From 48a82df870ff7b8402242fa855d99211f8fe049d Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Mon, 29 Nov 2021 19:47:02 -0600 Subject: [PATCH 01/12] fix: Change Dockerfiles to use new jdk image --- Dockerfile | 54 +++++++++++++++++++++++++++++++++-------------- Dockerfile-ffmpeg | 54 +++++++++++++++++++++++++++++++++-------------- 2 files changed, 76 insertions(+), 32 deletions(-) diff --git a/Dockerfile b/Dockerfile index 89c6486..733cc9e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,25 +1,47 @@ -FROM adoptopenjdk:11.0.11_9-jdk-hotspot-focal +FROM eclipse-temurin:11.0.13_8-jdk-focal # explicitly set user/group IDs RUN groupadd -r wildfly --gid=1023 && useradd -r -g wildfly --uid=1023 -d /opt/wildfly wildfly +RUN apt-get update \ + && apt-get install -y gnupg netcat-openbsd unzip \ + && rm -rf /var/lib/apt/lists/* + # grab gosu for easy step-down from root ENV GOSU_VERSION 1.13 -RUN arch="$(dpkg --print-architecture)" \ - && set -x \ - && apt-get update \ - && apt-get install -y gnupg netcat-openbsd unzip \ - && rm -rf /var/lib/apt/lists/* \ - && curl -o /usr/local/bin/gosu -fSL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$arch" \ - && curl -o /usr/local/bin/gosu.asc -fSL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$arch.asc" \ - && export GNUPGHOME="$(mktemp -d)" \ - && gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ - && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ - && gpgconf --kill all \ - && rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc \ - && chmod +x /usr/local/bin/gosu \ - && gosu --version \ - && gosu nobody true +RUN set -eux; \ + # save list of currently installed packages for later so we can clean up + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends ca-certificates wget; \ + if ! command -v gpg; then \ + apt-get install -y --no-install-recommends gnupg2 dirmngr; \ + elif gpg --version | grep -q '^gpg (GnuPG) 1\.'; then \ + # "This package provides support for HKPS keyservers." (GnuPG 1.x only) + apt-get install -y --no-install-recommends gnupg-curl; \ + fi; \ + rm -rf /var/lib/apt/lists/*; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + \ + # verify the signature + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ + # clean up fetch dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + \ + chmod +x /usr/local/bin/gosu; \ + # verify that the binary works + gosu --version; \ + gosu nobody true ENV WILDFLY_VERSION=24.0.1.Final \ KEYCLOAK_VERSION=15.0.2 \ diff --git a/Dockerfile-ffmpeg b/Dockerfile-ffmpeg index 5e004bf..d3b1e68 100644 --- a/Dockerfile-ffmpeg +++ b/Dockerfile-ffmpeg @@ -1,25 +1,47 @@ -FROM adoptopenjdk:11.0.11_9-jdk-hotspot-focal +FROM eclipse-temurin:11.0.13_8-jdk-focal # explicitly set user/group IDs RUN groupadd -r wildfly --gid=1023 && useradd -r -g wildfly --uid=1023 -d /opt/wildfly wildfly +RUN apt-get update \ + && apt-get install -y gnupg netcat-openbsd unzip ffmpeg \ + && rm -rf /var/lib/apt/lists/* + # grab gosu for easy step-down from root ENV GOSU_VERSION 1.13 -RUN arch="$(dpkg --print-architecture)" \ - && set -x \ - && apt-get update \ - && apt-get install -y gnupg netcat-openbsd unzip ffmpeg \ - && rm -rf /var/lib/apt/lists/* \ - && curl -o /usr/local/bin/gosu -fSL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$arch" \ - && curl -o /usr/local/bin/gosu.asc -fSL "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$arch.asc" \ - && export GNUPGHOME="$(mktemp -d)" \ - && gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ - && gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ - && gpgconf --kill all \ - && rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc \ - && chmod +x /usr/local/bin/gosu \ - && gosu --version \ - && gosu nobody true +RUN set -eux; \ + # save list of currently installed packages for later so we can clean up + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends ca-certificates wget; \ + if ! command -v gpg; then \ + apt-get install -y --no-install-recommends gnupg2 dirmngr; \ + elif gpg --version | grep -q '^gpg (GnuPG) 1\.'; then \ + # "This package provides support for HKPS keyservers." (GnuPG 1.x only) + apt-get install -y --no-install-recommends gnupg-curl; \ + fi; \ + rm -rf /var/lib/apt/lists/*; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + \ + # verify the signature + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ + # clean up fetch dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + \ + chmod +x /usr/local/bin/gosu; \ + # verify that the binary works + gosu --version; \ + gosu nobody true ENV WILDFLY_VERSION=24.0.1.Final \ KEYCLOAK_VERSION=15.0.2 \ From d2c4d74de2d3fe9eba0713ed0d66f178740079c7 Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Mon, 29 Nov 2021 19:47:29 -0600 Subject: [PATCH 02/12] feat: Add cicd workflow for github actions --- .github/workflows/cicd.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/workflows/cicd.yml diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml new file mode 100644 index 0000000..8093501 --- /dev/null +++ b/.github/workflows/cicd.yml @@ -0,0 +1,24 @@ +name: cicd + +on: + push: + branches: [master] + +jobs: + buildx: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + with: + install: true + - name: Available platforms + run: echo ${{ steps.buildx.outputs.platforms }} + - name: Build + run: | + docker build --platform linux/amd64,linux/arm64,linux/arm/v7 -t thetonio96/wildfly:ffmpeg-23.0.2-11.0.3 --push -f Dockerfile-ffmpeg . From 7ec0a350c797147720b35941159b7bbe066f2ab0 Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Mon, 29 Nov 2021 20:04:39 -0600 Subject: [PATCH 03/12] test: Change cicd to include cache layer --- .github/workflows/cicd.yml | 44 +++++++++++++++++++++++++++++++++----- 1 file changed, 39 insertions(+), 5 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 8093501..b2fa1fd 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -8,17 +8,51 @@ jobs: buildx: runs-on: ubuntu-latest steps: + # Check out code - name: Checkout uses: actions/checkout@v2 - name: Set up QEMU uses: docker/setup-qemu-action@v1 + - name: Prepare + id: prep + run: | + TAG=$(echo $GITHUB_SHA | head -c7) + IMAGE="my.docker.registry/thetonio96/wildfly" + echo ::set-output name=tagged_image::${IMAGE}:${TAG} + echo ::set-output name=tag::${TAG} + # This is the a separate action that sets up buildx runner - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v1.6.0 with: install: true - - name: Available platforms - run: echo ${{ steps.buildx.outputs.platforms }} - - name: Build + + # Registry login step intentionally missing + + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-single-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-single-buildx + + - name: Build production image + uses: docker/build-push-action@v2 + with: + context: . + builder: ${{ steps.buildx.outputs.name }} + file: ./Dockerfile + push: false # This would be set to true in a real world deployment scenario. + tags: ${{ steps.prep.outputs.tagged_image }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new + # This ugly bit is necessary if you don't want your cache to grow forever + # till it hits GitHub's limit of 5GB. + # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + - name: Move cache run: | - docker build --platform linux/amd64,linux/arm64,linux/arm/v7 -t thetonio96/wildfly:ffmpeg-23.0.2-11.0.3 --push -f Dockerfile-ffmpeg . + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache From 9f3273482316c9d50b219b71c44dec2942544a07 Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Mon, 29 Nov 2021 23:45:57 -0600 Subject: [PATCH 04/12] feat: Add ffmpeg build --- .github/workflows/cicd.yml | 53 +++++++++++++++++++++++++++++++++++++- 1 file changed, 52 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index b2fa1fd..bc59791 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -5,7 +5,7 @@ on: branches: [master] jobs: - buildx: + build: runs-on: ubuntu-latest steps: # Check out code @@ -56,3 +56,54 @@ jobs: run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache + build-ffmpeg: + runs-on: ubuntu-latest + steps: + # Check out code + - name: Checkout + uses: actions/checkout@v2 + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - name: Prepare + id: prep + run: | + TAG=$(echo $GITHUB_SHA | head -c7) + IMAGE="my.docker.registry/thetonio96/wildfly" + echo ::set-output name=tagged_image::${IMAGE}:ffmpeg-${TAG} + echo ::set-output name=tag::${TAG} + # This is the a separate action that sets up buildx runner + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1.6.0 + with: + install: true + + # Registry login step intentionally missing + + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-ffmpeg-cache + key: ${{ runner.os }}-single-buildx-ffmpeg-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-single-buildx-ffmpeg + + - name: Build production image + uses: docker/build-push-action@v2 + with: + context: . + builder: ${{ steps.buildx.outputs.name }} + file: ./Dockerfile-ffmpeg + push: false # This would be set to true in a real world deployment scenario. + tags: ${{ steps.prep.outputs.tagged_image }} + cache-from: type=local,src=/tmp/.buildx-ffmpeg-cache + cache-to: type=local,dest=/tmp/.buildx-ffmpeg-cache-new + # This ugly bit is necessary if you don't want your cache to grow forever + # till it hits GitHub's limit of 5GB. + # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + - name: Move cache + run: | + rm -rf /tmp/.buildx-ffmpeg-cache + mv /tmp/.buildx-ffmpeg-cache-new /tmp/.buildx-ffmpeg-cache From 23c4682a74dcfd1a002a457da92c3f1a3c5af229 Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Tue, 30 Nov 2021 00:01:21 -0600 Subject: [PATCH 05/12] feat: Add log in and push in action --- .github/workflows/cicd.yml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index bc59791..8774640 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -36,14 +36,18 @@ jobs: key: ${{ runner.os }}-single-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-single-buildx - + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build production image uses: docker/build-push-action@v2 with: context: . builder: ${{ steps.buildx.outputs.name }} file: ./Dockerfile - push: false # This would be set to true in a real world deployment scenario. + push: true tags: ${{ steps.prep.outputs.tagged_image }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new @@ -87,14 +91,18 @@ jobs: key: ${{ runner.os }}-single-buildx-ffmpeg-${{ github.sha }} restore-keys: | ${{ runner.os }}-single-buildx-ffmpeg - + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build production image uses: docker/build-push-action@v2 with: context: . builder: ${{ steps.buildx.outputs.name }} file: ./Dockerfile-ffmpeg - push: false # This would be set to true in a real world deployment scenario. + push: true tags: ${{ steps.prep.outputs.tagged_image }} cache-from: type=local,src=/tmp/.buildx-ffmpeg-cache cache-to: type=local,dest=/tmp/.buildx-ffmpeg-cache-new From e9fb1aae397d2d1e85322436d566925bc7a730cf Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Tue, 30 Nov 2021 00:04:43 -0600 Subject: [PATCH 06/12] fix: Remove registry url --- .github/workflows/cicd.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 8774640..84fc52e 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -17,7 +17,7 @@ jobs: id: prep run: | TAG=$(echo $GITHUB_SHA | head -c7) - IMAGE="my.docker.registry/thetonio96/wildfly" + IMAGE="thetonio96/wildfly" echo ::set-output name=tagged_image::${IMAGE}:${TAG} echo ::set-output name=tag::${TAG} # This is the a separate action that sets up buildx runner @@ -72,7 +72,7 @@ jobs: id: prep run: | TAG=$(echo $GITHUB_SHA | head -c7) - IMAGE="my.docker.registry/thetonio96/wildfly" + IMAGE="thetonio96/wildfly" echo ::set-output name=tagged_image::${IMAGE}:ffmpeg-${TAG} echo ::set-output name=tag::${TAG} # This is the a separate action that sets up buildx runner From e8bc967e73cc67c2a484f0c1c8e91985b1df6e82 Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Tue, 30 Nov 2021 00:12:13 -0600 Subject: [PATCH 07/12] fix: Add multiplatform build --- .github/workflows/cicd.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 84fc52e..ad50cbe 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -26,9 +26,6 @@ jobs: uses: docker/setup-buildx-action@v1.6.0 with: install: true - - # Registry login step intentionally missing - - name: Cache Docker layers uses: actions/cache@v2 with: @@ -51,6 +48,7 @@ jobs: tags: ${{ steps.prep.outputs.tagged_image }} cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new + platforms: linux/amd64,linux/arm64,linux/arm/v7 # This ugly bit is necessary if you don't want your cache to grow forever # till it hits GitHub's limit of 5GB. # Temp fix @@ -81,9 +79,6 @@ jobs: uses: docker/setup-buildx-action@v1.6.0 with: install: true - - # Registry login step intentionally missing - - name: Cache Docker layers uses: actions/cache@v2 with: @@ -106,6 +101,7 @@ jobs: tags: ${{ steps.prep.outputs.tagged_image }} cache-from: type=local,src=/tmp/.buildx-ffmpeg-cache cache-to: type=local,dest=/tmp/.buildx-ffmpeg-cache-new + platforms: linux/amd64,linux/arm64,linux/arm/v7 # This ugly bit is necessary if you don't want your cache to grow forever # till it hits GitHub's limit of 5GB. # Temp fix From 34be9a8c05d106e9f03a583808266b61ee0e00c7 Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Tue, 30 Nov 2021 00:12:37 -0600 Subject: [PATCH 08/12] fix: Add dependabot for github actions --- .github/dependabot.yml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..2c7d170 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,7 @@ +version: 2 +updates: + # Maintain dependencies for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" From 011f7d495e670a0a9b4c3df2b70647c8004e98fb Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Tue, 30 Nov 2021 00:24:13 -0600 Subject: [PATCH 09/12] feat: add Trivy vulnerability scanner --- .github/workflows/cicd.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index ad50cbe..a1d2f65 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -54,6 +54,17 @@ jobs: # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: "${{ steps.prep.outputs.tagged_image }}" + format: "template" + template: "@/contrib/sarif.tpl" + output: "trivy-results.sarif" + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: "trivy-results.sarif" - name: Move cache run: | rm -rf /tmp/.buildx-cache @@ -107,6 +118,17 @@ jobs: # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: "${{ steps.prep.outputs.tagged_image }}" + format: "template" + template: "@/contrib/sarif.tpl" + output: "trivy-results.sarif" + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: "trivy-results.sarif" - name: Move cache run: | rm -rf /tmp/.buildx-ffmpeg-cache From 78ad8ce2a3be2c7684f7f53dc3c400f22ad148bc Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Tue, 30 Nov 2021 00:35:55 -0600 Subject: [PATCH 10/12] fix: Add brief README to project --- README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..3f9f8f3 --- /dev/null +++ b/README.md @@ -0,0 +1,19 @@ +# WildFly + +## Development + +### Requirments +- [Docker](https://docs.docker.com/get-docker/) +- [buildx](https://docs.docker.com/buildx/working-with-buildx/) + +### Building + +Without ffmpeg +```bash +docker build --platform linux/amd64,linux/arm64,linux/arm/v7 -t thetonio96/wildfly:my-tag --push -f Dockerfile . +``` + +With ffmpeg +```bash +docker build --platform linux/amd64,linux/arm64,linux/arm/v7 -t thetonio96/wildfly:ffmpeg-my-tag --push -f Dockerfile-ffmpeg . +``` From 47323adb2fb5b5cac29ed0252a2cbe17cbecbc5a Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Tue, 30 Nov 2021 00:43:46 -0600 Subject: [PATCH 11/12] fix: Change to releases with actions --- .github/workflows/cicd.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index a1d2f65..848955b 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -1,8 +1,8 @@ name: cicd on: - push: - branches: [master] + release: + types: [published] jobs: build: From 1a425a44ef81ba16b5dc3b82d4d41922a4d02593 Mon Sep 17 00:00:00 2001 From: Antonio Torres Date: Tue, 30 Nov 2021 10:21:40 -0600 Subject: [PATCH 12/12] fix: Change sha to tag for releases --- .github/workflows/cicd.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 848955b..da112d5 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -16,7 +16,7 @@ jobs: - name: Prepare id: prep run: | - TAG=$(echo $GITHUB_SHA | head -c7) + TAG=${GITHUB_REF#refs/*/} IMAGE="thetonio96/wildfly" echo ::set-output name=tagged_image::${IMAGE}:${TAG} echo ::set-output name=tag::${TAG} @@ -80,7 +80,7 @@ jobs: - name: Prepare id: prep run: | - TAG=$(echo $GITHUB_SHA | head -c7) + TAG=${GITHUB_REF#refs/*/} IMAGE="thetonio96/wildfly" echo ::set-output name=tagged_image::${IMAGE}:ffmpeg-${TAG} echo ::set-output name=tag::${TAG} @@ -133,3 +133,6 @@ jobs: run: | rm -rf /tmp/.buildx-ffmpeg-cache mv /tmp/.buildx-ffmpeg-cache-new /tmp/.buildx-ffmpeg-cache + +# Document was created using the following as an example: +# https://evilmartians.com/chronicles/build-images-on-github-actions-with-docker-layer-caching