Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Publish ct-test-srv container on releases #7891

Merged
merged 7 commits into from
Dec 17, 2024
Merged

Publish ct-test-srv container on releases #7891

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
cd5c64f
Add dockerfile and GHA to build and publish ct-test-srv container
mcpherrinm Dec 15, 2024
90576a1
Run as non-root user
mcpherrinm Dec 15, 2024
388dac1
Add Go version as a dockerfile ARG, set in GHA
mcpherrinm Dec 15, 2024
1602bf4
Move container builds into (try-)release.yml
mcpherrinm Dec 16, 2024
5d9b6f9
Drop matrix support for container images
mcpherrinm Dec 16, 2024
54ec262
Don't echo the token
mcpherrinm Dec 17, 2024
ff9773c
Printenv doesn't need $
mcpherrinm Dec 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions .github/workflows/container-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# Build containers on every PR
# See also container-release.yml
mcpherrinm marked this conversation as resolved.
Show resolved Hide resolved

name: Container Build

on:
push:
branches: [main]
pull_request:
branches: [main]
workflow_dispatch:

jobs:
build-container:
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
GO_VERSION:
- "1.23.4"
mcpherrinm marked this conversation as resolved.
Show resolved Hide resolved
include:
- dockerfile: test/ct-test-srv/Dockerfile
image: ghcr.io/letsencrypt/ct-test-srv
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false

- name: Build
run: docker buildx build . --build-arg "GO_VERSION=${{ matrix.GO_VERSION }}" -f "${{ matrix.dockerfile }}" -t "${{ matrix.image }}:${{ github.sha }}"
mcpherrinm marked this conversation as resolved.
Show resolved Hide resolved
37 changes: 37 additions & 0 deletions .github/workflows/container-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# Build and publish containers for this release
# see also container-build.yml
mcpherrinm marked this conversation as resolved.
Show resolved Hide resolved

name: Container Release

on:
push:
tags:
- release-*

jobs:
push-container:
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
GO_VERSION:
- "1.23.4"
include:
- dockerfile: test/ct-test-srv/Dockerfile
image: ghcr.io/letsencrypt/ct-test-srv
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false

- name: Build
run: docker buildx build . --build-arg "GO_VERSION=${{ matrix.GO_VERSION }}" -f "${{ matrix.dockerfile }}" -t "${{ matrix.image }}:${{ github.ref_name }}"
aarongable marked this conversation as resolved.
Show resolved Hide resolved

- name: login
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin

- name: Push
run: docker push "${{ matrix.image }}:${{ github.ref_name }}"
25 changes: 25 additions & 0 deletions test/ct-test-srv/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
ARG GO_VERSION

FROM golang:${GO_VERSION} AS build

WORKDIR /app

COPY go.mod go.sum vendor ./

COPY . .

RUN go build -o /bin/ct-test-srv ./test/ct-test-srv/main.go

FROM ubuntu:24.04

RUN useradd -r -u 10001 cttest

COPY --from=build /bin/ct-test-srv /bin/ct-test-srv

COPY test/ct-test-srv/ct-test-srv.json /etc/ct-test-srv.json

ENTRYPOINT ["/bin/ct-test-srv"]

USER cttest

CMD ["-config", "/etc/ct-test-srv.json"]
Loading