Skip to content

Commit

Permalink
feat: sync datadog agent to ECR
Browse files Browse the repository at this point in the history 
vendors the datadog agent image to an ECR
  • Loading branch information
@BobyMCbobs
BobyMCbobs committed Sep 26, 2023
1 parent 30216bb commit 8139b02
Show file tree
Hide file tree
Showing 3 changed files with 56 additions and 31 deletions.
21 changes: 21 additions & 0 deletions .github/workflows/sync.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,27 @@ jobs:
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
- uses: GeoNet/setup-crane@00c9e93efa4e1138c9a7a5c594acd6c75a2fbf0c # main
- uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19 # v3.1.2
- id: determine-uses-ecr
env:
DESTINATION: ${{ fromJSON(toJSON(matrix)).destination }}
run: |
if echo "$DESTINATION" | grep -q -E '[0-9]{12}.dkr.ecr.ap-southeast-2.amazonaws.com/.*'; then
echo "ecr="$(echo "$DESTINATION" | cut -d'/' -f1)"" >> $GITHUB_OUTPUT
fi
- name: Configure AWS Credentials
if: ${{ steps.determine-uses-ecr.outputs.ecr != '' }}
uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 # v2.0.0
with:
aws-region: ap-southeast-2
role-to-assume: arn:aws:iam::862640294325:role/github-actions-geonet-ecr-push
role-duration-seconds: 3600
role-session-name: github-actions-GeoNet--base-images
- name: login to ECR
if: ${{ steps.determine-uses-ecr.outputs.ecr != '' }}
env:
ECR: ${{ steps.determine-uses-ecr.outputs.ecr }}
run: |
aws ecr get-login-password --region ap-southeast-2 | crane auth login "$ECR" -u AWS --password-stdin
- name: get-digests
if: ${{ fromJSON(toJSON(matrix)).always != true }}
id: get-digests
Expand Down
60 changes: 31 additions & 29 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,35 +41,37 @@ The repo is mostly concerned with base images or images used in build processes.

list of vendored base images

| Image | Description |
|----------------------------------------------------|--------------------------------------------------------------------------------|
| ghcr.io/geonet/base-images/alpine | standard Alpine base image |
| ghcr.io/geonet/base-images/datadog/agent | datadog agent |
| ghcr.io/geonet/base-images/debian | standard Debian slim image |
| ghcr.io/geonet/base-images/git | Alpine with git installed |
| ghcr.io/geonet/base-images/git-ssh | Alpine with git and ssh installed |
| ghcr.io/geonet/base-images/go | a minimal image for building Go applications |
| ghcr.io/geonet/base-images/hadolint/hadolint | a Dockerfile linter |
| ghcr.io/geonet/base-images/hashicorp/terraform | Terraform image |
| ghcr.io/geonet/base-images/mkdocs_plus | a custom build image for docs |
| ghcr.io/geonet/base-images/nginx | minimal nginx image |
| ghcr.io/geonet/base-images/node | Alpine based node image |
| ghcr.io/geonet/base-images/python | Alpine and Debian base Python images |
| ghcr.io/geonet/base-images/siderolabs-conform | conform policy for pull request commits |
| ghcr.io/geonet/base-images/static | scratch with timezone and ca-certificate data pre-installed. Great for Go apps |
| ghcr.io/geonet/base-images/texlive | a latex image |
| ghcr.io/geonet/base-images/ubi8 | Red Hat Universal Base Image 8 |
| ghcr.io/geonet/base-images/ubi8-minimal | Red Hat Universal Base Image 8 minimal |
| ghcr.io/geonet/base-images/centos | Centos 7 and stream variants available as tags eg :centos7 :stream8 |
| ghcr.io/geonet/base-images/chart-centos7 | Centos 7 base image updated to add extract packages needed for the chart app |
| ghcr.io/geonet/base-images/curl | A minimal image only containing curl |
| ghcr.io/geonet/base-images/owasp/zap2docker-stable | An image to run OWASP's Zed Attack Proxy security web scanner |
| ghcr.io/geonet/base-images/alpine-xslt | Alpine with libxslt for XML parsing |
| ghcr.io/geonet/base-images/alpine-gdal | Alpine with gdal for raster and vector geospatial data formats |
| ghcr.io/geonet/base-images/fedora | fedora for build tasks |
| ghcr.io/geonet/base-images/fedora-coreos | fedora coreos for edge devices |
| ghcr.io/geonet/base-images/alpine-iputils | includes tools like ping |
| ghcr.io/geonet/base-images/shellcheck | shellcheck bash scripts |
| Image | Description |
|-----------------------------------------------------------------|--------------------------------------------------------------------------------|
| ghcr.io/geonet/base-images/alpine | standard Alpine base image |
| ghcr.io/geonet/base-images/datadog/agent | datadog agent |
| ghcr.io/geonet/base-images/debian | standard Debian slim image |
| ghcr.io/geonet/base-images/git | Alpine with git installed |
| ghcr.io/geonet/base-images/git-ssh | Alpine with git and ssh installed |
| ghcr.io/geonet/base-images/go | a minimal image for building Go applications |
| ghcr.io/geonet/base-images/hadolint/hadolint | a Dockerfile linter |
| ghcr.io/geonet/base-images/hashicorp/terraform | Terraform image |
| ghcr.io/geonet/base-images/mkdocs_plus | a custom build image for docs |
| ghcr.io/geonet/base-images/nginx | minimal nginx image |
| ghcr.io/geonet/base-images/node | Alpine based node image |
| ghcr.io/geonet/base-images/python | Alpine and Debian base Python images |
| ghcr.io/geonet/base-images/siderolabs-conform | conform policy for pull request commits |
| ghcr.io/geonet/base-images/static | scratch with timezone and ca-certificate data pre-installed. Great for Go apps |
| ghcr.io/geonet/base-images/texlive | a latex image |
| ghcr.io/geonet/base-images/ubi8 | Red Hat Universal Base Image 8 |
| ghcr.io/geonet/base-images/ubi8-minimal | Red Hat Universal Base Image 8 minimal |
| ghcr.io/geonet/base-images/centos | Centos 7 and stream variants available as tags eg :centos7 :stream8 |
| ghcr.io/geonet/base-images/chart-centos7 | Centos 7 base image updated to add extract packages needed for the chart app |
| ghcr.io/geonet/base-images/curl | A minimal image only containing curl |
| ghcr.io/geonet/base-images/owasp/zap2docker-stable | An image to run OWASP's Zed Attack Proxy security web scanner |
| ghcr.io/geonet/base-images/alpine-xslt | Alpine with libxslt for XML parsing |
| ghcr.io/geonet/base-images/alpine-gdal | Alpine with gdal for raster and vector geospatial data formats |
| ghcr.io/geonet/base-images/fedora | fedora for build tasks |
| ghcr.io/geonet/base-images/fedora-coreos | fedora coreos for edge devices |
| ghcr.io/geonet/base-images/alpine-iputils | includes tools like ping |
| ghcr.io/geonet/base-images/shellcheck | shellcheck bash scripts |
| 862640294325.dkr.ecr.ap-southeast-2.amazonaws.com/datadog-agent | datadog agent for use in ECS |



