diff --git a/.github/workflows/pull-build-image.yaml b/.github/workflows/pull-build-image.yaml new file mode 100644 index 00000000..5a81d0b5 --- /dev/null +++ b/.github/workflows/pull-build-image.yaml @@ -0,0 +1,18 @@ +name: Pull Build Image + +on: + pull_request_target: + types: [opened, edited, synchronize, reopened, ready_for_review] + +permissions: + id-token: write # This is required for requesting the JWT token + contents: read # This is required for actions/checkout + +jobs: + build: + uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main + with: + name: eventing-manager + dockerfile: Dockerfile + context: . + export-tags: true diff --git a/.github/workflows/push-build-image.yaml b/.github/workflows/push-build-image.yaml new file mode 100644 index 00000000..1d718e30 --- /dev/null +++ b/.github/workflows/push-build-image.yaml @@ -0,0 +1,39 @@ +name: Push Build Image + +on: + push: + branches: + - "main" + - "release-*" + paths-ignore: + - "docs/**" + +permissions: + id-token: write # This is required for requesting the JWT token + contents: read # This is required for actions/checkout + +jobs: + compute-tags: + runs-on: ubuntu-latest + outputs: + tags: ${{ steps.get_tag.outputs.TAGS }} + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Get the latest tag + id: get_tag + run: | + { + echo 'TAGS<> "$GITHUB_OUTPUT" + build: + needs: compute-tags + uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main + with: + name: eventing-manager + dockerfile: Dockerfile + context: . + tags: ${{ needs.compute-tags.outputs.tags }} diff --git a/.github/workflows/tag-build-image.yaml b/.github/workflows/tag-build-image.yaml new file mode 100644 index 00000000..fbc224f0 --- /dev/null +++ b/.github/workflows/tag-build-image.yaml @@ -0,0 +1,37 @@ +name: Tag Build Image + +on: + push: + tags: + - '[0-9]+.[0-9]+.[0-9]+' # This will trigger the workflow when a tag (x.y.z) is pushed. + +permissions: + id-token: write # This is required for requesting the JWT token + contents: read # This is required for actions/checkout + +jobs: + compute-tags: + runs-on: ubuntu-latest + outputs: + tags: ${{ steps.get_tag.outputs.TAGS }} + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Get the latest tag + id: get_tag + run: | + { + echo 'TAGS<> "$GITHUB_OUTPUT" + build: + name: build-${{ github.ref_name }} # The release pipeline will check the status of this job by this name format (e.g. build-1.0.1). + needs: compute-tags + uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main + with: + name: eventing-manager + dockerfile: Dockerfile + context: . + tags: ${{ needs.compute-tags.outputs.tags }} diff --git a/Dockerfile b/Dockerfile index 60fd017e..eca5ed28 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM europe-docker.pkg.dev/kyma-project/prod/external/library/golang:1.23.0-alpi ARG TARGETOS ARG TARGETARCH -WORKDIR /workspace +WORKDIR /app # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum @@ -32,7 +32,7 @@ FROM gcr.io/distroless/static:nonroot LABEL source = git@github.com:kyma-project/eventing-manager.git WORKDIR / -COPY --from=builder /workspace/manager . +COPY --from=builder /app/manager . USER nonroot:nonroot ENTRYPOINT ["/manager"]