Build & publish csc images #52
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & publish csc images | |
| on: | |
| release: | |
| types: [published] | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| jobs: | |
| build-and-push-base-images: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - dockerfile: ./docker/novnc/Dockerfile | |
| context: ./docker/novnc/ | |
| image: ghcr.io/sampingram/csc-novnc | |
| name: csc-novnc | |
| - dockerfile: ./docker/code-server-base/Dockerfile | |
| context: ./docker/code-server-base/ | |
| image: ghcr.io/sampingram/csc-code-server-base | |
| name: csc-code-server-base | |
| - dockerfile: ./docker/orthanc-base/Dockerfile | |
| context: ./docker/orthanc-base/ | |
| image: ghcr.io/sampingram/csc-orthanc-base | |
| name: csc-orthanc-base | |
| - dockerfile: ./docker/workstation-base/Dockerfile | |
| context: ./docker/workstation-base/ | |
| image: ghcr.io/sampingram/csc-workstation-base | |
| name: csc-workstation-base | |
| - dockerfile: ./docker/filebrowser/Dockerfile | |
| context: ./docker/filebrowser/ | |
| image: ghcr.io/sampingram/csc-filebrowser | |
| name: csc-filebrowser | |
| - dockerfile: ./docker/streamlit_deploy/Dockerfile | |
| context: ./docker/streamlit_deploy/ | |
| image: ghcr.io/sampingram/csc-streamlit-deploy | |
| name: csc-streamlit-deploy | |
| - dockerfile: ./docker/qatrackplus/Dockerfile | |
| context: ./docker/qatrackplus/ | |
| image: ghcr.io/sampingram/csc-qatrackplus-v3.1.1.3 | |
| buildargs: QAT_VERSION=v3.1.1.3 | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: ${{ matrix.image }} | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GH_TOKEN }} | |
| - name: Build and push Docker images for CSC-Software-Stack | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: ${{ matrix.context }} | |
| file: ${{ matrix.dockerfile }} | |
| sbom: false | |
| provenance: false | |
| build-args: ${{ matrix.buildargs }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| # - name: Generate image SBOM's | |
| # uses: anchore/sbom-action@v0 | |
| # with: | |
| # image: ${{ matrix.image }}:${{ steps.meta.outputs.version }} | |
| # artifact-name: sbom-${{ matrix.name }}.spdx.json | |
| # github-token: ${{ secrets.GH_TOKEN }} | |
| build-and-push-app-images: | |
| needs: build-and-push-base-images | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - dockerfile: ./docker/python-code-server/Dockerfile | |
| context: ./docker/python-code-server/ | |
| image: ghcr.io/sampingram/csc-python-code-server-3.11 | |
| buildargs: PY_VERSION=3.11 | |
| name: csc-python-code-server-3.11 | |
| - dockerfile: ./docker/python-code-server/Dockerfile | |
| context: ./docker/python-code-server/ | |
| image: ghcr.io/sampingram/csc-python-code-server-3.9 | |
| buildargs: PY_VERSION=3.9 | |
| name: csc-python-code-server-3.9 | |
| - dockerfile: ./docker/python-code-server/Dockerfile | |
| context: ./docker/python-code-server/ | |
| image: ghcr.io/sampingram/csc-python-code-server-3.8 | |
| buildargs: PY_VERSION=3.8 | |
| name: csc-python-code-server-3.8 | |
| - dockerfile: ./docker/python-code-server/Dockerfile | |
| context: ./docker/python-code-server/ | |
| image: ghcr.io/sampingram/csc-python-code-server-3.7 | |
| buildargs: PY_VERSION=3.7 | |
| name: csc-python-code-server-3.7 | |
| - dockerfile: ./docker/python-code-server/Dockerfile | |
| context: ./docker/python-code-server/ | |
| image: ghcr.io/sampingram/csc-python-code-server-3.7 | |
| buildargs: PY_VERSION=2.7 | |
| name: csc-python-code-server-2.7 | |
| - dockerfile: ./docker/conda-code-server/Dockerfile | |
| context: ./docker/conda-code-server/ | |
| image: ghcr.io/sampingram/csc-conda-code-server | |
| name: csc-conda-code-server | |
| - dockerfile: ./docker/octave-code-server/Dockerfile | |
| context: ./docker/octave-code-server/ | |
| image: ghcr.io/sampingram/csc-octave-code-server-6.4.0 | |
| buildargs: OCTAVE_VER=6.4.0 | |
| name: csc-octave-code-server-6.4.0 | |
| - dockerfile: ./docker/octave-code-server/Dockerfile | |
| context: ./docker/octave-code-server/ | |
| image: ghcr.io/sampingram/csc-octave-code-server-7.3.0 | |
| buildargs: OCTAVE_VER=7.3.0 | |
| name: csc-octave-code-server-7.3.0 | |
| - dockerfile: ./docker/octave-code-server/Dockerfile | |
| context: ./docker/octave-code-server/ | |
| image: ghcr.io/sampingram/csc-octave-code-server-8.2.0 | |
| buildargs: OCTAVE_VER=8.2.0 | |
| name: csc-octave-code-server-8.2.0 | |
| - dockerfile: ./docker/c-code-server/Dockerfile | |
| context: ./docker/c-code-server/ | |
| image: ghcr.io/sampingram/csc-c-code-server | |
| name: csc-c-code-server | |
| - dockerfile: ./docker/cplusplus-code-server/Dockerfile | |
| context: ./docker/cplusplus-code-server/ | |
| image: ghcr.io/sampingram/csc-cplusplus-code-server | |
| name: csc-cplusplus-code-server | |
| - dockerfile: ./docker/go-code-server/Dockerfile | |
| context: ./docker/go-code-server/ | |
| image: ghcr.io/sampingram/csc-go-code-server | |
| name: csc-go-code-server | |
| - dockerfile: ./docker/rust-code-server/Dockerfile | |
| context: ./docker/rust-code-server/ | |
| image: ghcr.io/sampingram/csc-rust-code-server | |
| name: csc-rust-code-server | |
| - dockerfile: ./docker/r-code-server/Dockerfile | |
| context: ./docker/r-code-server/ | |
| image: ghcr.io/sampingram/csc-r-code-server | |
| name: csc-r-code-server | |
| - dockerfile: ./docker/nodejs-code-server/Dockerfile | |
| context: ./docker/nodejs-code-server/ | |
| image: ghcr.io/sampingram/csc-nodejs-code-server | |
| name: csc-nodejs-code-server | |
| - dockerfile: ./docker/esapi-code-server/Dockerfile | |
| context: ./docker/esapi-code-server/ | |
| image: ghcr.io/sampingram/csc-esapi-code-server | |
| name: csc-esapi-code-server | |
| - dockerfile: ./docker/totalsegmentator/Dockerfile | |
| context: ./docker/totalsegmentator/ | |
| image: ghcr.io/sampingram/csc-totalsegmentator | |
| name: csc-totalsegmentator | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: ${{ matrix.image }} | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GH_TOKEN }} | |
| - name: Build and push Docker images for CSC-Software-Stack | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: ${{ matrix.context }} | |
| file: ${{ matrix.dockerfile }} | |
| sbom: false | |
| provenance: false | |
| build-args: ${{ matrix.buildargs }} | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| # - name: Generate image SBOM's | |
| # uses: anchore/sbom-action@v0 | |
| # with: | |
| # image: ${{ matrix.image }}:${{ steps.meta.outputs.version }} | |
| # artifact-name: sbom-${{ matrix.name }}.spdx.json | |
| # github-token: ${{ secrets.GH_TOKEN }} | |
| # docker-scout: | |
| # needs: build-and-push-app-images | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Docker Scout | |
| # id: docker-scout | |
| # uses: docker/scout-action@v0.22.2 | |
| # with: | |
| # command: cves | |
| # image: ${{ steps.meta.outputs.tags }} # correct? | |
| # to: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:edge | |
| # only-fixed: true | |
| # only-severities: critical,high | |
| # write-comment: true | |
| # ignore-unchanged: true | |
| # only-severities: critical,high | |
| # github-token: ${{ secrets.GH_TOKEN }} # to be able to write the comment |