for tags, check [config.yaml](./config.yaml).
Expand Down
6 changes: 4 additions & 2 deletions config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ sync:
destination: ghcr.io/geonet/base-images/ubi8:8.8
- source: docker.io/redhat/ubi8-minimal:8.8@sha256:621f5245fb3e8597a626163cdf1229e1f8311e07ab71bb1e9332014b51c59f9c
destination: ghcr.io/geonet/base-images/ubi8-minimal:8.8
- source: docker.io/datadog/agent:7@sha256:b9e11fd44fec2dc6f42d7d8eeafb29dc16bc185af37c395b9c3864b1402134d0
destination: ghcr.io/geonet/base-images/datadog/agent:7
- source: docker.io/datadog/agent:7.47.1@sha256:364b90eb9da1925a4b8a1dca501a9a8e8cd5e8455733a16857284c49d4bf8467
destination: ghcr.io/geonet/base-images/datadog/agent:7.47.1
- source: docker.io/library/debian:bookworm-slim@sha256:d8f9d38c21495b04d1cca99805fbb383856e19794265684019bf193c3b7d67f9
destination: ghcr.io/geonet/base-images/debian:bookworm-slim
- source: docker.io/hadolint/hadolint:v2.12.0-alpine@sha256:3c206a451cec6d486367e758645269fd7d696c5ccb6ff59d8b03b0e45268a199
Expand Down Expand Up @@ -61,6 +61,8 @@ sync:
destination: ghcr.io/geonet/base-images/owasp/zap2docker-stable:2.11.1
- source: docker.io/koalaman/shellcheck-alpine:v0.9.0@sha256:e19ed93c22423970d56568e171b4512c9244fc75dd9114045016b4a0073ac4b7
destination: ghcr.io/geonet/base-images/shellcheck:v0.9.0
- source: docker.io/datadog/agent:7.47.1@sha256:364b90eb9da1925a4b8a1dca501a9a8e8cd5e8455733a16857284c49d4bf8467
destination: 862640294325.dkr.ecr.ap-southeast-2.amazonaws.com/datadog-agent:7.47.1 # this ecr does not exist yet
build:
# NOTES
# - uses dirname of source as context for build
Expand Down

0 comments on commit 8139b02

Please sign in to comment.