maxmustermann/pulumi
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
pulumi/.github/workflows/container-build.yml

127 lines
3.9 KiB
YAML
Raw Normal View History

Adding the langage SDK specific docker images (#4837) * [WIP] Adding the langage SDK specific docker images Fixes: #3789 * add multiple os build This introduces multiple containers images with various different OS's. The base build is based on debian (symlinked from the Dockerfile.debian) build. We also have UBi based images, and alpine based images * Adding the langage SDK specific docker images Fixes: #3789 * remove alpine builds * test docker readme sync * fix description * fix name of sync task Co-authored-by: Lee Briggs <lee@leebriggs.co.uk>
2020-06-18 02:35:45 +02:00
name: pulumi sdk containers build
on:
repository_dispatch:
types:
- docker-build
-
env:
VERSION: ${{ github.event.client_payload.ref }}
jobs:
base:
name: base sdk image build
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- uses: actions/checkout@master
- name: Build base image
uses: jaxxstorm/action-docker-build@release/v3.beta
with:
repository: pulumi/pulumi-base
buildkit: true
username: "pulumibot"
password: ${{ secrets.DOCKER_HUB_TOKEN }}
dockerfile: docker/base/Dockerfile
additional-tags: ${{ env.VERSION }}
tag-latest: true
build-args: PULUMI_VERSION=${{ env.VERSION }}
- uses: meeDamian/sync-readme@v1.0.6
name: Sync readme to Docker Hub
with:
user: "pulumibot"
pass: ${{ secrets.DOCKER_HUB_TOKEN }}
slug: pulumi/pulumi-base
readme: docker/README.md
description: Pulumi CLI container - bring your own SDK
base_os:
name: os base sdk image build
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
os: [ "ubi", "debian" ]
steps:
- uses: actions/checkout@master
- name: Build base image
uses: jaxxstorm/action-docker-build@release/v3.beta
with:
repository: pulumi/pulumi-base
buildkit: true
username: "pulumibot"
password: ${{ secrets.DOCKER_HUB_TOKEN }}
dockerfile: docker/base/Dockerfile.${{ matrix.os }}
additional-tags: ${{ env.VERSION }}-${{ matrix.os }}
tag-latest: false
build-args: PULUMI_VERSION=${{ env.VERSION }}
sdk:
name: language sdk image
runs-on: ubuntu-latest
needs: base
strategy:
fail-fast: false
matrix:
sdk: [ "nodejs", "python", "dotnet", "go" ]
steps:
- uses: actions/checkout@master
- name: Build image
uses: jaxxstorm/action-docker-build@release/v3.beta
with:
repository: pulumi/pulumi-${{matrix.sdk}}
buildkit: true
username: "pulumibot"
password: ${{ secrets.DOCKER_HUB_TOKEN }}
dockerfile: docker/${{ matrix.sdk }}/Dockerfile
additional-tags: ${{ env.VERSION }}
build-args: PULUMI_VERSION=${{ env.VERSION }}
- uses: meeDamian/sync-readme@v1.0.6
name: Sync readme to Docker Hub
with:
user: "pulumibot"
pass: ${{ secrets.DOCKER_HUB_TOKEN }}
slug: pulumi/pulumi-${{matrix.sdk}}
readme: docker/README.md
description: Pulumi CLI container for ${{ matrix.sdk }}
os_sdk:
name: os language sdk image
runs-on: ubuntu-latest
needs: base_os
strategy:
fail-fast: false
matrix:
sdk: [ "nodejs", "python", "dotnet", "go" ]
os: [ "ubi", "debian" ]
steps:
- uses: actions/checkout@master
- name: Build image
uses: jaxxstorm/action-docker-build@release/v3.beta
with:
repository: pulumi/pulumi-${{matrix.sdk}}
buildkit: true
username: "pulumibot"
password: ${{ secrets.DOCKER_HUB_TOKEN }}
dockerfile: docker/${{ matrix.sdk }}/Dockerfile.${{ matrix.os }}
additional-tags: ${{ env.VERSION }}-${{ matrix.os }}
build-args: PULUMI_VERSION=${{ env.VERSION }}
image-scan:
name: scan container images
runs-on: ubuntu-latest
needs: os_sdk
strategy:
matrix:
image: [ "base", "nodejs", "python", "go" ]
os: [ "ubi" ]
steps:
- uses: actions/checkout@master
- name: Run Snyk to check Docker images for vulnerabilities
uses: snyk/actions/docker@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: pulumi/pulumi-${{matrix.image}}:${{ env.VERSION }}-${{ matrix.os }}
args: --severity-threshold=high --file=docker/${{matrix.image}}/Dockerfile.${{ matrix.os }}
Reference in a new issue Copy permalink