Skip to content

test ENTRYPOINT policy build #7

test ENTRYPOINT policy build

test ENTRYPOINT policy build #7

name: dockerfile-input-ci
on:
push:
branches:
- main
paths:
- 'genval/genval/deaultpolicies/rego/input_policies/**'
tags:
- 'v*'
if: |
(startswith(github.ref, 'refs/tags/')) &&
(github.ref == 'refs/head/main') &&
contains(github.event.head_commit.modified, 'genval/defaultpolicies/rego/input_policies/**')
permissions:
contents: write
security-events: write
# Optional: allow read access to pull request. Use with `only-new-issues` option.
packages: write
jobs:
push-artifact:
name: CI
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: '1.22'
cache: false
- name: install genval
run: go install github.com/intelops/genval@main
- name: Login to Github Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Fetch Git tag
id: get_tag
run: echo "tag=$(git describe --tags --abbrev=0)" >> $GITHUB_ENV
- name: push-rego-policies
run: |
GIT_TAG=${{ env.tag }}
GENVAL_OUTPUT=(genval artifact push --reqinput ./genval/defaultpolicies/rego/input_policies \
--dest oci://ghcr.io/intelops/policyhub/genval/input_policies:v0.0.1 \
--annotations="authors=intelops Inc.")
echo "${GENVAL_OUTPUT}"
echo "artifact_url=oci://ghcr.io/intelops/policyhub/genval/argocd-cuemods:${GIT_TAG}" >> $GITHUB_ENV
- name: Use artifact URL
run: |
echo "Artifact URL is: ${{ env.artifact_url }}"