From 44d285786bfd2ac212348a1f2993e2fd0a6f2d1b Mon Sep 17 00:00:00 2001 From: jaredb96 Date: Thu, 29 Aug 2024 13:40:06 -0400 Subject: [PATCH 1/8] WIP: dockerhub push workflow. --- .github/workflows/dockerhub-push.yml | 35 ++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/dockerhub-push.yml diff --git a/.github/workflows/dockerhub-push.yml b/.github/workflows/dockerhub-push.yml new file mode 100644 index 0000000000..6e6ec57c6d --- /dev/null +++ b/.github/workflows/dockerhub-push.yml @@ -0,0 +1,35 @@ +name: HMDA Dockerhub Image Push + +on: + push: + branches: + - master + +jobs: + push-image: + runs-on: ubuntu-latest + + steps: + - name: Check out code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build image of hmda platform only + run: | + sbt "project hmda-platform" dockerPublishLocalSkipTests + continue-on-error: true + + - name: Tag docker image + run: docker tag $(docker images --filter=reference="hmda/hmda-platform:latest" --format "{{.ID}}") hmda-cve/hmda-platform:pr-cve-scan + + - name: Check image for CVEs + uses: docker/scout-action@v1 + with: + command: cves + image: hmda-cve/hmda-platform:pr-cve-scan + + - name: Remove docker image + run: | + docker rmi hmda-cve/hmda-platform:pr-cve-scan \ No newline at end of file From 364c6d2c36ef6e443a56f88e61ec227bbb417b4e Mon Sep 17 00:00:00 2001 From: jaredb96 Date: Fri, 30 Aug 2024 09:17:54 -0400 Subject: [PATCH 2/8] WIP: dockerhub push workflow. --- .github/workflows/dockerhub-push.yml | 35 +++++++++++++++++----------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/.github/workflows/dockerhub-push.yml b/.github/workflows/dockerhub-push.yml index 6e6ec57c6d..d823fe4aaf 100644 --- a/.github/workflows/dockerhub-push.yml +++ b/.github/workflows/dockerhub-push.yml @@ -1,4 +1,4 @@ -name: HMDA Dockerhub Image Push +name: Publish Docker image on: push: @@ -6,30 +6,37 @@ on: - master jobs: - push-image: + push_to_registry: + name: Push Docker image to Docker Hub runs-on: ubuntu-latest - + permissions: + packages: write + contents: read + attestations: write + id-token: write steps: - - name: Check out code + - name: Check out the repo uses: actions/checkout@v4 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + - name: Log in to Docker Hub + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} - name: Build image of hmda platform only run: | - sbt "project hmda-platform" dockerPublishLocalSkipTests + sbt "project hmda-platform" dockerPublishLocalSkipTests continue-on-error: true - - name: Tag docker image - run: docker tag $(docker images --filter=reference="hmda/hmda-platform:latest" --format "{{.ID}}") hmda-cve/hmda-platform:pr-cve-scan + - name: Tag Docker image + run: docker tag $(docker images --filter=reference="hmda/hmda-platform:latest" --format "{{.ID}}") kjaredb96/hmda-platform:latest + + - name: Push image to Docker Hub + run: docker push kjaredb96/hmda-platform:latest - name: Check image for CVEs uses: docker/scout-action@v1 with: command: cves - image: hmda-cve/hmda-platform:pr-cve-scan - - - name: Remove docker image - run: | - docker rmi hmda-cve/hmda-platform:pr-cve-scan \ No newline at end of file + image: kjaredb96/hmda-platform:latest \ No newline at end of file From 622ddf474ee8262fbc2f199d891643921d9cfb7c Mon Sep 17 00:00:00 2001 From: jaredb96 Date: Fri, 30 Aug 2024 09:19:04 -0400 Subject: [PATCH 3/8] WIP: dockerhub push workflow. --- .github/workflows/dockerhub-push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dockerhub-push.yml b/.github/workflows/dockerhub-push.yml index d823fe4aaf..e0e8d50004 100644 --- a/.github/workflows/dockerhub-push.yml +++ b/.github/workflows/dockerhub-push.yml @@ -1,7 +1,7 @@ name: Publish Docker image on: - push: + pull_request: branches: - master From 18710523d8edcc8a8abf8b1a9486d49495501ff7 Mon Sep 17 00:00:00 2001 From: jaredb96 Date: Fri, 30 Aug 2024 09:36:43 -0400 Subject: [PATCH 4/8] WIP: dockerhub push workflow. --- .github/workflows/dockerhub-push.