Build ompzowe/zowe-launch-scripts #232
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build ompzowe/zowe-launch-scripts | |
on: | |
# push: | |
# pull_request: | |
workflow_dispatch: | |
inputs: | |
release: | |
description: 'Set to "true" if we want to release the images' | |
required: false | |
default: '' | |
env: | |
IMAGE_BASE_DIR: containers/zowe-launch-scripts | |
jobs: | |
build-ubuntu-amd64: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: jfrog/setup-jfrog-cli@v2 | |
env: | |
JF_ENV_1: ${{ secrets.JF_ARTIFACTORY_TOKEN }} | |
- uses: zowe-actions/shared-actions/prepare-workflow@main | |
- uses: zowe-actions/shared-actions/docker-prepare@main | |
with: | |
registry-user: ${{ secrets.ARTIFACTORY_X_USERNAME }} | |
registry-password: ${{ secrets.ARTIFACTORY_X_PASSWORD }} | |
release: ${{ github.event.inputs.release }} | |
base-directory: ${{ env.IMAGE_BASE_DIR }} | |
linux-distro: ubuntu | |
cpu-arch: amd64 | |
- uses: zowe-actions/shared-actions/docker-build-local@main | |
with: | |
build-arg-list: ZOWE_BASE_IMAGE=latest-ubuntu | |
timeout-minutes: 5 | |
- name: Run Snyk to check Docker image for vulnerabilities | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
continue-on-error: true | |
uses: snyk/actions/docker@master | |
with: | |
image: ${{ env.IMAGE_NAME_FULL_REMOTE }} | |
args: --file=${{ env.IMAGE_DIRECTORY }}/Dockerfile | |
command: test | |
- name: Upload result to GitHub Code Scanning | |
uses: github/codeql-action/upload-sarif@v1 | |
if: hashFiles('snyk.sarif') != '' | |
with: | |
sarif_file: snyk.sarif | |
build-ubuntu-s390x: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: jfrog/setup-jfrog-cli@v2 | |
env: | |
JF_ENV_1: ${{ secrets.JF_ARTIFACTORY_TOKEN }} | |
- uses: zowe-actions/shared-actions/prepare-workflow@main | |
- uses: zowe-actions/shared-actions/docker-prepare@main | |
with: | |
registry-user: ${{ secrets.ARTIFACTORY_X_USERNAME }} | |
registry-password: ${{ secrets.ARTIFACTORY_X_PASSWORD }} | |
release: ${{ github.event.inputs.release }} | |
base-directory: ${{ env.IMAGE_BASE_DIR }} | |
linux-distro: ubuntu | |
cpu-arch: s390x | |
- uses: zowe-actions/shared-actions/docker-build-zlinux@main | |
with: | |
zlinux-host: ${{ secrets.ZLINUX_HOST }} | |
zlinux-ssh-user: ${{ secrets.ZLINUX_SSH_USER }} | |
zlinux-ssh-key: ${{ secrets.ZLINUX_SSH_KEY }} | |
zlinux-ssh-passphrase: ${{ secrets.ZLINUX_SSH_PASSPHRASE }} | |
build-arg-list: ZOWE_BASE_IMAGE=latest-ubuntu | |
timeout-minutes: 10 | |
- name: Run Snyk to check Docker image for vulnerabilities | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
continue-on-error: true | |
uses: snyk/actions/docker@master | |
with: | |
image: ${{ env.IMAGE_NAME_FULL_REMOTE }} | |
args: --file=${{ env.IMAGE_DIRECTORY }}/Dockerfile | |
command: test | |
- name: Upload result to GitHub Code Scanning | |
uses: github/codeql-action/upload-sarif@v1 | |
if: hashFiles('snyk.sarif') != '' | |
with: | |
sarif_file: snyk.sarif | |
define-ubuntu-manifest: | |
needs: | |
- build-ubuntu-amd64 | |
- build-ubuntu-s390x | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: jfrog/setup-jfrog-cli@v2 | |
env: | |
JF_ENV_1: ${{ secrets.JF_ARTIFACTORY_TOKEN }} | |
- uses: zowe-actions/shared-actions/prepare-workflow@main | |
- uses: zowe-actions/shared-actions/docker-prepare@main | |
with: | |
registry-user: ${{ secrets.ARTIFACTORY_X_USERNAME }} | |
registry-password: ${{ secrets.ARTIFACTORY_X_PASSWORD }} | |
release: ${{ github.event.inputs.release }} | |
base-directory: ${{ env.IMAGE_BASE_DIR }} | |
linux-distro: ubuntu | |
- uses: zowe-actions/shared-actions/docker-manifest@main | |
with: | |
linux-distro: ubuntu | |
cpu-arch-list: "amd64 s390x" | |
