removed cosign from docker build
This commit is contained in:
anhefti
parent
e5ca068ccb
commit
35a15ab9b6
1 changed files with 143 additions and 157 deletions
300
.github/workflows/buildReporting.yml
vendored
300
.github/workflows/buildReporting.yml
vendored
|
|
@ -1,157 +1,143 @@
|
|||
# This workflow will build a Java project with Maven
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
|
||||
|
||||
name: build
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- '**'
|
||||
tags:
|
||||
- '**'
|
||||
pull_request:
|
||||
branches: [master, development]
|
||||
|
||||
jobs:
|
||||
maven-build-reporting:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Set up JDK 8
|
||||
uses: actions/setup-java@v2
|
||||
with:
|
||||
java-version: '8'
|
||||
distribution: 'adopt'
|
||||
-
|
||||
name: Cache Maven packages
|
||||
uses: actions/cache@v2
|
||||
with:
|
||||
path: ~/.m2
|
||||
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
||||
restore-keys: ${{ runner.os }}-m2
|
||||
-
|
||||
name: Build with Maven
|
||||
run: mvn clean install -e -P let_reporting
|
||||
-
|
||||
name: Reporting
|
||||
uses: codecov/codecov-action@v1
|
||||
with:
|
||||
flags: unittests
|
||||
name: SEB Server Build
|
||||
fail_ci_if_error: false
|
||||
verbose: false
|
||||
|
||||
maven-build-docker:
|
||||
needs: maven-build-reporting
|
||||
# Run only on tagging
|
||||
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Get short SHA
|
||||
uses: benjlevesque/short-sha@v1.2
|
||||
id: short-sha
|
||||
-
|
||||
name: Store short SHA as environment variable
|
||||
run: echo $SHA
|
||||
env:
|
||||
SHA: ${{ steps.short-sha.outputs.sha }}
|
||||
-
|
||||
name: Set env
|
||||
run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
|
||||
-
|
||||
name: Test tag name
|
||||
run: |
|
||||
echo $TAG_NAME
|
||||
echo ${{ env.TAG_NAME }}
|
||||
-
|
||||
name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Set up JDK 11
|
||||
uses: actions/setup-java@v2
|
||||
with:
|
||||
java-version: '11'
|
||||
distribution: 'adopt'
|
||||
-
|
||||
name: Cache Maven packages
|
||||
uses: actions/cache@v2
|
||||
with:
|
||||
path: ~/.m2
|
||||
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
||||
restore-keys: ${{ runner.os }}-m2
|
||||
-
|
||||
name: Build with Maven
|
||||
run: mvn clean install -Dmaven.test.skip=true -Dsebserver-version="${{ env.TAG_NAME }}-${{ env.SHA }}"
|
||||
env:
|
||||
sebserver-version: ${{ env.TAG_NAME }}-${{ env.SHA }}
|
||||
-
|
||||
name: Simplify package name
|
||||
run: mv target/seb-server-${{ env.TAG_NAME }}-${{ env.SHA }}.jar target/seb-server.jar
|
||||
-
|
||||
uses: actions/upload-artifact@v2
|
||||
with:
|
||||
name: Package
|
||||
path: target/seb-server.jar
|
||||
|
||||
docker-build:
|
||||
needs: maven-build-docker
|
||||
# Run only on tagging
|
||||
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Set env
|
||||
run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
|
||||
-
|
||||
name: Test
|
||||
run: |
|
||||
echo $TAG_NAME
|
||||
echo ${{ env.TAG_NAME }}
|
||||
-
|
||||
name: Install Cosign
|
||||
uses: sigstore/cosign-installer@main
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
-
|
||||
name: Login to DockerHub
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
-
|
||||
name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Download a single artifact
|
||||
uses: actions/download-artifact@v2
|
||||
with:
|
||||
name: Package
|
||||
-
|
||||
name: Build and push
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
context: .
