Building gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/j1m-ryan-dev/nginx-ic/nginx-plus-ingress:r33-alpine-no-subpath by @j1m-ryan #21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build single image | |
| run-name: Building gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/${{ github.actor }}-dev/${{ inputs.prefix }}:${{ inputs.tag }} by @${{ github.actor }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| target: | |
| description: 'Image build make target to call' | |
| required: true | |
| type: string | |
| prefix: | |
| description: 'Image prefix to use in GCR, e.g. nginx-ic/nginx-ingress' | |
| required: true | |
| type: string | |
| tag: | |
| description: 'Image tag to use in GCR, e.g. 3.7.0-SNAPSHOT' | |
| required: true | |
| type: string | |
| branch: | |
| description: 'Branch to checkout for build' | |
| required: false | |
| type: string | |
| default: main | |
| plus_repo: | |
| description: 'Plus repo to install from' | |
| required: true | |
| default: 'pkgs.nginx.com' | |
| type: choice | |
| options: | |
| - pkgs.nginx.com | |
| - pkgs-test.nginx.com | |
| defaults: | |
| run: | |
| shell: bash | |
| permissions: | |
| contents: read | |
| jobs: | |
| build: | |
| permissions: | |
| contents: read # for docker/build-push-action to read repo content | |
| id-token: write # for login to GCP | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 | |
| with: | |
| ref: ${{ inputs.branch }} | |
| fetch-depth: 0 | |
| - name: Output Variables | |
| id: vars | |
| run: | | |
| ./.github/scripts/variables.sh go_code_md5 >> $GITHUB_OUTPUT | |
| cat $GITHUB_OUTPUT | |
| - name: Setup Golang Environment | |
| uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
| with: | |
| go-version-file: go.mod | |
| - name: Authenticate to Google Cloud | |
| id: auth | |
| uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6 | |
| with: | |
| token_format: access_token | |
| workload_identity_provider: ${{ secrets.GCR_WORKLOAD_IDENTITY }} | |
| service_account: ${{ secrets.GCR_SERVICE_ACCOUNT }} | |
| - name: Login to GCR | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| registry: gcr.io | |
| username: oauth2accesstoken | |
| password: ${{ steps.auth.outputs.access_token }} | |
| - name: Setup plus credentials | |
| run: | | |
| printf '%s\n' "${CERT}" > nginx-repo.crt | |
| printf '%s\n' "${KEY}" > nginx-repo.key | |
| if [[ "${{ inputs.target }}" =~ ubi ]]; then | |
| printf '%s\n' "${RHEL}" > rhel_license | |
| fi | |
| env: | |
| CERT: ${{ secrets.NGINX_CRT }} | |
| KEY: ${{ secrets.NGINX_KEY }} | |
| RHEL: ${{ secrets.RHEL_LICENSE }} | |
| if: ${{ contains(inputs.target, 'plus') }} | |
| - name: Fetch Cached Binary Artifacts | |
| id: binary-cache | |
| uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 | |
| with: | |
| path: ${{ github.workspace }}/dist | |
| key: nginx-ingress-${{ steps.vars.outputs.go_code_md5 }} | |
| - name: Build Image | |
| run: | | |
| make ${{ inputs.target }} | |
| env: | |
| REGISTRY: gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/${{ github.actor }}-dev | |
| PREFIX: ${{ inputs.prefix }} | |
| TAG: ${{ inputs.tag }} | |
| PLUS_REPO: ${{ inputs.plus_repo }} | |
| TARGET: goreleaser | |
| - name: Push image | |
| run: | |
| docker push ${REGISTRY}/${PREFIX}:${TAG} | |
| env: | |
| REGISTRY: gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/${{ github.actor }}-dev | |
| PREFIX: ${{ inputs.prefix }} | |
| TAG: ${{ inputs.tag }} |