diff --git a/.github/workflows/build-server-image.yml b/.github/workflows/build-server-image.yml new file mode 100644 index 0000000..16831c3 --- /dev/null +++ b/.github/workflows/build-server-image.yml @@ -0,0 +1,40 @@ +name: Demo Push +on: [push] + +env: + IMAGE_NAME: server + +jobs: + push: + runs-on: ubuntu-latest + permissions: + packages: write + contents: read + steps: + - uses: actions/checkout@v4 + + - name: Build image + run: docker build . -f ./server/Dockerfile -t $IMAGE_NAME --label "runnumber=${GITHUB_RUN_ID}" + + - name: Log in to registry + run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin + + - name: Push image + run: | + IMAGE_ID=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME + + # This changes all uppercase characters to lowercase. + IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]') + + # This strips the git ref prefix from the version. + VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') + + # This strips the "v" prefix from the tag name. + [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//') + + # This uses the Docker `latest` tag convention. + [ "$VERSION" == "main" ] && VERSION=latest + echo IMAGE_ID=$IMAGE_ID + echo VERSION=$VERSION + docker tag $IMAGE_NAME $IMAGE_ID:$VERSION + docker push $IMAGE_ID:$VERSION \ No newline at end of file diff --git a/server/Dockerfile b/server/Dockerfile index 772803c..fd1aa1b 100644 --- a/server/Dockerfile +++ b/server/Dockerfile @@ -10,6 +10,7 @@ RUN apk add \ RUN wget -q https://github.com/spiffe/spire/releases/download/v1.9.0/spire-1.9.0-linux-amd64-musl.tar.gz RUN tar xvf spire-1.9.0-linux-amd64-musl.tar.gz ; mv spire-1.9.0 /opt ; mv /opt/spire-1.9.0 /opt/spire RUN ln -s /opt/spire/bin/spire-agent /usr/bin/spire-agent +RUN ln -s /opt/spire/bin/spire-server /usr/bin/spire-server # Install pyspiffe package RUN pip install git+https://github.com/HewlettPackard/py-spiffe.git