removed cosign from docker build

2022-05-03 09:42:17 +02:00 · 2022-05-03 09:42:17 +02:00 · 35a15ab9b6
commit 35a15ab9b6
parent e5ca068ccb
1 changed files with 143 additions and 157 deletions
--- a/.github/workflows/buildReporting.yml
+++ b/.github/workflows/buildReporting.yml
@ -1,157 +1,143 @@
-# This workflow will build a Java project with Maven
+# This workflow will build a Java project with Maven
-# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
+# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
-
+
-name: build
+name: build
-
+
-on:
+on:
-  push:
+  push:
-    branches:
+    branches:
-      - '**'
+      - '**'
-    tags:
+    tags:
-      - '**'
+      - '**'
-  pull_request:
+  pull_request:
-    branches: [master, development]
+    branches: [master, development]
-
+
-jobs:
+jobs:
-  maven-build-reporting:
+  maven-build-reporting:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest
-    steps:
+    steps:
-    -
+    -
-      name: Checkout repository
+      name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v2
-    -
+    -
-      name: Set up JDK 8
+      name: Set up JDK 8
-      uses: actions/setup-java@v2
+      uses: actions/setup-java@v2
-      with:
+      with:
-        java-version: '8'
+        java-version: '8'
-        distribution: 'adopt'
+        distribution: 'adopt'
-    -
+    -
-      name: Cache Maven packages
+      name: Cache Maven packages
-      uses: actions/cache@v2
+      uses: actions/cache@v2
-      with:
+      with:
-        path: ~/.m2
+        path: ~/.m2
-        key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+        key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
-        restore-keys: ${{ runner.os }}-m2
+        restore-keys: ${{ runner.os }}-m2
-    -
+    -
-      name: Build with Maven
+      name: Build with Maven
-      run: mvn clean install -e -P let_reporting
+      run: mvn clean install -e -P let_reporting
-    -
+    -
-      name: Reporting
+      name: Reporting
-      uses: codecov/codecov-action@v1
+      uses: codecov/codecov-action@v1
-      with:
+      with:
-        flags: unittests 
+        flags: unittests 
-        name: SEB Server Build 
+        name: SEB Server Build 
-        fail_ci_if_error: false 
+        fail_ci_if_error: false 
-        verbose: false
+        verbose: false
-
+
-  maven-build-docker:
+  maven-build-docker:
-    needs: maven-build-reporting
+    needs: maven-build-reporting
-    # Run only on tagging
+    # Run only on tagging
-    if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
+    if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest
-    steps:
+    steps:
-    -
+    -
-      name: Get short SHA
+      name: Get short SHA
-      uses: benjlevesque/short-sha@v1.2
+      uses: benjlevesque/short-sha@v1.2
-      id: short-sha
+      id: short-sha
-    -
+    -
-      name: Store short SHA as environment variable
+      name: Store short SHA as environment variable
-      run: echo $SHA
+      run: echo $SHA
-      env: 
+      env: 
-        SHA: ${{ steps.short-sha.outputs.sha }}
+        SHA: ${{ steps.short-sha.outputs.sha }}
-    -
+    -
-      name: Set env
+      name: Set env
-      run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+      run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
-    -
+    -
-      name: Test tag name
+      name: Test tag name
-      run: |
+      run: |
-        echo $TAG_NAME
+        echo $TAG_NAME
-        echo ${{ env.TAG_NAME }}
+        echo ${{ env.TAG_NAME }}
-    -
+    -
-      name: Checkout repository
+      name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v2
-    -
+    -
-      name: Set up JDK 11
+      name: Set up JDK 11
-      uses: actions/setup-java@v2
+      uses: actions/setup-java@v2
-      with:
+      with:
-        java-version: '11'
+        java-version: '11'
-        distribution: 'adopt'
+        distribution: 'adopt'
-    -
+    -
-      name: Cache Maven packages
+      name: Cache Maven packages
-      uses: actions/cache@v2
