Skip to content
Kubernetes content image for PR

Kubernetes content image for PR #949

Sign in to view logs

Kubernetes content image for PR

Kubernetes content image for PR #949

Workflow file for this run

.github/workflows/k8s-content-pr.yaml at 59013f6
name: Kubernetes content image for PR
on:
workflow_run:
workflows: [Kubernetes content image for PR Trigger]
types:
- completed
jobs:
get-pr-number:
name: Get PR number
runs-on: ubuntu-latest
outputs:
pr-number: ${{ steps.pr_number.outputs.pr_number }}
steps:
- name: 'Download artifacts'
uses: actions/github-script@v7
with:
script: |
let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: context.payload.workflow_run.id,
});
let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
return artifact.name == "pr_number"
})[0];
let download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
let fs = require('fs');
fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/pr_number.zip`, Buffer.from(download.data));
- name: 'Unzip artifact'
run: unzip pr_number.zip
- name: 'Read PR number'
id: pr_number
run: |
echo "pr_number=$(cat pr_number)" >> "$GITHUB_OUTPUT"
container-main:
needs:
- get-pr-number
permissions:
contents: read
id-token: write
packages: write
runs-on: ubuntu-latest
outputs:
image-digest: ${{ steps.container_info.outputs.image-digest }}
image-tags: ${{ steps.container_info.outputs.image-tags }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: refs/pull/${{ needs.get-pr-number.outputs.pr-number }}/head
- name: Login to ghcr.io
uses: docker/login-action@v3.1.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/complianceascode/k8scontent
flavor: |
latest=false
tags: |
type=raw,value=${{ needs.get-pr-number.outputs.pr-number }}
type=sha,format=long
labels: |
org.opencontainers.image.source=${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}
org.opencontainers.image.title=Kubernetes content
org.opencontainers.image.version=${{ needs.get-pr-number.outputs.pr-number }}
org.opencontainers.image.licenses='BSD-3-Clause'
org.opencontainers.image.vendor='Compliance Operator Authors'
- name: Build container images and push
id: docker_build
uses: docker/build-push-action@v5
with:
context: .
file: ./Dockerfiles/ocp4_content
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: true
platforms: 'linux/amd64'
- name: Get container info
id: container_info
run: |
image_tags="${{ needs.get-pr-number.outputs.pr-number }}"
echo "image-digest=${{ steps.docker_build.outputs.digest }}" >> $GITHUB_OUTPUT
echo "image-tags=${{ needs.get-pr-number.outputs.pr-number }}" >> $GITHUB_OUTPUT
comment-pr:
needs:
- container-main
- get-pr-number
runs-on: ubuntu-latest
name: Upsert comment on the PR
steps:
- uses: thollander/actions-comment-pull-request@v2
with:
message: |
:robot: A k8s content image for this PR is available at:
`ghcr.io/complianceascode/k8scontent:${{ needs.get-pr-number.outputs.pr-number }}`
This image was built from commit: ${{ github.event.workflow_run.head_sha }}
<details>
<summary>Click here to see how to deploy it</summary>
If you alread have Compliance Operator deployed:
```utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:${{ needs.get-pr-number.outputs.pr-number }}```
Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
```CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:${{ needs.get-pr-number.outputs.pr-number }} make deploy-local```
</details>
comment_tag: kubernetes_content_image
pr_number: ${{ needs.get-pr-number.outputs.pr-number }}