|
||||
file: ./docker/Dockerfile
|
||||
push: true
|
||||
tags: |
|
||||
anhefti/seb-server:${{ env.TAG_NAME }}
|
||||
-
|
||||
name: Write signing key to disk
|
||||
run: 'echo "$KEY" > cosign.key'
|
||||
shell: bash
|
||||
env:
|
||||
KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
|
||||
-
|
||||
name: Sign the published Docker image
|
||||
env:
|
||||
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
|
||||
run: echo "$COSIGN_PASSWORD" && cosign sign --key cosign.key docker.io/anhefti/seb-server:${{ env.TAG_NAME }}
|
||||
# This workflow will build a Java project with Maven
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
|
||||
|
||||
name: build
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- '**'
|
||||
tags:
|
||||
- '**'
|
||||
pull_request:
|
||||
branches: [master, development]
|
||||
|
||||
jobs:
|
||||
maven-build-reporting:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Set up JDK 8
|
||||
uses: actions/setup-java@v2
|
||||
with:
|
||||
java-version: '8'
|
||||
distribution: 'adopt'
|
||||
-
|
||||
name: Cache Maven packages
|
||||
uses: actions/cache@v2
|
||||
with:
|
||||
path: ~/.m2
|
||||
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
||||
restore-keys: ${{ runner.os }}-m2
|
||||
-
|
||||
name: Build with Maven
|
||||
run: mvn clean install -e -P let_reporting
|
||||
-
|
||||
name: Reporting
|
||||
uses: codecov/codecov-action@v1
|
||||
with:
|
||||
flags: unittests
|
||||
name: SEB Server Build
|
||||
fail_ci_if_error: false
|
||||
verbose: false
|
||||
|
||||
maven-build-docker:
|
||||
needs: maven-build-reporting
|
||||
# Run only on tagging
|
||||
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Get short SHA
|
||||
uses: benjlevesque/short-sha@v1.2
|
||||
id: short-sha
|
||||
-
|
||||
name: Store short SHA as environment variable
|
||||
run: echo $SHA
|
||||
env:
|
||||
SHA: ${{ steps.short-sha.outputs.sha }}
|
||||
-
|
||||
name: Set env
|
||||
run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
|
||||
-
|
||||
name: Test tag name
|
||||
run: |
|
||||
echo $TAG_NAME
|
||||
echo ${{ env.TAG_NAME }}
|
||||
-
|
||||
name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Set up JDK 11
|
||||
uses: actions/setup-java@v2
|
||||
with:
|
||||
java-version: '11'
|
||||
distribution: 'adopt'
|
||||
-
|
||||
name: Cache Maven packages
|
||||
uses: actions/cache@v2
|
||||
with:
|
||||
path: ~/.m2
|
||||
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
||||
restore-keys: ${{ runner.os }}-m2
|
||||
-
|
||||
name: Build with Maven
|
||||
run: mvn clean install -Dmaven.test.skip=true -Dsebserver-version="${{ env.TAG_NAME }}-${{ env.SHA }}"
|
||||
env:
|
||||
sebserver-version: ${{ env.TAG_NAME }}-${{ env.SHA }}
|
||||
-
|
||||
name: Simplify package name
|
||||
run: mv target/seb-server-${{ env.TAG_NAME }}-${{ env.SHA }}.jar target/seb-server.jar
|
||||
-
|
||||
uses: actions/upload-artifact@v2
|
||||
with:
|
||||
name: Package
|
||||
path: target/seb-server.jar
|
||||
|
||||
docker-build:
|
||||
needs: maven-build-docker
|
||||
# Run only on tagging
|
||||
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Set env
|
||||
run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
|
||||
-
|
||||
name: Test
|
||||
run: |
|
||||
echo $TAG_NAME
|
||||
echo ${{ env.TAG_NAME }}
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
-
|
||||
name: Login to DockerHub
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
-
|
||||
name: Checkout repository
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Download a single artifact
|
||||
uses: actions/download-artifact@v2
|
||||
with:
|
||||
name: Package
|
||||
-
|
||||
name: Build and push
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
context: .
|
||||
file: ./docker/Dockerfile
|
||||
push: true
|
||||
tags: |
|
||||
anhefti/seb-server:${{ env.TAG_NAME }}
|
||||
Loading…
Reference in a new issue