From 4fce256983cde1349d4bae81d687bf0222ada5d7 Mon Sep 17 00:00:00 2001 From: Fernandez Benjamin Date: Fri, 21 Jul 2023 11:54:29 +0200 Subject: [PATCH 1/8] Create docker-image.yml Signed-off-by: Fernandez Benjamin --- .github/workflows/artifacts.yaml | 187 -------------------------- .github/workflows/checks-release.yaml | 18 +++ .github/workflows/checks.yaml | 51 +++++-- .github/workflows/ci.yaml | 173 ------------------------ .github/workflows/docker-image.yml | 49 +++++++ 5 files changed, 109 insertions(+), 369 deletions(-) delete mode 100644 .github/workflows/artifacts.yaml create mode 100644 .github/workflows/checks-release.yaml delete mode 100644 .github/workflows/ci.yaml create mode 100644 .github/workflows/docker-image.yml diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml deleted file mode 100644 index cb90eb159e..0000000000 --- a/.github/workflows/artifacts.yaml +++ /dev/null @@ -1,187 +0,0 @@ -name: Artifacts - -on: - workflow_call: - inputs: - publish: - description: Publish artifacts to the artifact store - default: false - required: false - type: boolean - secrets: - DOCKER_USERNAME: - required: true - DOCKER_PASSWORD: - required: true - outputs: - container-image-name: - description: Container image name - value: ${{ jobs.container-image.outputs.name }} - container-image-digest: - description: Container image digest - value: ${{ jobs.container-image.outputs.digest }} - container-image-ref: - description: Container image ref - value: ${{ jobs.container-image.outputs.ref }} - -permissions: - contents: read - -jobs: - container-image: - name: Container image - runs-on: ubuntu-latest - - strategy: - matrix: - variant: - - alpine - - distroless - - permissions: - contents: read - packages: write - id-token: write - security-events: write - - outputs: - name: ${{ steps.image-name.outputs.value }} - digest: ${{ steps.build.outputs.digest }} - ref: ${{ steps.image-ref.outputs.value }} - - steps: - - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@16c0bc4a6e6ada2cfd8afd41d22d95379cf7c32a # v2.8.0 - - - name: Set up Syft - uses: anchore/sbom-action/download-syft@78fc58e266e87a38d4194b2137a3d4e9bcaf7ca1 # v0.14.3 - - - name: Set image name - id: image-name - run: echo "value=ghcr.io/${{ github.repository }}" >> "$GITHUB_OUTPUT" - - - name: Gather build metadata - id: meta - uses: docker/metadata-action@818d4b7b91585d195f67373fd9cb0332e31a7175 # v4.6.0 - with: - images: | - ${{ steps.image-name.outputs.value }} - dexidp/dex - flavor: | - latest = false - tags: | - type=ref,event=branch,enable=${{ matrix.variant == 'alpine' }} - type=ref,event=pr,prefix=pr-,enable=${{ matrix.variant == 'alpine' }} - type=semver,pattern={{raw}},enable=${{ matrix.variant == 'alpine' }} - type=raw,value=latest,enable=${{ github.ref_name == github.event.repository.default_branch && matrix.variant == 'alpine' }} - type=ref,event=branch,suffix=-${{ matrix.variant }} - type=ref,event=pr,prefix=pr-,suffix=-${{ matrix.variant }} - type=semver,pattern={{raw}},suffix=-${{ matrix.variant }} - type=raw,value=latest,enable={{is_default_branch}},suffix=-${{ matrix.variant }} - labels: | - org.opencontainers.image.documentation=https://dexidp.io/docs/ - - # Multiple exporters are not supported yet - # See https://github.com/moby/buildkit/pull/2760 - - name: Determine build output - uses: haya14busa/action-cond@1d6e8a12b20cdb4f1954feef9aa475b9c390cab5 # v1.1.1 - id: build-output - with: - cond: ${{ inputs.publish }} - if_true: type=image,push=true - if_false: type=oci,dest=image.tar - - - name: Login to GitHub Container Registry - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ github.token }} - if: inputs.publish - - - name: Login to Docker Hub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - if: inputs.publish - - - name: Build and push image - id: build - uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1 - with: - context: . - platforms: linux/amd64,linux/arm/v7,linux/arm64,linux/ppc64le - tags: ${{ steps.meta.outputs.tags }} - build-args: | - BASE_IMAGE=${{ matrix.variant }} - VERSION=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }} - COMMIT_HASH=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.revision'] }} - BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }} - labels: ${{ steps.meta.outputs.labels }} - # cache-from: type=gha - # cache-to: type=gha,mode=max - outputs: ${{ steps.build-output.outputs.value }} - # push: ${{ inputs.publish }} - - - name: Set image ref - id: image-ref - run: echo "value=${{ steps.image-name.outputs.value }}@${{ steps.build.outputs.digest }}" >> "$GITHUB_OUTPUT" - - - name: Fetch image - run: skopeo --insecure-policy copy docker://${{ steps.image-ref.outputs.value }} oci-archive:image.tar - if: inputs.publish - - # Uncomment the following lines for debugging: - # - name: Upload image as artifact - # uses: actions/upload-artifact@v3 - # with: - # name: "[${{ github.job }}] OCI tarball" - # path: image.tar - - - name: Extract OCI tarball - run: | - mkdir -p image - tar -xf image.tar -C image - - # - name: List tags - # run: skopeo --insecure-policy list-tags oci:image - # - # # See https://github.com/anchore/syft/issues/1545 - # - name: Extract image from multi-arch image - # run: skopeo --override-os linux --override-arch amd64 --insecure-policy copy oci:image:${{ steps.image-name.outputs.value }}:${{ steps.meta.outputs.version }} docker-archive:docker.tar - # - # - name: Generate SBOM - # run: syft -o spdx-json=sbom-spdx.json docker-archive:docker.tar - # - # - name: Upload SBOM as artifact - # uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 - # with: - # name: "[${{ github.job }}] SBOM" - # path: sbom-spdx.json - # retention-days: 5 - - - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54 # 0.11.2 - with: - input: image - format: sarif - output: trivy-results.sarif - - - name: Upload Trivy scan results as artifact - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 - with: - name: "[${{ github.job }}] Trivy scan results" - path: trivy-results.sarif - retention-days: 5 - - - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@f6e388ebf0efc915c6c5b165b019ee61a6746a38 # v2.20.1 - with: - sarif_file: trivy-results.sarif diff --git a/.github/workflows/checks-release.yaml b/.github/workflows/checks-release.yaml new file mode 100644 index 0000000000..2d093d503e --- /dev/null +++ b/.github/workflows/checks-release.yaml @@ -0,0 +1,18 @@ +name: Check release + +on: + pull_request: + branches: ['release-orange'] + +jobs: + release-label: + name: Release note label + runs-on: ubuntu-latest + + steps: + - name: Check minimum labels + uses: mheap/github-action-required-labels@v5 + with: + mode: minimum + count: 1 + labels: "release-note/ignore, kind/feature, release-note/new-feature, kind/enhancement, release-note/enhancement, kind/bug, release-note/bug-fix, release-note/breaking-change, release-note/deprecation, area/dependencies, release-note/dependency-update" diff --git a/.github/workflows/checks.yaml b/.github/workflows/checks.yaml index 5a1cd80f17..62d61b249b 100644 --- a/.github/workflows/checks.yaml +++ b/.github/workflows/checks.yaml @@ -1,18 +1,51 @@ -name: PR Checks +name: Checks on: + push: + branches: ['release-orange'] pull_request: - types: [opened, labeled, unlabeled, synchronize] + branches: ['release-orange'] jobs: - release-label: - name: Release note label + lint: + name: Lint runs-on: ubuntu-latest steps: - - name: Check minimum labels - uses: mheap/github-action-required-labels@v5 + - name: Checkout repository + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + + - name: Set up Go + uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 + with: + go-version: "1.20" + + - name: Download golangci-lint + run: make bin/golangci-lint + + - name: Lint + run: make lint + + security-scan: + name: Trivy vulnerability scanner + runs-on: ubuntu-latest + steps: + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54 # 0.11.2 + with: + #input: image + scan-type: 'fs' + format: sarif + output: trivy-results.sarif + + - name: Upload Trivy scan results as artifact + uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + with: + name: "[${{ github.job }}] Trivy scan results" + path: trivy-results.sarif + retention-days: 5 + + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@f6e388ebf0efc915c6c5b165b019ee61a6746a38 # v2.20.1 with: - mode: minimum - count: 1 - labels: "release-note/ignore, kind/feature, release-note/new-feature, kind/enhancement, release-note/enhancement, kind/bug, release-note/bug-fix, release-note/breaking-change, release-note/deprecation, area/dependencies, release-note/dependency-update" + sarif_file: trivy-results.sarif diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml deleted file mode 100644 index 0b9713773b..0000000000 --- a/.github/workflows/ci.yaml +++ /dev/null @@ -1,173 +0,0 @@ -name: CI - -on: - push: - branches: [ master ] - pull_request: - -permissions: - contents: read - -jobs: - test: - name: Test - runs-on: ubuntu-latest - - services: - postgres: - image: postgres:10.8 - ports: - - 5432 - options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 - - postgres-ent: - image: postgres:10.8 - ports: - - 5432 - options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 - - mysql: - image: mysql:5.7 - env: - MYSQL_ROOT_PASSWORD: root - MYSQL_DATABASE: dex - ports: - - 3306 - options: --health-cmd "mysql -proot -e \"show databases;\"" --health-interval 10s --health-timeout 5s --health-retries 5 - - mysql-ent: - image: mysql:5.7 - env: - MYSQL_ROOT_PASSWORD: root - MYSQL_DATABASE: dex - ports: - - 3306 - options: --health-cmd "mysql -proot -e \"show databases;\"" --health-interval 10s --health-timeout 5s --health-retries 5 - - etcd: - image: gcr.io/etcd-development/etcd:v3.5.0 - ports: - - 2379 - env: - ETCD_LISTEN_CLIENT_URLS: http://0.0.0.0:2379 - ETCD_ADVERTISE_CLIENT_URLS: http://0.0.0.0:2379 - options: --health-cmd "ETCDCTL_API=3 etcdctl --endpoints http://localhost:2379 endpoint health" --health-interval 10s --health-timeout 5s --health-retries 5 - - keystone: - image: openio/openstack-keystone:rocky - ports: - - 5000 - - 35357 - options: --health-cmd "curl --fail http://localhost:5000/v3" --health-interval 10s --health-timeout 5s --health-retries 5 - - steps: - - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - - name: Set up Go - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 - with: - go-version: "1.20" - - - name: Download tool dependencies - run: make deps - - # Ensure that generated files were committed. - # It can help us determine, that the code is in the intermediate state, which should not be tested. - # Thus, heavy jobs like creating a kind cluster and testing / linting will be skipped. - - name: Verify - run: make verify - - - name: Start services - run: docker-compose -f docker-compose.test.yaml up -d - - - name: Create kind cluster - uses: helm/kind-action@v1.8.0 - with: - version: "v0.17.0" - node_image: "kindest/node:v1.25.3@sha256:cd248d1438192f7814fbca8fede13cfe5b9918746dfa12583976158a834fd5c5" - - - name: Test - run: make testall - env: - DEX_MYSQL_DATABASE: dex - DEX_MYSQL_USER: root - DEX_MYSQL_PASSWORD: root - DEX_MYSQL_HOST: 127.0.0.1 - DEX_MYSQL_PORT: ${{ job.services.mysql.ports[3306] }} - - DEX_MYSQL_ENT_DATABASE: dex - DEX_MYSQL_ENT_USER: root - DEX_MYSQL_ENT_PASSWORD: root - DEX_MYSQL_ENT_HOST: 127.0.0.1 - DEX_MYSQL_ENT_PORT: ${{ job.services.mysql-ent.ports[3306] }} - - DEX_POSTGRES_DATABASE: postgres - DEX_POSTGRES_USER: postgres - DEX_POSTGRES_PASSWORD: postgres - DEX_POSTGRES_HOST: localhost - DEX_POSTGRES_PORT: ${{ job.services.postgres.ports[5432] }} - - DEX_POSTGRES_ENT_DATABASE: postgres - DEX_POSTGRES_ENT_USER: postgres - DEX_POSTGRES_ENT_PASSWORD: postgres - DEX_POSTGRES_ENT_HOST: localhost - DEX_POSTGRES_ENT_PORT: ${{ job.services.postgres-ent.ports[5432] }} - - DEX_ETCD_ENDPOINTS: http://localhost:${{ job.services.etcd.ports[2379] }} - - DEX_LDAP_HOST: localhost - DEX_LDAP_PORT: 389 - DEX_LDAP_TLS_PORT: 636 - - DEX_KEYSTONE_URL: http://localhost:${{ job.services.keystone.ports[5000] }} - DEX_KEYSTONE_ADMIN_URL: http://localhost:${{ job.services.keystone.ports[35357] }} - DEX_KEYSTONE_ADMIN_USER: demo - DEX_KEYSTONE_ADMIN_PASS: DEMO_PASS - - DEX_KUBERNETES_CONFIG_PATH: ~/.kube/config - - lint: - name: Lint - runs-on: ubuntu-latest - - steps: - - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - - name: Set up Go - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 - with: - go-version: "1.20" - - - name: Download golangci-lint - run: make bin/golangci-lint - - - name: Lint - run: make lint - - artifacts: - name: Artifacts - uses: ./.github/workflows/artifacts.yaml - with: - publish: ${{ github.event_name == 'push' }} - secrets: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - permissions: - contents: read - packages: write - id-token: write - security-events: write - - dependency-review: - name: Dependency review - runs-on: ubuntu-latest - if: github.event_name == 'pull_request' - - steps: - - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - - name: Dependency Review - uses: actions/dependency-review-action@1360a344ccb0ab6e9475edef90ad2f46bf8003b1 # v3.0.6 diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml new file mode 100644 index 0000000000..8cf4db220d --- /dev/null +++ b/.github/workflows/docker-image.yml @@ -0,0 +1,49 @@ +name: Create and publish a Docker image + +# Configures this workflow to run every time a change is pushed to the branch called `release`. +on: + push: + branches: ['release-orange'] + pull_request: + branches: ['release-orange'] + +# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. +jobs: + build-and-push-image: + runs-on: ubuntu-latest + # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job. + permissions: + contents: read + packages: write + # + steps: + - name: Checkout repository + uses: actions/checkout@v3 + # Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. + - name: Log in to the Container registry + uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels. + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages. + # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository. + # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step. + - name: Build and push Docker image + uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} From cdc6c38a3ba12517e1579b014d10088e9503410d Mon Sep 17 00:00:00 2001 From: Fernandez Benjamin Date: Mon, 24 Jul 2023 16:58:27 +0200 Subject: [PATCH 2/8] Update checks.yaml Signed-off-by: Fernandez Benjamin --- .github/workflows/checks.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checks.yaml b/.github/workflows/checks.yaml index 62d61b249b..ec7fe4e3fc 100644 --- a/.github/workflows/checks.yaml +++ b/.github/workflows/checks.yaml @@ -33,8 +33,7 @@ jobs: - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54 # 0.11.2 with: - #input: image - scan-type: 'fs' + image-ref: 'ghcr.io/orange-cloudfoundry/dex:release-orange' format: sarif output: trivy-results.sarif @@ -49,3 +48,4 @@ jobs: uses: github/codeql-action/upload-sarif@f6e388ebf0efc915c6c5b165b019ee61a6746a38 # v2.20.1 with: sarif_file: trivy-results.sarif + category: 'image' From f0c9ed4f0bab2df45cfb772d31916b1e6c9ebb65 Mon Sep 17 00:00:00 2001 From: Fernandez Benjamin Date: Tue, 25 Jul 2023 08:33:56 +0200 Subject: [PATCH 3/8] Update docker-image.yml Signed-off-by: Fernandez Benjamin --- .github/workflows/docker-image.