Maintenance: Upgrade Dockerfiles to modern builds #11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Docker Image CI | |
on: | |
push: | |
branches: | |
- main | |
tags: | |
- v* | |
pull_request: | |
branches: | |
- main | |
workflow_dispatch: | |
jobs: | |
build-base: | |
name: Docker Build Base (no-agent) | |
runs-on: ubuntu-latest | |
steps: | |
- | |
name: Checkout branch | |
uses: actions/checkout@v4 | |
- | |
name: Docker Setup QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: all | |
- | |
name: Docker Setup Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
- | |
name: Build and push Docker images | |
uses: docker/build-push-action@v5 | |
with: | |
push: false | |
load: true | |
tags: contrastsecuritydemo/netflicks:latest-no-agent | |
- | |
name: Upload docker build artifact for use in next job | |
uses: actions/upload-artifact@v3 | |
with: | |
name: latest | |
path: /tmp/latest-no-agent.tar | |
build-contrast: | |
name: Docker Build Contrast (agent) | |
runs-on: ubuntu-latest | |
needs: | |
- build-base | |
steps: | |
- | |
name: Checkout branch | |
uses: actions/checkout@v4 | |
- | |
name: Docker Setup QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: all | |
- | |
name: Docker Setup Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
- | |
name: Build and push Docker images | |
uses: docker/build-push-action@v5 | |
with: | |
push: false | |
load: true | |
tags: contrastsecuritydemo/netflicks:latest | |
outputs: type=docker,dest=/tmp/latest.tar | |
- | |
name: Upload docker build artifact for use in next job | |
uses: actions/upload-artifact@v3 | |
with: | |
name: latest | |
path: /tmp/latest.tar | |
test: | |
name: Run Tests | |
runs-on: ubuntu-latest | |
needs: | |
- build-base | |
- build-contrast | |
steps: | |
- | |
name: Download artifact | |
uses: actions/download-artifact@v4 | |
with: | |
path: /tmp | |
merge-multiple: true | |
- | |
name: Load images | |
run: | | |
docker load --input /tmp/latest-no-agent.tar | |
docker load --input /tmp/latest.tar | |
- | |
name: Checkout branch | |
uses: actions/checkout@v4 | |
- | |
name: Run docker-compose tests | |
run: | | |
docker-compose up -d | |
- | |
name: Setup Node | |
uses: actions/setup-node@v3 | |
- | |
name: Install dependencies | |
run: | | |
cd e2e | |
npm install | |
npx playwright install | |
- | |
name: Install playwright browsers | |
run: | | |
cd e2e | |
npx playwright install-deps chromium | |
- | |
name: Run tests | |
run: | | |
cd e2e | |
npx playwright test | |
pre-merge: | |
name: Prepare to merge | |
runs-on: ubuntu-latest | |
needs: | |
- test | |
steps: | |
- name: Docker Metadata action | |
id: metadata | |
uses: docker/metadata-action@v5 | |
with: | |
images: contrastsecuritydemo/netflicks | |
flavor: | | |
latest=true | |
suffix=agent | |
tags: | | |
type=semver,pattern={{version}}, priority=100 | |
type=semver,pattern={{major}}.{{minor}}, priority=200 | |
- name: Version number | |
run: | | |
echo Getting the old build number | |
echo $(echo ${{ steps.metadata.outputs.tags }}) | |
merge: | |
name: Merge if PR is merged and tests pass | |
if: github.event.pull_request.merged | |
runs-on: ubuntu-latest | |
needs: | |
- test | |
steps: | |
- run: | | |
echo The PR was merged |