Skip to content

add context flag to backend and konnector (#480) #140

add context flag to backend and konnector (#480)

add context flag to backend and konnector (#480) #140

Workflow file for this run

name: image
on:
push:
tags:
- 'v*'
branches:
- main
permissions:
contents: read
packages: write
id-token: write
jobs:
image:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: v1.25.4
check-latest: true
# We need this to remove local tags that are not semver so goreleaser doesn't get confused.
- name: Delete non-semver tags
run: 'git tag -d $(git tag -l | grep -v "^v")'
# Set up Docker Buildx for multi-platform builds
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# If you notice signing errors, you may need to update the cosign version.
- uses: sigstore/cosign-installer@v3.7.0
- name: Install Helm
uses: azure/setup-helm@v3
with:
version: 'v3.12.0'
- name: Set LDFLAGS
run: echo LDFLAGS="$(make ldflags)" | tee -a >> $GITHUB_ENV
# Login to GitHub Container Registry (used by both ko and Docker)
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Build and push konnector image using Dockerfile.konnector
- name: Build and push konnector image
uses: docker/build-push-action@v6
id: build-konnector
with:
context: .
file: ./Dockerfile.konnector
platforms: linux/amd64,linux/arm64
push: true
tags: |
ghcr.io/${{ github.repository_owner }}/konnector:latest
ghcr.io/${{ github.repository_owner }}/konnector:${{ github.sha }}
ghcr.io/${{ github.repository_owner }}/konnector:0.0.0-${{ github.sha }}
ghcr.io/${{ github.repository_owner }}/konnector:${{ github.ref_name }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
LDFLAGS=${{ env.LDFLAGS }}
labels: |
org.opencontainers.image.title=Kube Bind Konnector
org.opencontainers.image.description=Kube Bind konnector component
org.opencontainers.image.source=https://github.com/${{ github.repository }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.version=${{ github.ref_name }}
# Sign the konnector image
- name: Sign konnector image
env:
COSIGN_EXPERIMENTAL: 'true'
run: |
img="ghcr.io/${{ github.repository_owner }}/konnector@${{ steps.build-konnector.outputs.digest }}"
echo "signing ${img}"
cosign sign ${img} \
--yes \
-a sha=${{ github.sha }} \
-a ref=${{ github.ref }} \
-a run_id=${{ github.run_id }} \
-a run_attempt=${{ github.run_attempt }}
# Build and push backend image using Dockerfile (includes frontend)
- name: Build and push backend image
uses: docker/build-push-action@v6
id: build
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64
push: true
tags: |
ghcr.io/${{ github.repository_owner }}/backend:latest
ghcr.io/${{ github.repository_owner }}/backend:${{ github.sha }}
ghcr.io/${{ github.repository_owner }}/backend:0.0.0-${{ github.sha }}
ghcr.io/${{ github.repository_owner }}/backend:${{ github.ref_name }}
cache-from: type=gha
cache-to: type=gha,mode=max
build-args: |
LDFLAGS=${{ env.LDFLAGS }}
labels: |
org.opencontainers.image.title=Kube Bind Backend
org.opencontainers.image.description=Kube Bind backend with integrated Vue.js frontend
org.opencontainers.image.source=https://github.com/${{ github.repository }}
org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.version=${{ github.ref_name }}
# Sign the backend image
- name: Sign backend image
env:
COSIGN_EXPERIMENTAL: 'true'
run: |
img="ghcr.io/${{ github.repository_owner }}/backend@${{ steps.build.outputs.digest }}"
echo "signing ${img}"
cosign sign ${img} \
--yes \
-a sha=${{ github.sha }} \
-a ref=${{ github.ref }} \
-a run_id=${{ github.run_id }} \
-a run_attempt=${{ github.run_attempt }}
- name: Package and push Helm charts as OCI
env:
HELM_EXPERIMENTAL_OCI: 1
run: |
# Login to GitHub Container Registry for Helm
echo "${{ github.token }}" | helm registry login ghcr.io --username ${{ github.actor }} --password-stdin
# Set chart version - use tag name if available, otherwise use semver format
if [[ "${{ github.ref_type }}" == "tag" ]]; then
CHART_VERSION="${{ github.ref_name }}"
# Remove 'v' prefix if present
CHART_VERSION="${CHART_VERSION#v}"
else
CHART_VERSION="0.0.0-${{ github.sha }}"
fi
# Package and push each chart in deploy/charts/
for chart_dir in deploy/charts/*/; do
if [ -f "${chart_dir}Chart.yaml" ]; then
chart_name=$(basename "$chart_dir")
echo "Processing chart: $chart_name"
# Update chart version and appVersion in Chart.yaml
sed -i "s/^version:.*/version: ${CHART_VERSION}/" "${chart_dir}Chart.yaml"
sed -i "s/^appVersion:.*/appVersion: ${CHART_VERSION}/" "${chart_dir}Chart.yaml"
# Package the chart
helm package "$chart_dir" --version "${CHART_VERSION}"
# Push to GitHub Container Registry
helm push "${chart_name}-${CHART_VERSION}.tgz" "oci://ghcr.io/${{ github.repository_owner }}/charts"
echo "Helm chart pushed to oci://ghcr.io/${{ github.repository_owner }}/charts/${chart_name}:${CHART_VERSION}"
fi
done
- uses: actions/delete-package-versions@v3
with:
package-name: '${{ github.event.repository.name }}'
min-versions-to-keep: 10
delete-only-pre-release-versions: "true"