Skip to content

v7.0.1

v7.0.1 #67

Workflow file for this run

name: "Release Build"
on:
release:
types: [published]
env:
CONTAINER_REGISTRY: ghcr.io/juice-shop
jobs:
helmRelease:
name: "Publish Helm Chart"
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v3
- id: release-version
name: Parse Release Version
run: |
RELEASE_VERSION="${GITHUB_REF#refs/*/}"
# Remove leading 'v' from git tag to create valid semver
RELEASE_VERSION="${RELEASE_VERSION//v}"
echo "version=$RELEASE_VERSION" >> "$GITHUB_OUTPUT"
- name: "Login to Package Registry"
run: 'echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login --username ${{ github.actor }} --password-stdin ${{ env.CONTAINER_REGISTRY }}'
- name: "Package Helm Chart"
working-directory: helm/multi-juicer/
run: |
helm package --version "${{ steps.release-version.outputs.version }}" .
- name: "Push Helm Chart"
working-directory: helm/multi-juicer/
run: |
helm push "multi-juicer-${{ steps.release-version.outputs.version }}.tgz" oci://${{ env.CONTAINER_REGISTRY }}/multi-juicer/helm
dockerBuilds:
name: "Build"
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write # needed for signing the images with GitHub OIDC Token
strategy:
matrix:
component:
- progress-watchdog
- cleaner
- juice-balancer
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Install Cosign
uses: sigstore/cosign-installer@v3
- id: image-metadata
name: Container Image Metadata
uses: docker/metadata-action@v4
with:
images: ${{ env.CONTAINER_REGISTRY }}/multi-juicer/${{ matrix.component }}
tags: |
type=semver,pattern={{raw}}
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: |
image=moby/buildkit:v0.11.6
- name: Login to DockerHub
uses: docker/login-action@v2
with:
registry: ${{ env.CONTAINER_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- id: build-and-push
name: Build and Push
uses: docker/build-push-action@v4
with:
context: ./${{ matrix.component }}
file: ./${{ matrix.component }}/Dockerfile
platforms: linux/amd64,linux/arm/v7,linux/arm64
push: true
tags: ${{ steps.image-metadata.outputs.tags }}
labels: ${{ steps.image-metadata.outputs.labels }}
- name: Sign the images with GitHub OIDC Token
env:
DIGEST: ${{ steps.build-and-push.outputs.digest }}
TAGS: ${{ steps.image-metadata.outputs.tags }}
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}