ci: build arm64 image natively without QEMU #1149
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI @ AxoSyslog image | |
on: | |
pull_request: | |
push: | |
jobs: | |
tarball: | |
runs-on: ubuntu-latest | |
outputs: | |
snapshot-version: ${{ steps.snapshot-version.outputs.SNAPSHOT_VERSION }} | |
steps: | |
- name: Checkout AxoSyslog source | |
uses: actions/checkout@v4 | |
- name: Prepare docker image | |
run: ./dbld/rules cache-image-tarball | |
- name: Create source tarball | |
run: ./dbld/rules pkg-tarball | |
- name: Determine snapshot version | |
id: snapshot-version | |
run: | | |
tarball_filename="$(find dbld/build -name '*.tar.*' -printf '%f\n')" | |
tarball_name="${tarball_filename/\.tar.*}" | |
tarball_version="${tarball_name/axosyslog-}" | |
pkg_version="$(echo $tarball_version | sed -E 's|(([0-9]+\.){2}[0-9]+).*|\1|')_git$(date +%Y%m%d)" | |
echo "SNAPSHOT_VERSION=${pkg_version}" >> $GITHUB_OUTPUT | |
- name: Store source tarball as artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: source-tarball | |
path: dbld/build/*.tar.gz | |
build-and-test: | |
runs-on: ubuntu-latest | |
needs: tarball | |
steps: | |
- name: Checkout AxoSyslog source | |
uses: actions/checkout@v4 | |
- name: Download source tarball artifact | |
uses: actions/download-artifact@v4 | |
with: | |
name: source-tarball | |
path: docker/apkbuild/axoflow/axosyslog | |
- name: Build Docker image | |
uses: docker/build-push-action@v5 | |
with: | |
context: docker | |
file: docker/alpine.dockerfile | |
load: true | |
tags: axosyslog:test | |
build-args: | | |
PKG_TYPE=snapshot | |
SNAPSHOT_VERSION=${{ needs.tarball.outputs.snapshot-version }} | |
- name: Smoke test | |
run: | | |
export SYSLOG_NG_IMAGE="axosyslog:test" | |
export SYSLOG_NG_VERSION="${{ needs.tarball.outputs.snapshot-version }}" | |
docker/tests/smoke.sh | |
- name: Scan docker image on CVEs | |
uses: aquasecurity/trivy-action@master | |
with: | |
image-ref: 'axosyslog:test' | |
format: 'table' | |
exit-code: '1' | |
severity: 'CRITICAL,HIGH,MEDIUM,LOW' | |
env: | |
TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2 | |
TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:1 |