+      uses: actions/cache@v2
-      with:
+      with:
-        path: ~/.m2
+        path: ~/.m2
-        key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+        key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
-        restore-keys: ${{ runner.os }}-m2
+        restore-keys: ${{ runner.os }}-m2
-    -
+    -
-      name: Build with Maven
+      name: Build with Maven
-      run: mvn clean install -Dmaven.test.skip=true -Dsebserver-version="${{ env.TAG_NAME }}-${{ env.SHA }}" 
+      run: mvn clean install -Dmaven.test.skip=true -Dsebserver-version="${{ env.TAG_NAME }}-${{ env.SHA }}" 
-      env: 
+      env: 
-         sebserver-version: ${{ env.TAG_NAME }}-${{ env.SHA }}
+         sebserver-version: ${{ env.TAG_NAME }}-${{ env.SHA }}
-    -
+    -
-      name: Simplify package name
+      name: Simplify package name
-      run: mv target/seb-server-${{ env.TAG_NAME }}-${{ env.SHA }}.jar target/seb-server.jar
+      run: mv target/seb-server-${{ env.TAG_NAME }}-${{ env.SHA }}.jar target/seb-server.jar
-    -
+    -
-      uses: actions/upload-artifact@v2
+      uses: actions/upload-artifact@v2
-      with:
+      with:
-        name: Package
+        name: Package
-        path: target/seb-server.jar
+        path: target/seb-server.jar
-
+
-  docker-build:
+  docker-build:
-    needs: maven-build-docker
+    needs: maven-build-docker
-    # Run only on tagging
+    # Run only on tagging
-    if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
+    if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest
-    steps:
+    steps:
-    -
+    -
-      name: Set env
+      name: Set env
-      run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+      run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
-    -
+    -
-      name: Test
+      name: Test
-      run: |
+      run: |
-        echo $TAG_NAME
+        echo $TAG_NAME
-        echo ${{ env.TAG_NAME }}
+        echo ${{ env.TAG_NAME }}
-    - 
+    -
-       name: Install Cosign
+      name: Set up QEMU
-       uses: sigstore/cosign-installer@main
+      uses: docker/setup-qemu-action@v1
-    -
+    -
-      name: Set up QEMU
+      name: Set up Docker Buildx
-      uses: docker/setup-qemu-action@v1
+      uses: docker/setup-buildx-action@v1
-    -
+    -
-      name: Set up Docker Buildx
+      name: Login to DockerHub
-      uses: docker/setup-buildx-action@v1
+      uses: docker/login-action@v1 
-    -
+      with:
-      name: Login to DockerHub
+        username: ${{ secrets.DOCKERHUB_USERNAME }}
-      uses: docker/login-action@v1 
+        password: ${{ secrets.DOCKERHUB_TOKEN }}
-      with:
+    -
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
+      name: Checkout repository
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
+      uses: actions/checkout@v2
-    -
+    -
-      name: Checkout repository
+      name: Download a single artifact
-      uses: actions/checkout@v2
+      uses: actions/download-artifact@v2
-    -
+      with:
-      name: Download a single artifact
+          name: Package
-      uses: actions/download-artifact@v2
+    -
-      with:
+      name: Build and push
-          name: Package
+      id: docker_build
-    -
+      uses: docker/build-push-action@v2
-      name: Build and push
+      with:
-      id: docker_build
+        context: .
-      uses: docker/build-push-action@v2
+        file: ./docker/Dockerfile
-      with:
+        push: true
-        context: .
+        tags: |
-        file: ./docker/Dockerfile
+          anhefti/seb-server:${{ env.TAG_NAME }}
        push: true
        tags: |
          anhefti/seb-server:${{ env.TAG_NAME }}
    - 
      name: Write signing key to disk
      run: 'echo "$KEY" > cosign.key'
      shell: bash
      env:
        KEY: ${{ secrets.COSIGN_PRIVATE_KEY }}
    -
      name: Sign the published Docker image
      env:
        COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
      run: echo "$COSIGN_PASSWORD" && cosign sign --key cosign.key docker.io/anhefti/seb-server:${{ env.TAG_NAME }}