Merge pull request #63 from syself/lr/improve-readme #45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Syself Hetzner CCM Image | |
| # yamllint disable rule:line-length | |
| on: # yamllint disable-line rule:truthy | |
| push: | |
| branches: | |
| - main | |
| env: | |
| IMAGE_NAME: hetzner-cloud-controller-manager-staging | |
| REGISTRY: ghcr.io/syself | |
| metadata_flavor: latest=true | |
| metadata_tags: type=sha,prefix=sha-,format=short | |
| permissions: | |
| contents: read | |
| packages: write | |
| # Required to generate OIDC tokens for `sigstore/cosign-installer` authentication | |
| id-token: write | |
| jobs: | |
| manager-image: | |
| name: Build and push manager image | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install go | |
| uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version-file: "go.mod" | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 | |
| - name: Generate metadata | |
| id: meta | |
| uses: ./.github/actions/metadata | |
| with: | |
| metadata_flavor: ${{ env.metadata_flavor }} | |
| metadata_tags: ${{ env.metadata_tags }} | |
| - name: Login to ghcr.io for CI | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Install Cosign | |
| uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 | |
| - name: Setup Env | |
| run: | | |
| DOCKER_BUILD_LDFLAGS="$(hack/version.sh)" | |
| echo 'DOCKER_BUILD_LDFLAGS<<EOF' >> $GITHUB_ENV | |
| echo $DOCKER_BUILD_LDFLAGS >> $GITHUB_ENV | |
| echo 'EOF' >> $GITHUB_ENV | |
| - name: Build and push manager image | |
| uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 | |
| id: docker_build_release | |
| with: | |
| provenance: false | |
| context: . | |
| file: ./images/hetzner-cloud-controller-manager/Dockerfile | |
| push: true | |
| build-args: | | |
| LDFLAGS=${{ env.DOCKER_BUILD_LDFLAGS }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| platforms: linux/amd64,linux/arm64 | |
| - name: Sign Container Images | |
| env: | |
| COSIGN_EXPERIMENTAL: "true" | |
| run: | | |
| cosign sign --yes ghcr.io/syself/hetzner-cloud-controller-manager-staging@${{ steps.docker_build_release.outputs.digest }} | |
| - name: Image Releases digests | |
| shell: bash | |
| run: | | |
| mkdir -p image-digest/ | |
| echo "ghcr.io/syself/hetzner-cloud-controller-manager-staging:{{ steps.meta.outputs.tags }}@${{ steps.docker_build_release.outputs.digest }}" >> image-digest/hetzner-cloud-controller-manager.txt | |
| # Upload artifact digests | |
| - name: Upload artifact digests | |
| uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 | |
| with: | |
| name: image-digest hetzner-cloud-controller-manager | |
| path: image-digest | |
| retention-days: 90 | |
| - name: Image Digests Output | |
| shell: bash | |
| run: | | |
| cd image-digest/ | |
| find -type f | sort | xargs -d '\n' cat |