mirror of
https://github.com/kubevela/kubevela.git
synced 2026-02-14 18:10:21 +00:00
d487012468
Signed-off-by: Shivin Gopalani <gopalanishivin@gmail.com> Signed-off-by: Ayush <ayushshyam.official.888@gmail.com> Co-authored-by: Ayush Kumar <aykumar@guidewire.com>
153 lines
5.5 KiB
YAML
153 lines
5.5 KiB
YAML
name: Registry
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
tags:
|
|
- "v*"
|
|
workflow_dispatch: {}
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
publish-core-images:
|
|
name: Build and Push Vela Images
|
|
permissions:
|
|
packages: write
|
|
runs-on: ubuntu-22.04
|
|
outputs:
|
|
vela_core_image: ${{ steps.meta-vela-core.outputs.image }}
|
|
vela_core_digest: ${{ steps.meta-vela-core.outputs.digest }}
|
|
vela_cli_image: ${{ steps.meta-vela-cli.outputs.image }}
|
|
vela_cli_digest: ${{ steps.meta-vela-cli.outputs.digest }}
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608
|
|
|
|
- name: Get the version
|
|
id: get_version
|
|
run: |
|
|
VERSION=${GITHUB_REF#refs/tags/}
|
|
if [[ ${GITHUB_REF} == "refs/heads/master" ]]; then
|
|
VERSION=latest
|
|
fi
|
|
echo "VERSION=${VERSION}" >> $GITHUB_OUTPUT
|
|
|
|
- name: Get git revision
|
|
id: vars
|
|
shell: bash
|
|
run: |
|
|
echo "git_revision=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
|
|
|
|
- name: Login to GHCR
|
|
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Login to DockerHub
|
|
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
|
|
with:
|
|
registry: docker.io
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
|
|
- uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
|
|
- uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
|
|
with:
|
|
driver-opts: image=moby/buildkit:master
|
|
|
|
- uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
|
|
name: Build & Push Vela Core for Dockerhub, GHCR
|
|
with:
|
|
context: .
|
|
file: Dockerfile
|
|
labels: |
|
|
org.opencontainers.image.source=https://github.com/${{ github.repository }}
|
|
org.opencontainers.image.revision=${{ github.sha }}
|
|
platforms: linux/amd64,linux/arm64
|
|
push: ${{ github.event_name != 'pull_request' }}
|
|
build-args: |
|
|
GITVERSION=git-${{ steps.vars.outputs.git_revision }}
|
|
VERSION=${{ steps.get_version.outputs.VERSION }}
|
|
GOPROXY=https://proxy.golang.org
|
|
tags: |
|
|
docker.io/oamdev/vela-core:${{ steps.get_version.outputs.VERSION }}
|
|
ghcr.io/${{ github.repository_owner }}/oamdev/vela-core:${{ steps.get_version.outputs.VERSION }}
|
|
|
|
- uses: imjasonh/setup-crane@v0.1
|
|
name: Installs Crane
|
|
|
|
- name: Get Vela Core Image Digest
|
|
id: meta-vela-core
|
|
run: |
|
|
IMAGE=ghcr.io/${{ github.repository_owner }}/oamdev/vela-core
|
|
TAG=${{ steps.get_version.outputs.VERSION }}
|
|
DIGEST=$(crane digest $IMAGE:$TAG)
|
|
echo "image=$IMAGE" >> $GITHUB_OUTPUT
|
|
echo "digest=$DIGEST" >> $GITHUB_OUTPUT
|
|
|
|
- uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
|
|
name: Build & Push Vela CLI for Dockerhub, GHCR
|
|
with:
|
|
context: .
|
|
file: Dockerfile.cli
|
|
labels: |
|
|
org.opencontainers.image.source=https://github.com/${{ github.repository }}
|
|
org.opencontainers.image.revision=${{ github.sha }}
|
|
platforms: linux/amd64,linux/arm64
|
|
push: ${{ github.event_name != 'pull_request' }}
|
|
build-args: |
|
|
GITVERSION=git-${{ steps.vars.outputs.git_revision }}
|
|
VERSION=${{ steps.get_version.outputs.VERSION }}
|
|
GOPROXY=https://proxy.golang.org
|
|
tags: |
|
|
docker.io/oamdev/vela-cli:${{ steps.get_version.outputs.VERSION }}
|
|
ghcr.io/${{ github.repository_owner }}/oamdev/vela-cli:${{ steps.get_version.outputs.VERSION }}
|
|
|
|
- name: Get Vela CLI Image Digest
|
|
id: meta-vela-cli
|
|
run: |
|
|
IMAGE=ghcr.io/${{ github.repository_owner }}/oamdev/vela-cli
|
|
TAG=${{ steps.get_version.outputs.VERSION }}
|
|
DIGEST=$(crane digest $IMAGE:$TAG)
|
|
echo "image=$IMAGE" >> $GITHUB_OUTPUT
|
|
echo "digest=$DIGEST" >> $GITHUB_OUTPUT
|
|
|
|
provenance-vela-core:
|
|
name: Generate Provenance for Vela Core
|
|
needs: publish-core-images
|
|
if: startsWith(github.ref, 'refs/tags/')
|
|
permissions:
|
|
id-token: write
|
|
contents: write
|
|
actions: read
|
|
packages: write
|
|
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0 # has to be sem var
|
|
with:
|
|
image: ${{ needs.publish-core-images.outputs.vela_core_image }}
|
|
digest: ${{ needs.publish-core-images.outputs.vela_core_digest }}
|
|
registry-username: ${{ github.actor }}
|
|
secrets:
|
|
registry-password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
provenance-vela-cli:
|
|
name: Generate Provenance for Vela CLI
|
|
needs: publish-core-images
|
|
if: startsWith(github.ref, 'refs/tags/')
|
|
permissions:
|
|
id-token: write
|
|
contents: write
|
|
actions: read
|
|
packages: write
|
|
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0 # has to be sem var
|
|
with:
|
|
image: ${{ needs.publish-core-images.outputs.vela_cli_image }}
|
|
digest: ${{ needs.publish-core-images.outputs.vela_cli_digest }}
|
|
registry-username: ${{ github.actor }}
|
|
secrets:
|
|
registry-password: ${{ secrets.GITHUB_TOKEN }}
|