From 0790b3383f19d65f31dbbb5f63a3b0b0423d23e1 Mon Sep 17 00:00:00 2001 From: anjmao Date: Fri, 30 Aug 2024 16:09:46 +0300 Subject: [PATCH 1/4] Push PR image --- .github/workflows/build.yaml | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 16edf87..281cdc7 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -69,6 +69,23 @@ jobs: username: _json_key password: ${{ secrets.ARTIFACT_BUILDER_JSON_KEY }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + if: ${{ github.event_name == 'pull_request' }} + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push pr + if: ${{ github.event_name == 'pull_request' }} + uses: docker/build-push-action@v3 + with: + context: . + push: true + platforms: linux/arm64,linux/amd64 + tags: ghcr.io/castai/k8s-agent:${{ github.sha }} + - name: Build and push main if: github.event_name != 'release' uses: docker/build-push-action@v3 @@ -141,4 +158,10 @@ jobs: with: files: | bin/castai-agent-amd64 - bin/castai-agent-arm64 \ No newline at end of file + bin/castai-agent-arm64 + + - name: Summary + if: ${{ github.event_name == 'pull_request' }} + run: | + echo "**Pushed docker images:**" >> $GITHUB_STEP_SUMMARY + echo "ghcr.io/castai/k8s-agent:${{ github.sha }}" >> $GITHUB_STEP_SUMMARY From 73e1cf6a2b1c9917140f676d181848580d69100b Mon Sep 17 00:00:00 2001 From: anjmao Date: Mon, 2 Sep 2024 14:42:17 +0300 Subject: [PATCH 2/4] Update --- .github/workflows/build.yaml | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 281cdc7..472f651 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -38,6 +38,18 @@ jobs: if: github.event_name == 'release' run: echo "RELEASE_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV + - name: Get merge request latest commit + id: parse-commit + if: ${{ github.event_name == 'pull_request' }} + run: | + msg=$(git show -s --format=%s) + echo "head_commit_message=${msg}" >> $GITHUB_ENV + + - name: Secret Scanning + uses: trufflesecurity/trufflehog@main + with: + extra_args: --only-verified + - name: Build Go binary amd64 run: go build -ldflags "-s -w -X main.GitCommit=$GITHUB_SHA -X main.GitRef=$GITHUB_REF -X main.Version=${RELEASE_TAG:-commit-$GITHUB_SHA}" -o bin/castai-agent-amd64 . env: @@ -56,14 +68,14 @@ jobs: run: go test -race ./... - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to Google Artifact Registry if: github.event_name == 'release' - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: us-docker.pkg.dev username: _json_key @@ -84,7 +96,7 @@ jobs: context: . push: true platforms: linux/arm64,linux/amd64 - tags: ghcr.io/castai/k8s-agent:${{ github.sha }} + tags: ghcr.io/castai/k8s-agent:${{ env.head_commit_sha }} - name: Build and push main if: github.event_name != 'release' From c37d1b9d8c746c5e19ba1f5bdce72543599cd6d2 Mon Sep 17 00:00:00 2001 From: anjmao Date: Mon, 2 Sep 2024 15:05:39 +0300 Subject: [PATCH 3/4] Update --- .github/workflows/build.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 472f651..19ddd3b 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -39,11 +39,12 @@ jobs: run: echo "RELEASE_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - name: Get merge request latest commit - id: parse-commit if: ${{ github.event_name == 'pull_request' }} + id: parse-commit-sha run: | - msg=$(git show -s --format=%s) - echo "head_commit_message=${msg}" >> $GITHUB_ENV + head=$(git rev-parse HEAD) + echo "head_commit_sha=${head}" >> $GITHUB_ENV + echo "Head commit sha ${head}" - name: Secret Scanning uses: trufflesecurity/trufflehog@main From f946ace20cde5541d9e19c6c7873ac5d6adaddd8 Mon Sep 17 00:00:00 2001 From: anjmao Date: Mon, 2 Sep 2024 16:00:25 +0300 Subject: [PATCH 4/4] Update --- .github/workflows/build.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 19ddd3b..85df6ff 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,5 +1,9 @@ name: Build +permissions: + contents: read + packages: write + on: push: branches: