mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-24 15:09:39 -05:00
Activation Service and KMS server image build pipeline (#210)
* AB#2171 Add kms server container image build pipeline * AB#2172 Add activation service container image build pipeline * Add manual workflow for building micro-service images Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
parent
766182b7e7
commit
3d041cab2b
51
.github/actions/build_micro-service/action.yml
vendored
Normal file
51
.github/actions/build_micro-service/action.yml
vendored
Normal file
@ -0,0 +1,51 @@
|
||||
name: build micro-service image
|
||||
description: Build and upload a container image for a Constellation micro-service
|
||||
inputs:
|
||||
name:
|
||||
description: 'Name of the micro-service'
|
||||
required: true
|
||||
dockerfile:
|
||||
description: 'Path to the services Dockerfile'
|
||||
required: true
|
||||
pushTag:
|
||||
description: 'Use this image tag'
|
||||
required: false
|
||||
githubToken:
|
||||
description: 'GitHub authorization token'
|
||||
required: true
|
||||
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Docker metadata
|
||||
id: meta
|
||||
uses: docker/metadata-action@v3
|
||||
with:
|
||||
images: |
|
||||
ghcr.io/${{ github.repository }}/${{ inputs.name }}
|
||||
tags: |
|
||||
type=raw,value=latest,enable={{is_default_branch}}
|
||||
type=raw,value=${{ inputs.pushTag }},enable=${{ '' != inputs.pushTag }}
|
||||
type=ref,event=branch
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
id: docker-setup
|
||||
uses: docker/setup-buildx-action@v1
|
||||
|
||||
- name: Log in to the Container registry
|
||||
id: docker-login
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ inputs.githubToken }}
|
||||
|
||||
- name: Build and push container image
|
||||
id: build-micro-service
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
context: .
|
||||
file: ${{ inputs.dockerfile }}
|
||||
target: release
|
||||
push: true
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
54
.github/templates/micro-service-image.yml.template
vendored
Normal file
54
.github/templates/micro-service-image.yml.template
vendored
Normal file
@ -0,0 +1,54 @@
|
||||
name: Build and Upload {{ micro-service }} image
|
||||
env:
|
||||
REGISTRY: ghcr.io
|
||||
IMAGE_NAME: {{ micro-service }}
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "{{ micro-service }}/**"
|
||||
- "internal/{{ micro-service-dependency-1 }}/**"
|
||||
- "internal/{{ micro-service-dependency-2 }}/**"
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
|
||||
- name: Docker meta
|
||||
id: meta
|
||||
uses: docker/metadata-action@v3
|
||||
with:
|
||||
images: |
|
||||
${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}
|
||||
tags: |
|
||||
type=raw,value=latest,enable={{is_default_branch}}
|
||||
type=ref,event=branch
|
||||
- name: Set up Docker Buildx
|
||||
id: docker-setup
|
||||
uses: docker/setup-buildx-action@v1
|
||||
|
||||
- name: Log in to the Container registry
|
||||
id: docker-login
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Build and push constellation-{{ micro-service }} container image
|
||||
id: build-constellation-{{ micro-service }}
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
context: .
|
||||
file: {{ micro-service }}/Dockerfile
|
||||
target: release
|
||||
push: true
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
43
.github/workflows/build-access-manager-image.yml
vendored
43
.github/workflows/build-access-manager-image.yml
vendored
@ -1,4 +1,4 @@
|
||||
name: Build and Upload access-manager image
|
||||
name: Build and upload access-manager image
|
||||
env:
|
||||
REGISTRY: ghcr.io
|
||||
IMAGE_NAME: access-manager
|
||||
@ -13,41 +13,20 @@ on:
|
||||
- "internal/deploy/**"
|
||||
|
||||
jobs:
|
||||
build:
|
||||
build-access-manager:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- uses: actions/checkout@v1
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Docker meta
|
||||
id: meta
|
||||
uses: docker/metadata-action@v3
|
||||
- name: Build and upload access-manager container image
|
||||
id: build-and-upload
|
||||
uses: ./.github/actions/build_micro-service
|
||||
with:
|
||||
images: |
|
||||
${{ env.REGISTRY }}/${{ github.repository }}/${{ env.IMAGE_NAME }}
|
||||
tags: |
|
||||
type=raw,value=latest,enable={{is_default_branch}}
|
||||
type=ref,event=branch
|
||||
- name: Set up Docker Buildx
|
||||
id: docker-setup
|
||||
uses: docker/setup-buildx-action@v1
|
||||
|
||||
- name: Log in to the Container registry
|
||||
id: docker-login
|
||||
uses: docker/login-action@v1
|
||||
with:
|
||||
registry: ${{ env.REGISTRY }}
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Build and push constellation-access-manager container image
|
||||
id: build-constellation-access-manager
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
context: .
