Skip to content

Commit

Permalink
ci: build and push Docker image based on Chainguard base image (#4005)
Browse files Browse the repository at this point in the history
  • Loading branch information
@v1v
v1v authored May 14, 2024
1 parent 6fcefe1 commit d48b1a9
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 0 deletions.
34 changes: 34 additions & 0 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ jobs:
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
with:
context: .
file: 'Dockerfile'
push: true
tags: ${{ steps.docker-meta.outputs.tags }}
labels: ${{ steps.docker-meta.outputs.labels }}
Expand All @@ -75,6 +76,39 @@ jobs:
subject-digest: ${{ steps.docker-push.outputs.digest }}
push-to-registry: true

- name: Extract metadata (tags, labels) (wolfi)
id: docker-meta-wolfi
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
with:
images: ${{ env.DOCKER_IMAGE_NAME }}
flavor: |
latest=auto
suffix=-wolfi
tags: |
# "1.2.3" and "latest" Docker tags on push of git tag "v1.2.3"
type=semver,pattern={{version}}
# "edge" Docker tag on git push to default branch
type=edge
- name: Build and Push Docker Image (wolfi)
id: docker-push-wolfi
uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
with:
context: .
file: 'Dockerfile.wolfi'
push: true
tags: ${{ steps.docker-meta-wolfi.outputs.tags }}
labels: ${{ steps.docker-meta-wolfi.outputs.labels }}
build-args: |
AGENT_DIR=/build/dist/nodejs
- name: Attest Docker image (wolfi)
uses: github-early-access/generate-build-provenance@main
with:
subject-name: "${{ env.DOCKER_IMAGE_NAME }}"
subject-digest: ${{ steps.docker-push-wolfi.outputs.digest }}
push-to-registry: true

- name: Read AWS vault secrets
uses: hashicorp/vault-action@v3.0.0
with:
Expand Down
3 changes: 3 additions & 0 deletions Dockerfile.wolfi
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
FROM docker.elastic.co/wolfi/chainguard-base@sha256:9f940409f96296ef56140bcc4665c204dd499af4c32c96cc00e792558097c3f1
ARG AGENT_DIR
COPY ${AGENT_DIR} /opt/nodejs

0 comments on commit d48b1a9

Please sign in to comment.