Skip to content

feat(github-action): update docker/build-push-action ( v6.0.2 → v6.1.0 ) #159

feat(github-action): update docker/build-push-action ( v6.0.2 → v6.1.0 )

feat(github-action): update docker/build-push-action ( v6.0.2 → v6.1.0 ) #159

Workflow file for this run

---
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: "Publish Kubernetes Schemas"
on:
# Allows manually triggering the workflow from the Github Actions UI
workflow_dispatch: {}
# Runs the workflow weekly at midnight (UTC)
schedule:
- cron: "0 0 * * 0"
push:
branches:
- "main"
paths:
- ".github/workflows/schemas.yaml"
env:
OCI_REPO: "oci://ghcr.io/szinn/kubernetes-schemas/${{ github.event.repository.name }}"
jobs:
publish-kubernetes-schemas:
name: Publish Kubernetes Schemas
runs-on: ["k8s-homelab"]
permissions:
contents: read
packages: write
steps:
- name: Setup Tools
shell: bash
run: |
sudo apt-get -qq update && \
sudo apt-get -qq install --no-install-recommends -y curl unzip git
- name: Setup Flux CLI
uses: fluxcd/flux2/action@main
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Kube Tools
uses: yokawasa/action-setup-kube-tools@5fe385031665158529decddddb51d6224422836e # v0.11.1
with:
setup-tools: kubectl
- name: Setup Python
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
with:
python-version: "3.11"
- name: Write kubeconfig
id: kubeconfig
uses: timheuer/base64-to-file@adaa40c0c581f276132199d4cf60afa07ce60eac # v1.2
with:
encodedString: ${{ secrets.KUBECONFIG }}
fileName: kubeconfig
- name: Generate Token
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1
id: app-token
with:
app-id: "${{ secrets.BOT_APP_ID }}"
private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
token: "${{ steps.app-token.outputs.token }}"
- name: Download and run crd-extractor
env:
KUBECONFIG: "${{ steps.kubeconfig.outputs.filePath }}"
shell: bash
run: |
curl -fsSL -o "${GITHUB_WORKSPACE}/crd-extractor.sh" \
https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/Utilities/crd-extractor.sh
chmod +x "${GITHUB_WORKSPACE}/crd-extractor.sh"
bash "${GITHUB_WORKSPACE}/crd-extractor.sh"
- name: Login to GHCR
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Publish schemas as OCI
run: |
flux push artifact "${OCI_REPO}:$(git rev-parse --short HEAD)" \
--path="/home/runner/.datree/crdSchemas" \
--source="${{ github.repositoryUrl }}" \
--revision="main"
publish-kubernetes-schemas-web:
runs-on: ubuntu-latest
needs: ["publish-kubernetes-schemas"]
steps:
- name: Generate Token
uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1
id: app-token
with:
app-id: "${{ secrets.BOT_APP_ID }}"
private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
with:
token: "${{ steps.app-token.outputs.token }}"
- name: Setup Flux CLI
uses: fluxcd/flux2/action@main
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Setup QEMU
uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
- name: Login to GHCR
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Pull schemas as OCI
run: |
mkdir -p /home/runner/crdSchemas
flux pull artifact "${OCI_REPO}:$(git rev-parse --short HEAD)" --output /home/runner/crdSchemas
- name: Write nginx-unprivileged Dockerfile
run: |
cat <<EOF > /home/runner/crdSchemas/Dockerfile
FROM docker.io/nginxinc/nginx-unprivileged:latest
COPY --chown=nginx:nginx --chmod=755 . /usr/share/nginx/html
USER nginx
EOF
- name: Publish schemas as web container
uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0
with:
context: /home/runner/crdSchemas
platforms: linux/amd64,linux/arm64
file: /home/runner/crdSchemas/Dockerfile
push: true
tags: |
ghcr.io/szinn/kubernetes-schemas-web:latest
cache-from: type=gha
cache-to: type=gha,mode=max
labels: |
org.opencontainers.image.source="${{ github.repositoryUrl }}"
org.opencontainers.image.authors="Scotte Zinn <[email protected]>"