|
||||
file: access_manager/Dockerfile
|
||||
target: release
|
||||
push: true
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
name: access-manager
|
||||
dockerfile: access_manager/Dockerfile
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
34
.github/workflows/build-activation-image.yml
vendored
Normal file
34
.github/workflows/build-activation-image.yml
vendored
Normal file
@ -0,0 +1,34 @@
|
||||
name: Build and upload activation-service image
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "activation/**"
|
||||
- "internal/atls/**"
|
||||
- "internal/attestation/**"
|
||||
- "internal/constants/**"
|
||||
- "internal/file/**"
|
||||
- "internal/grpc/**"
|
||||
- "internal/oid/**"
|
||||
|
||||
jobs:
|
||||
build-activation-service:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Build and upload activation-service container image
|
||||
id: build-and-upload
|
||||
uses: ./.github/actions/build_micro-service
|
||||
with:
|
||||
name: activation-service
|
||||
dockerfile: activation/Dockerfile
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
33
.github/workflows/build-kms-image.yml
vendored
Normal file
33
.github/workflows/build-kms-image.yml
vendored
Normal file
@ -0,0 +1,33 @@
|
||||
name: Build and upload KMS image
|
||||
env:
|
||||
REGISTRY: ghcr.io
|
||||
IMAGE_NAME: kmsserver
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "kms/**"
|
||||
- "internal/constants/**"
|
||||
- "internal/file/**"
|
||||
|
||||
jobs:
|
||||
build-kms-server:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Build and upload KMS server container image
|
||||
id: build-and-upload
|
||||
uses: ./.github/actions/build_micro-service
|
||||
with:
|
||||
name: kmsserver
|
||||
dockerfile: Dockerfile.kms
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
51
.github/workflows/build-micro-service-manual.yml
vendored
Normal file
51
.github/workflows/build-micro-service-manual.yml
vendored
Normal file
@ -0,0 +1,51 @@
|
||||
name: Build micro-service Manual
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
microService:
|
||||
description: 'Name of the micro-service image to build'
|
||||
type: choice
|
||||
options:
|
||||
- 'access-manager'
|
||||
- 'activation-service'
|
||||
- 'kmsserver'
|
||||
required: true
|
||||
default: 'access manager'
|
||||
imageTag:
|
||||
description: 'Container image tag'
|
||||
required: true
|
||||
default: 'manual-build'
|
||||
|
||||
jobs:
|
||||
build-micro-service:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
steps:
|
||||
- name: Check out repository
|
||||
id: checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# choose the correct Dockerfile depending on what micro-service is being build
|
||||
- name: Set Dockerfile variable
|
||||
id: set-variable
|
||||
run: |
|
||||
case "${{ env.someVar }}" in
|
||||
"access-manager" )
|
||||
echo "microServiceDockerfile=access_manager/Dockerfile" >> $GITHUB_ENV ;;
|
||||
"activation-service" )
|
||||
echo "microServiceDockerfile=activation-service/Dockerfile" >> $GITHUB_ENV ;;
|
||||
"kmsserver" )
|
||||
echo "microServiceDockerfile=Dockerfile.kms" >> $GITHUB_ENV ;;
|
||||
esac
|
||||
|
||||
- name: Build and upload activation-service container image
|
||||
id: build-and-upload
|
||||
uses: ./.github/actions/build_micro-service
|
||||
with:
|
||||
name: ${{ input.microService }}
|
||||
dockerfile: ${{ env.microServiceDockerfile }}
|
||||
tag: ${{ input.imageTag }}
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
Loading…
Reference in New Issue
Block a user