EOF - ${{ github.ref_name }} - EOF - # remove leading v - latest_major=$(echo $latest_major | cut -c2-) - tag_major=$(echo $tag_major | cut -c2-) - echo "$tag_major >= $latest_major" - if [[ $tag_major -ge $latest_major && ($tag_minor -ne 0 || $tag_patch -ne 0) ]]; then - # set this tag to latest and stable - echo "IS_LATEST_TAG=true" >> $GITHUB_ENV - fi + - name: determine-tags-action + uses: ./.github/actions/determine-tags-action - name: "Setup meta information debian:stable" id: meta uses: docker/metadata-action@v5 @@ -83,6 +60,14 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + build-push-debian-oldstable-container: + name: Build and push debian:oldstable container + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: determine-tags-action + uses: ./.github/actions/determine-tags-action - name: "Setup meta information debian:oldstable" id: old_stable_meta uses: docker/metadata-action@v5 @@ -110,6 +95,14 @@ jobs: tags: ${{ steps.old_stable_meta.outputs.tags }} labels: ${{ steps.old_stable_meta.outputs.labels }} + build-push-debian-testing-container: + name: Build and push debian:testing container + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: determine-tags-action + uses: ./.github/actions/determine-tags-action - name: "Setup meta information debian:testing" id: testing_meta uses: docker/metadata-action@v5 @@ -139,7 +132,7 @@ jobs: # triggers projects that work with stable branches on a new stable tag trigger-stable-projects: - needs: production + needs: build-push-debian-stable-container if: github.ref_type == 'tag' && startsWith(github.ref_name, 'v') name: Trigger update container images in related projects for new tags strategy: @@ -164,7 +157,7 @@ jobs: ref: main trigger-related-projects: - needs: production + needs: build-push-debian-stable-container if: github.event_name != 'pull_request' name: Trigger update container images in related projects strategy: From 54953c7961c1516235dba47ec5b9a2d1e0cbf07e Mon Sep 17 00:00:00 2001 From: Robert Schardt Date: Fri, 20 Sep 2024 15:01:08 +0200 Subject: [PATCH 2/9] Fix: determine-tags-action by adding shell attribute to steps --- .github/actions/determine-tags-action/action.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/actions/determine-tags-action/action.yml b/.github/actions/determine-tags-action/action.yml index 7efd2f05..c83a0a2f 100644 --- a/.github/actions/determine-tags-action/action.yml +++ b/.github/actions/determine-tags-action/action.yml @@ -8,6 +8,7 @@ runs: echo "IS_VERSION_TAG=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}" >> $GITHUB_ENV # set defaults echo "IS_LATEST_TAG=false" >> $GITHUB_ENV + shell: bash - name: "set IS_LATEST_TAG" if: ( env.IS_VERSION_TAG ) run: | @@ -28,3 +29,4 @@ runs: # set this tag to latest and stable echo "IS_LATEST_TAG=true" >> $GITHUB_ENV fi + shell: bash From 94b80c5ba98c499023afa7c209b2b4b42e6d6fd4 Mon Sep 17 00:00:00 2001 From: Robert Schardt Date: Fri, 20 Sep 2024 15:08:48 +0200 Subject: [PATCH 3/9] Refactor/Fix: Move docker setup to seperate composite action --- .github/actions/setup-docker-action/action.yml | 15 +++++++++++++++ .github/workflows/container.yml | 16 ++++++---------- 2 files changed, 21 insertions(+), 10 deletions(-) create mode 100644 .github/actions/setup-docker-action/action.yml diff --git a/.github/actions/setup-docker-action/action.yml b/.github/actions/setup-docker-action/action.yml new file mode 100644 index 00000000..b32c1e6f --- /dev/null +++ b/.github/actions/setup-docker-action/action.yml @@ -0,0 +1,15 @@ +name: 'setup-docker-action' +description: 'Setup docker buildx' +runs: + using: "composite" + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker Registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index 4a561d41..6b765bc9 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -15,6 +15,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + - name: setup-docker-action + uses: ./.github/actions/setup-docker-action - name: determine-tags-action uses: ./.github/actions/determine-tags-action - name: "Setup meta information debian:stable" @@ -40,16 +42,6 @@ jobs: type=raw,value={{branch}}-{{sha}},enable=${{ github.ref_type == 'branch' && github.event_name == 'push' && github.ref_name != 'main' }} # use pr-$PR_ID for pull requests (will not be uploaded) type=ref,event=pr - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Login to Docker Registry - if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build and push Container image uses: docker/build-push-action@v6 with: @@ -66,6 +58,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + - name: setup-docker-action + uses: ./.github/actions/setup-docker-action - name: determine-tags-action uses: ./.github/actions/determine-tags-action - name: "Setup meta information debian:oldstable" @@ -101,6 +95,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + - name: setup-docker-action + uses: ./.github/actions/setup-docker-action - name: determine-tags-action uses: ./.github/actions/determine-tags-action - name: "Setup meta information debian:testing" From 08eba207ad76b94df49c9e12b2067eeb9b6dfff5 Mon Sep 17 00:00:00 2001 From: Robert Schardt Date: Fri, 20 Sep 2024 15:16:59 +0200 Subject: [PATCH 4/9] Fix: setup-docker-action by adding secrets as inputs --- .github/actions/setup-docker-action/action.yml | 13 ++++++++++--- .github/workflows/container.yml | 9 +++++++++ 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/.github/actions/setup-docker-action/action.yml b/.github/actions/setup-docker-action/action.yml index b32c1e6f..666b4376 100644 --- a/.github/actions/setup-docker-action/action.yml +++ b/.github/actions/setup-docker-action/action.yml @@ -1,5 +1,12 @@ name: 'setup-docker-action' -description: 'Setup docker buildx' +description: 'Setup docker and docker buildx' +inputs: + docker-username: + description: "username for docker registry" + required: true + docker-password: + description: "password for docker registry" + required: true runs: using: "composite" steps: @@ -11,5 +18,5 @@ runs: if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + username: ${{ inputs.docker-username }} + password: ${{ inputs.docker-password }} diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index 6b765bc9..da87b7d7 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -17,6 +17,9 @@ jobs: uses: actions/checkout@v4 - name: setup-docker-action uses: ./.github/actions/setup-docker-action + with: + docker-username: ${{ secrets.DOCKERHUB_USERNAME }} + docker-password: ${{ secrets.DOCKERHUB_TOKEN }} - name: determine-tags-action uses: ./.github/actions/determine-tags-action - name: "Setup meta information debian:stable" @@ -60,6 +63,9 @@ jobs: uses: actions/checkout@v4 - name: setup-docker-action uses: ./.github/actions/setup-docker-action + with: + docker-username: ${{ secrets.DOCKERHUB_USERNAME }} + docker-password: ${{ secrets.DOCKERHUB_TOKEN }} - name: determine-tags-action uses: ./.github/actions/determine-tags-action - name: "Setup meta information debian:oldstable" @@ -97,6 +103,9 @@ jobs: uses: actions/checkout@v4 - name: setup-docker-action uses: ./.github/actions/setup-docker-action + with: + docker-username: ${{ secrets.DOCKERHUB_USERNAME }} + docker-password: ${{ secrets.DOCKERHUB_TOKEN }} - name: determine-tags-action uses: ./.github/actions/determine-tags-action - name: "Setup meta information debian:testing" From 88e18ba1f8c97a4469aa72afb02da10e4228dbda Mon Sep 17 00:00:00 2001 From: Robert Schardt Date: Mon, 23 Sep 2024 13:23:41 +0200 Subject: [PATCH 5/9] Update: Merge container.yml and push.yml --- .github/workflows/push.yml | 78 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 74 insertions(+), 4 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index d9046280..76a04696 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -2,10 +2,10 @@ name: Build and Push to Greenbone Registry on: push: - branches: [ main ] + branches: [ main, stable, oldstable ] tags: ["v*"] pull_request: - branches: [ main ] + branches: [ main, stable, oldstable ] workflow_dispatch: inputs: ref-name: @@ -14,8 +14,8 @@ on: required: true jobs: - build: - name: Build and Push to Greenbone Registry + build-push-debian-stable-container: + name: Build and Push debian:stable to Greenbone Registry uses: greenbone/workflows/.github/workflows/container-build-push-2nd-gen.yml@main with: image-url: community/gvm-libs @@ -24,3 +24,73 @@ jobs: org.opencontainers.image.base.name=debian:stable-slim ref-name: ${{ inputs.ref-name }} secrets: inherit + + build-push-debian-oldstable-container: + name: Build and Push debian:oldstable to Greenbone Registry + uses: greenbone/workflows/.github/workflows/container-build-push-2nd-gen.yml@main + with: + build-docker-file: .docker/prod-oldstable.Dockerfile + image-url: community/gvm-libs + image-labels: | + org.opencontainers.image.vendor=Greenbone + org.opencontainers.image.base.name=debian:stable-slim + ref-name: ${{ inputs.ref-name }} + secrets: inherit + + build-push-debian-testing-container: + name: Build and Push debian:testing to Greenbone Registry + uses: greenbone/workflows/.github/workflows/container-build-push-2nd-gen.yml@main + with: + build-docker-file: .docker/prod-testing.Dockerfile + image-url: community/gvm-libs + image-labels: | + org.opencontainers.image.vendor=Greenbone + org.opencontainers.image.base.name=debian:stable-slim + ref-name: ${{ inputs.ref-name }} + secrets: inherit + + # triggers projects that work with stable branches on a new stable tag + trigger-stable-projects: + needs: build-push-debian-stable-container + if: github.ref_type == 'tag' && startsWith(github.ref_name, 'v') + name: Trigger update container images in related projects for new tags + strategy: + fail-fast: false + matrix: + repository: ["greenbone/gvmd", "greenbone/gsad"] + runs-on: ubuntu-latest + steps: + - name: Trigger ${{ matrix.repository }} build container image build + uses: greenbone/actions/trigger-workflow@v3 + with: + token: ${{ secrets.GREENBONE_BOT_TOKEN }} + repository: ${{ matrix.repository }} + workflow: build-container.yml + ref: main + - name: Trigger ${{ matrix.repository }} container image build + uses: greenbone/actions/trigger-workflow@v3 + with: + token: ${{ secrets.GREENBONE_BOT_TOKEN }} + repository: ${{ matrix.repository }} + workflow: container.yml + ref: main + + trigger-related-projects: + needs: build-push-debian-stable-container + if: github.event_name != 'pull_request' + name: Trigger update container images in related projects + strategy: + fail-fast: false + matrix: + repository: + - "greenbone/openvas-scanner" + - "greenbone/boreas" + runs-on: ubuntu-latest + steps: + - name: Trigger main ${{ matrix.repository }} container image build + uses: greenbone/actions/trigger-workflow@v3 + with: + token: ${{ secrets.GREENBONE_BOT_TOKEN }} + repository: ${{ matrix.repository }} + workflow: ${{ matrix.repository == 'greenbone/openvas-scanner' && 'control.yml' || 'container.yml' }} + ref: main From 68e2b1c9820f3cab0e360d93a83756a0f8032fb5 Mon Sep 17 00:00:00 2001 From: Robert Schardt Date: Mon, 23 Sep 2024 13:29:22 +0200 Subject: [PATCH 6/9] Remove deprecated Actions and Workflows --- .../actions/determine-tags-action/action.yml | 32 --- .../actions/setup-docker-action/action.yml | 22 --- .github/workflows/container.yml | 182 ------------------ 3 files changed, 236 deletions(-) delete mode 100644 .github/actions/determine-tags-action/action.yml delete mode 100644 .github/actions/setup-docker-action/action.yml delete mode 100644 .github/workflows/container.yml diff --git a/.github/actions/determine-tags-action/action.yml b/.github/actions/determine-tags-action/action.yml deleted file mode 100644 index c83a0a2f..00000000 --- a/.github/actions/determine-tags-action/action.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: 'determine-tags-action' -description: 'Determine version and latest tags' -runs: - using: "composite" - steps: - - name: "set IS_VERSION_TAG" - run: | - echo "IS_VERSION_TAG=${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}" >> $GITHUB_ENV - # set defaults - echo "IS_LATEST_TAG=false" >> $GITHUB_ENV - shell: bash - - name: "set IS_LATEST_TAG" - if: ( env.IS_VERSION_TAG ) - run: | - # find the latest version that is not ourself - export LATEST_VERSION=$(git tag -l | grep -v '${{ github.ref_name }}' | sort -r --version-sort) - # get major minor patch versions - IFS='.' read -r latest_major latest_minor latest_patch << EOF - $LATEST_VERSION - EOF - IFS='.' read -r tag_major tag_minor tag_patch << EOF - ${{ github.ref_name }} - EOF - # remove leading v - latest_major=$(echo $latest_major | cut -c2-) - tag_major=$(echo $tag_major | cut -c2-) - echo "$tag_major >= $latest_major" - if [[ $tag_major -ge $latest_major && ($tag_minor -ne 0 || $tag_patch -ne 0) ]]; then - # set this tag to latest and stable - echo "IS_LATEST_TAG=true" >> $GITHUB_ENV - fi - shell: bash diff --git a/.github/actions/setup-docker-action/action.yml b/.github/actions/setup-docker-action/action.yml deleted file mode 100644 index 666b4376..00000000 --- a/.github/actions/setup-docker-action/action.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: 'setup-docker-action' -description: 'Setup docker and docker buildx' -inputs: - docker-username: - description: "username for docker registry" - required: true - docker-password: - description: "password for docker registry" - required: true -runs: - using: "composite" - steps: - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Login to Docker Registry - if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - username: ${{ inputs.docker-username }} - password: ${{ inputs.docker-password }} diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml deleted file mode 100644 index da87b7d7..00000000 --- a/.github/workflows/container.yml +++ /dev/null @@ -1,182 +0,0 @@ -name: Container Image Builds - -on: - push: - branches: [main, stable, oldstable] - tags: ["v*"] - pull_request: - branches: [main, stable, oldstable] - workflow_dispatch: - -jobs: - build-push-debian-stable-container: - name: Build and push debian:stable container - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: setup-docker-action - uses: ./.github/actions/setup-docker-action - with: - docker-username: ${{ secrets.DOCKERHUB_USERNAME }} - docker-password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: determine-tags-action - uses: ./.github/actions/determine-tags-action - - name: "Setup meta information debian:stable" - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ github.repository }} - labels: | - org.opencontainers.image.vendor=Greenbone - org.opencontainers.image.base.name=debian:stable-slim - flavor: latest=false # no auto latest container tag for git tags - tags: | - # when IS_LATEST_TAG is set create a stable and a latest tag - type=raw,value=latest,enable=${{ env.IS_LATEST_TAG }} - type=raw,value=stable,enable=${{ env.IS_LATEST_TAG }} - # if tag version is set than create a version tags - type=semver,pattern={{version}},enable=${{ env.IS_VERSION_TAG }} - type=semver,pattern={{major}}.{{minor}},enable=${{ env.IS_VERSION_TAG }} - type=semver,pattern={{major}},enable=${{ env.IS_VERSION_TAG }} - # if we are on the main branch set edge - type=edge,branch=main - # use branch-sha otherwise for pushes to branches other then main (will not be uploaded) - type=raw,value={{branch}}-{{sha}},enable=${{ github.ref_type == 'branch' && github.event_name == 'push' && github.ref_name != 'main' }} - # use pr-$PR_ID for pull requests (will not be uploaded) - type=ref,event=pr - - name: Build and push Container image - uses: docker/build-push-action@v6 - with: - context: . - push: ${{ github.event_name != 'pull_request' && (github.ref_type == 'tag' || github.ref_name == 'main') }} - file: .docker/prod.Dockerfile - platforms: linux/amd64,linux/arm64 - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - build-push-debian-oldstable-container: - name: Build and push debian:oldstable container - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: setup-docker-action - uses: ./.github/actions/setup-docker-action - with: - docker-username: ${{ secrets.DOCKERHUB_USERNAME }} - docker-password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: determine-tags-action - uses: ./.github/actions/determine-tags-action - - name: "Setup meta information debian:oldstable" - id: old_stable_meta - uses: docker/metadata-action@v5 - with: - images: ${{ github.repository }} - labels: | - org.opencontainers.image.vendor=Greenbone - org.opencontainers.image.base.name=debian:stable-slim - flavor: latest=false # no auto latest container tag for git tags - tags: | - # for the images provided for debian:oldstable we just provide - # oldstable on an new version or oldstable-edge when it is on main. - # oldstable-branch-sha on a branch - type=raw,value=oldstable,enable=${{ env.IS_LATEST_TAG }} - type=raw,value=oldstable-edge,enable=${{ github.ref_name == 'main' }} - type=raw,value=oldstable-{{branch}}-{{sha}},enable=${{ github.ref_type == 'branch' && github.event_name == 'push' && github.ref_name != 'main' }} - type=ref,event=pr - - name: Build and push Container image - uses: docker/build-push-action@v6 - with: - context: . - push: ${{ github.event_name != 'pull_request' && (github.ref_type == 'tag' || github.ref_name == 'main') }} - file: .docker/prod-oldstable.Dockerfile - platforms: linux/amd64,linux/arm64 - tags: ${{ steps.old_stable_meta.outputs.tags }} - labels: ${{ steps.old_stable_meta.outputs.labels }} - - build-push-debian-testing-container: - name: Build and push debian:testing container - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: setup-docker-action - uses: ./.github/actions/setup-docker-action - with: - docker-username: ${{ secrets.DOCKERHUB_USERNAME }} - docker-password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: determine-tags-action - uses: ./.github/actions/determine-tags-action - - name: "Setup meta information debian:testing" - id: testing_meta - uses: docker/metadata-action@v5 - with: - images: ${{ github.repository }} - labels: | - org.opencontainers.image.vendor=Greenbone - org.opencontainers.image.base.name=debian:testing-slim - flavor: latest=false # no auto latest container tag for git tags - tags: | - # for the images provided for debian:testing we just provide - # testing on an new version or testing-edge when it is on main. - # testing-branch-sha on a branch - type=raw,value=testing,enable=${{ env.IS_LATEST_TAG }} - type=raw,value=testing-edge,enable=${{ github.ref_name == 'main' }} - type=raw,value=testing-{{branch}}-{{sha}},enable=${{ github.ref_type == 'branch' && github.event_name == 'push' && github.ref_name != 'main' }} - type=ref,event=pr - - name: Build and push Container image - uses: docker/build-push-action@v6 - with: - context: . - push: ${{ github.event_name != 'pull_request' && (github.ref_type == 'tag' || github.ref_name == 'main') }} - file: .docker/prod-testing.Dockerfile - platforms: linux/amd64,linux/arm64 - tags: ${{ steps.testing_meta.outputs.tags }} - labels: ${{ steps.testing_meta.outputs.labels }} - - # triggers projects that work with stable branches on a new stable tag - trigger-stable-projects: - needs: build-push-debian-stable-container - if: github.ref_type == 'tag' && startsWith(github.ref_name, 'v') - name: Trigger update container images in related projects for new tags - strategy: - fail-fast: false - matrix: - repository: ["greenbone/gvmd", "greenbone/gsad"] - runs-on: ubuntu-latest - steps: - - name: Trigger ${{ matrix.repository }} build container image build - uses: greenbone/actions/trigger-workflow@v3 - with: - token: ${{ secrets.GREENBONE_BOT_TOKEN }} - repository: ${{ matrix.repository }} - workflow: build-container.yml - ref: main - - name: Trigger ${{ matrix.repository }} container image build - uses: greenbone/actions/trigger-workflow@v3 - with: - token: ${{ secrets.GREENBONE_BOT_TOKEN }} - repository: ${{ matrix.repository }} - workflow: container.yml - ref: main - - trigger-related-projects: - needs: build-push-debian-stable-container - if: github.event_name != 'pull_request' - name: Trigger update container images in related projects - strategy: - fail-fast: false - matrix: - repository: - - "greenbone/openvas-scanner" - - "greenbone/boreas" - runs-on: ubuntu-latest - steps: - - name: Trigger main ${{ matrix.repository }} container image build - uses: greenbone/actions/trigger-workflow@v3 - with: - token: ${{ secrets.GREENBONE_BOT_TOKEN }} - repository: ${{ matrix.repository }} - workflow: ${{ matrix.repository == 'greenbone/openvas-scanner' && 'control.yml' || 'container.yml' }} - ref: main From cd505610d4f07b4ba84895c10c507e8f543d5036 Mon Sep 17 00:00:00 2001 From: Robert Schardt Date: Mon, 23 Sep 2024 14:28:15 +0200 Subject: [PATCH 7/9] Update: Remove stable, oldstable branches from CI trigger --- .github/workflows/push.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 76a04696..e1ee80e7 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -2,10 +2,10 @@ name: Build and Push to Greenbone Registry on: push: - branches: [ main, stable, oldstable ] + branches: [ main ] tags: ["v*"] pull_request: - branches: [ main, stable, oldstable ] + branches: [ main ] workflow_dispatch: inputs: ref-name: From 1421373b349a2e1ded22e944380b7ab2e0ed75ab Mon Sep 17 00:00:00 2001 From: robert-schardt Date: Wed, 25 Sep 2024 11:49:04 +0200 Subject: [PATCH 8/9] Trigger CI --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index e1ee80e7..cb0b9367 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -1,4 +1,4 @@ -name: Build and Push to Greenbone Registry +name: Build & Push to Greenbone Registry on: push: From 972bf1b1fa46ae41eb9434c96c0f5daa77477137 Mon Sep 17 00:00:00 2001 From: Robert Schardt Date: Thu, 26 Sep 2024 10:22:07 +0200 Subject: [PATCH 9/9] Change: Add base-image-label for oldstable and testing --- .github/workflows/push.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index cb0b9367..6399e0bd 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -34,6 +34,7 @@ jobs: image-labels: | org.opencontainers.image.vendor=Greenbone org.opencontainers.image.base.name=debian:stable-slim + base-image-label: "oldstable" ref-name: ${{ inputs.ref-name }} secrets: inherit @@ -42,10 +43,11 @@ jobs: uses: greenbone/workflows/.github/workflows/container-build-push-2nd-gen.yml@main with: build-docker-file: .docker/prod-testing.Dockerfile - image-url: community/gvm-libs + image-url: community/gvm-li image-labels: | org.opencontainers.image.vendor=Greenbone org.opencontainers.image.base.name=debian:stable-slim + base-image-label: "testing" ref-name: ${{ inputs.ref-name }} secrets: inherit