Skip to content

Update vulnerable dependencies (#139) #13

Update vulnerable dependencies (#139)

Update vulnerable dependencies (#139) #13

#
# Copyright (c) 2023 Red Hat, Inc.
# This program and the accompanying materials are made
# available under the terms of the Eclipse Public License 2.0
# which is available at https://www.eclipse.org/legal/epl-2.0/
#
# SPDX-License-Identifier: EPL-2.0
#
# Contributors:
# Red Hat, Inc. - initial API and implementation
#
name: Che Configbump Next Build
on:
workflow_dispatch:
inputs: {}
push:
branches:
- main
env:
IMAGE: quay.io/che-incubator/configbump
jobs:
build-images:
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
arch: [amd64,arm64]
outputs:
amd64: ${{ steps.result.outputs.amd64 }}
arm64: ${{ steps.result.outputs.arm64 }}
steps:
-
name: "Checkout Che Configbump source code"
uses: actions/checkout@v3
-
name: "Set up QEMU"
uses: docker/setup-qemu-action@v2
-
name: "Set up Docker Buildx ${{ matrix.arch }}"
uses: docker/setup-buildx-action@v2
-
name: "Login to quay.io"
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
-
name: "Build and push ${{ matrix.arch }}"
uses: docker/build-push-action@v3
with:
context: .
file: ./build/dockerfiles/Dockerfile
platforms: linux/${{ matrix.arch }}
push: true
provenance: false
tags: ${{ env.IMAGE }}:${{ matrix.arch }}-next
-
id: result
name: "Build result outputs version"
if: ${{ success() }}
run: echo "${{ matrix.arch }}=${{ matrix.arch }}-next" >> $GITHUB_OUTPUT
create-manifest:
if: always()
needs: build-images
runs-on: ubuntu-22.04
steps:
-
name: "Docker quay.io Login"
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
-
name: "Create and push manifest"
run: |
AMEND=""
AMD64_VERSION="${{ needs['build-images'].outputs.amd64 }}"
if [ -n "$AMD64_VERSION" ]; then
AMEND+=" --amend ${{ env.IMAGE }}:$AMD64_VERSION";
fi
ARM64_VERSION="${{ needs['build-images'].outputs.arm64 }}"
if [ -n "$ARM64_VERSION" ]; then
AMEND+=" --amend ${{ env.IMAGE }}:$ARM64_VERSION";
fi
if [ -z "$AMEND" ]; then
echo "[!] The job 'build-images' didn't provide any outputs. Can't create the manifest list."
exit 1;
fi
docker manifest create ${{ env.IMAGE }}:next $AMEND
docker manifest push ${{ env.IMAGE }}:next