timeout-minutes: 2 | |
build-ubi-amd64: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: jfrog/setup-jfrog-cli@v2 | |
env: | |
JF_ENV_1: ${{ secrets.JF_ARTIFACTORY_TOKEN }} | |
- uses: zowe-actions/shared-actions/prepare-workflow@main | |
- uses: zowe-actions/shared-actions/docker-prepare@main | |
with: | |
registry-user: ${{ secrets.ARTIFACTORY_X_USERNAME }} | |
registry-password: ${{ secrets.ARTIFACTORY_X_PASSWORD }} | |
release: ${{ github.event.inputs.release }} | |
base-directory: ${{ env.IMAGE_BASE_DIR }} | |
linux-distro: ubi | |
cpu-arch: amd64 | |
redhat-registry: ${{ env.DEFAULT_REDHAT_DOCKER_REGISTRY }} | |
redhat-registry-user: ${{ secrets.REDHAT_DEVELOPER_USER }} | |
redhat-registry-password: ${{ secrets.REDHAT_DEVELOPER_PASSWORD }} | |
- uses: zowe-actions/shared-actions/docker-build-local@main | |
with: | |
build-arg-list: ZOWE_BASE_IMAGE=latest-ubi | |
timeout-minutes: 5 | |
- name: Run Snyk to check Docker image for vulnerabilities | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
continue-on-error: true | |
uses: snyk/actions/docker@master | |
with: | |
image: ${{ env.IMAGE_NAME_FULL_REMOTE }} | |
args: --file=${{ env.IMAGE_DIRECTORY }}/Dockerfile | |
command: test | |
- name: Upload result to GitHub Code Scanning | |
uses: github/codeql-action/upload-sarif@v1 | |
if: hashFiles('snyk.sarif') != '' | |
with: | |
sarif_file: snyk.sarif | |
build-ubi-s390x: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: jfrog/setup-jfrog-cli@v2 | |
env: | |
JF_ENV_1: ${{ secrets.JF_ARTIFACTORY_TOKEN }} | |
- uses: zowe-actions/shared-actions/prepare-workflow@main | |
- uses: zowe-actions/shared-actions/docker-prepare@main | |
with: | |
registry-user: ${{ secrets.ARTIFACTORY_X_USERNAME }} | |
registry-password: ${{ secrets.ARTIFACTORY_X_PASSWORD }} | |
release: ${{ github.event.inputs.release }} | |
base-directory: ${{ env.IMAGE_BASE_DIR }} | |
linux-distro: ubi | |
cpu-arch: s390x | |
- uses: zowe-actions/shared-actions/docker-build-zlinux@main | |
with: | |
zlinux-host: ${{ secrets.ZLINUX_HOST }} | |
zlinux-ssh-user: ${{ secrets.ZLINUX_SSH_USER }} | |
zlinux-ssh-key: ${{ secrets.ZLINUX_SSH_KEY }} | |
zlinux-ssh-passphrase: ${{ secrets.ZLINUX_SSH_PASSPHRASE }} | |
redhat-registry: ${{ env.DEFAULT_REDHAT_DOCKER_REGISTRY }} | |
redhat-registry-user: ${{ secrets.REDHAT_DEVELOPER_USER }} | |
redhat-registry-password: ${{ secrets.REDHAT_DEVELOPER_PASSWORD }} | |
build-arg-list: ZOWE_BASE_IMAGE=latest-ubi | |
timeout-minutes: 10 | |
- name: Run Snyk to check Docker image for vulnerabilities | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
continue-on-error: true | |
uses: snyk/actions/docker@master | |
with: | |
image: ${{ env.IMAGE_NAME_FULL_REMOTE }} | |
args: --file=${{ env.IMAGE_DIRECTORY }}/Dockerfile | |
command: test | |
- name: Upload result to GitHub Code Scanning | |
uses: github/codeql-action/upload-sarif@v1 | |
if: hashFiles('snyk.sarif') != '' | |
with: | |
sarif_file: snyk.sarif | |
define-ubi-manifest: | |
needs: | |
- build-ubi-amd64 | |
- build-ubi-s390x | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: jfrog/setup-jfrog-cli@v2 | |
env: | |
JF_ENV_1: ${{ secrets.JF_ARTIFACTORY_TOKEN }} | |
- uses: zowe-actions/shared-actions/prepare-workflow@main | |
- uses: zowe-actions/shared-actions/docker-prepare@main | |
with: | |
registry-user: ${{ secrets.ARTIFACTORY_X_USERNAME }} | |
registry-password: ${{ secrets.ARTIFACTORY_X_PASSWORD }} | |
release: ${{ github.event.inputs.release }} | |
base-directory: ${{ env.IMAGE_BASE_DIR }} | |
linux-distro: ubi | |
- uses: zowe-actions/shared-actions/docker-manifest@main | |
with: | |
linux-distro: ubi | |
cpu-arch-list: "amd64 s390x" | |
timeout-minutes: 2 |