Update vulnerable dependencies (#139) #13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Copyright (c) 2023 Red Hat, Inc. | |
| # This program and the accompanying materials are made | |
| # available under the terms of the Eclipse Public License 2.0 | |
| # which is available at https://www.eclipse.org/legal/epl-2.0/ | |
| # | |
| # SPDX-License-Identifier: EPL-2.0 | |
| # | |
| # Contributors: | |
| # Red Hat, Inc. - initial API and implementation | |
| # | |
| name: Che Configbump Next Build | |
| on: | |
| workflow_dispatch: | |
| inputs: {} | |
| push: | |
| branches: | |
| - main | |
| env: | |
| IMAGE: quay.io/che-incubator/configbump | |
| jobs: | |
| build-images: | |
| runs-on: ubuntu-22.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [amd64,arm64] | |
| outputs: | |
| amd64: ${{ steps.result.outputs.amd64 }} | |
| arm64: ${{ steps.result.outputs.arm64 }} | |
| steps: | |
| - | |
| name: "Checkout Che Configbump source code" | |
| uses: actions/checkout@v3 | |
| - | |
| name: "Set up QEMU" | |
| uses: docker/setup-qemu-action@v2 | |
| - | |
| name: "Set up Docker Buildx ${{ matrix.arch }}" | |
| uses: docker/setup-buildx-action@v2 | |
| - | |
| name: "Login to quay.io" | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_PASSWORD }} | |
| - | |
| name: "Build and push ${{ matrix.arch }}" | |
| uses: docker/build-push-action@v3 | |
| with: | |
| context: . | |
| file: ./build/dockerfiles/Dockerfile | |
| platforms: linux/${{ matrix.arch }} | |
| push: true | |
| provenance: false | |
| tags: ${{ env.IMAGE }}:${{ matrix.arch }}-next | |
| - | |
| id: result | |
| name: "Build result outputs version" | |
| if: ${{ success() }} | |
| run: echo "${{ matrix.arch }}=${{ matrix.arch }}-next" >> $GITHUB_OUTPUT | |
| create-manifest: | |
| if: always() | |
| needs: build-images | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - | |
| name: "Docker quay.io Login" | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_USERNAME }} | |
| password: ${{ secrets.QUAY_PASSWORD }} | |
| - | |
| name: "Create and push manifest" | |
| run: | | |
| AMEND="" | |
| AMD64_VERSION="${{ needs['build-images'].outputs.amd64 }}" | |
| if [ -n "$AMD64_VERSION" ]; then | |
| AMEND+=" --amend ${{ env.IMAGE }}:$AMD64_VERSION"; | |
| fi | |
| ARM64_VERSION="${{ needs['build-images'].outputs.arm64 }}" | |
| if [ -n "$ARM64_VERSION" ]; then | |
| AMEND+=" --amend ${{ env.IMAGE }}:$ARM64_VERSION"; | |
| fi | |
| if [ -z "$AMEND" ]; then | |
| echo "[!] The job 'build-images' didn't provide any outputs. Can't create the manifest list." | |
| exit 1; | |
| fi | |
| docker manifest create ${{ env.IMAGE }}:next $AMEND | |
| docker manifest push ${{ env.IMAGE }}:next |