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/dockerhub-push.yml b/.github/workflows/dockerhub-push.yml index e0e8d50004..96141c97f9 100644 --- a/.github/workflows/dockerhub-push.yml +++ b/.github/workflows/dockerhub-push.yml @@ -1,4 +1,4 @@ -name: Publish Docker image +name: HMDA Docker Hub Image Push on: pull_request: @@ -24,19 +24,19 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Build image of hmda platform only + - name: Build image of HMDA Platform only run: | sbt "project hmda-platform" dockerPublishLocalSkipTests continue-on-error: true - name: Tag Docker image - run: docker tag $(docker images --filter=reference="hmda/hmda-platform:latest" --format "{{.ID}}") kjaredb96/hmda-platform:latest + run: docker tag $(docker images --filter=reference="hmda/hmda-platform:latest" --format "{{.ID}}") ${{ secrets.DOCKERHUB_USERNAME }}/hmda:latest - name: Push image to Docker Hub - run: docker push kjaredb96/hmda-platform:latest + run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/hmda:latest - name: Check image for CVEs uses: docker/scout-action@v1 with: command: cves - image: kjaredb96/hmda-platform:latest \ No newline at end of file + image: ${{ secrets.DOCKERHUB_USERNAME }}/hmda:latest \ No newline at end of file From 1eb10ecde60ae1ad305eebb353bd44510b26caaf Mon Sep 17 00:00:00 2001 From: jaredb96 Date: Fri, 30 Aug 2024 09:44:37 -0400 Subject: [PATCH 5/8] WIP: dockerhub push workflow. --- .github/workflows/dockerhub-push.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/dockerhub-push.yml b/.github/workflows/dockerhub-push.yml index 96141c97f9..402bd149c6 100644 --- a/.github/workflows/dockerhub-push.yml +++ b/.github/workflows/dockerhub-push.yml @@ -9,11 +9,7 @@ jobs: push_to_registry: name: Push Docker image to Docker Hub runs-on: ubuntu-latest - permissions: - packages: write - contents: read - attestations: write - id-token: write + permissions: write-all steps: - name: Check out the repo uses: actions/checkout@v4 From ffe59b0557be7bc15f7ba011bf2050794097fb0d Mon Sep 17 00:00:00 2001 From: jaredb96 Date: Fri, 30 Aug 2024 09:52:15 -0400 Subject: [PATCH 6/8] WIP: dockerhub push workflow. --- .github/workflows/dockerhub-push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dockerhub-push.yml b/.github/workflows/dockerhub-push.yml index 402bd149c6..162832784b 100644 --- a/.github/workflows/dockerhub-push.yml +++ b/.github/workflows/dockerhub-push.yml @@ -1,7 +1,7 @@ name: HMDA Docker Hub Image Push on: - pull_request: + push: branches: - master From c04d34be102aa748c756e2d4f310f5ea591c73ba Mon Sep 17 00:00:00 2001 From: jaredb96 Date: Fri, 30 Aug 2024 09:53:19 -0400 Subject: [PATCH 7/8] WIP: dockerhub push workflow. --- .github/workflows/dockerhub-push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dockerhub-push.yml b/.github/workflows/dockerhub-push.yml index 162832784b..b468e3ef08 100644 --- a/.github/workflows/dockerhub-push.yml +++ b/.github/workflows/dockerhub-push.yml @@ -6,7 +6,7 @@ on: - master jobs: - push_to_registry: + push_to_dockerhub: name: Push Docker image to Docker Hub runs-on: ubuntu-latest permissions: write-all From 2a27fd099b2df8ec0b184f63f47b77776d0933f5 Mon Sep 17 00:00:00 2001 From: jaredb96 Date: Thu, 10 Oct 2024 13:54:01 -0400 Subject: [PATCH 8/8] Run unit tests in dockerhub push. --- .github/workflows/dockerhub-push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dockerhub-push.yml b/.github/workflows/dockerhub-push.yml index b468e3ef08..21aae58d42 100644 --- a/.github/workflows/dockerhub-push.yml +++ b/.github/workflows/dockerhub-push.yml @@ -22,7 +22,7 @@ jobs: - name: Build image of HMDA Platform only run: | - sbt "project hmda-platform" dockerPublishLocalSkipTests + sbt -batch clean hmda-platform/docker:publishLocal continue-on-error: true - name: Tag Docker image