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 8cf4db220d..a274623906 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -4,8 +4,6 @@ name: Create and publish a Docker image on: push: branches: ['release-orange'] - pull_request: - branches: ['release-orange'] # Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. env: From 162c6764f26a40f0590f3bdb87fa2be0ec9123bd Mon Sep 17 00:00:00 2001 From: Fernandez Benjamin Date: Tue, 25 Jul 2023 14:05:16 +0200 Subject: [PATCH 4/8] Update checks.yaml Signed-off-by: Fernandez Benjamin --- .github/workflows/checks.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checks.yaml b/.github/workflows/checks.yaml index ec7fe4e3fc..440c355505 100644 --- a/.github/workflows/checks.yaml +++ b/.github/workflows/checks.yaml @@ -2,9 +2,11 @@ name: Checks on: push: - branches: ['release-orange'] + branches: + - '**' pull_request: - branches: ['release-orange'] + branches: + - '**' jobs: lint: From c369115c4f96122fd06bdbb1b8ff2bddbb389592 Mon Sep 17 00:00:00 2001 From: Fernandez Benjamin Date: Tue, 25 Jul 2023 15:05:20 +0200 Subject: [PATCH 5/8] Update docker-image.yml Signed-off-by: Fernandez Benjamin --- .github/workflows/docker-image.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index a274623906..c2958b15f2 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -43,5 +43,4 @@ jobs: with: context: . push: true - tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From 77c094d296f95130f1f341ba51408e8a1fed652a Mon Sep 17 00:00:00 2001 From: Fernandez Benjamin Date: Tue, 25 Jul 2023 15:05:42 +0200 Subject: [PATCH 6/8] Update docker-image.yml Signed-off-by: Fernandez Benjamin --- .github/workflows/docker-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index c2958b15f2..b36af8f643 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -3,7 +3,7 @@ name: Create and publish a Docker image # Configures this workflow to run every time a change is pushed to the branch called `release`. on: push: - branches: ['release-orange'] + branches: ['release-orange-v2.37.0'] # Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. env: From 77a892a42d3f73aebb7ec24928fa5aeb1ec76eba Mon Sep 17 00:00:00 2001 From: Fernandez Benjamin Date: Wed, 26 Jul 2023 17:21:20 +0200 Subject: [PATCH 7/8] Update docker-image.yml Signed-off-by: Fernandez Benjamin --- .github/workflows/docker-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index b36af8f643..4a3e1815b9 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -3,7 +3,7 @@ name: Create and publish a Docker image # Configures this workflow to run every time a change is pushed to the branch called `release`. on: push: - branches: ['release-orange-v2.37.0'] + branches: ['support/v2.37.0-orange'] # Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. env: From 09968690142a0f23d12a2361218222b6663b188e Mon Sep 17 00:00:00 2001 From: Fernandez Benjamin Date: Thu, 27 Jul 2023 09:08:46 +0200 Subject: [PATCH 8/8] Update docker-image.yml Signed-off-by: Fernandez Benjamin --- .github/workflows/docker-image.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 4a3e1815b9..d9aedb9e10 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -3,7 +3,8 @@ name: Create and publish a Docker image # Configures this workflow to run every time a change is pushed to the branch called `release`. on: push: - branches: ['support/v2.37.0-orange'] + tags: + - "**" # Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds. env: