Skip to content

Bump build-image/distroless-iptables from v0.2.7 to v0.3.2 #701

Bump build-image/distroless-iptables from v0.2.7 to v0.3.2

Bump build-image/distroless-iptables from v0.2.7 to v0.3.2 #701

Workflow file for this run

name: Build
# Controls when the workflow will run
on:
push:
tags:
- 'v*.*.*'
pull_request:
branches:
- 'main'
env:
# `public` indicates images to MCR wil be publicly available, and will be removed in the final MCR images
REGISTRY_REPO: public/aks
jobs:
build:
runs-on: ubuntu-latest
permissions:
packages: write
actions: read
contents: read
id-token: write
steps:
# Get the repository's code
- name: Checkout
uses: actions/checkout@v4
# https://github.com/docker/setup-qemu-action
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
- name: OIDC Login to Azure Public Cloud
# subject in JWT: repo:Azure/kube-egress-gateway:workflow:Build:event_name:push:ref_type:tag
# to view/edit: https://docs.github.com/en/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository
if: github.event_name != 'pull_request'
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Login the ACR
if: github.event_name != 'pull_request'
run: az acr login -n ${{ secrets.AZURE_REGISTRY }}
- name: Docker meta
id: daemon # you'll use this in the next step
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
${{ secrets.AZURE_REGISTRY }}/${{ env.REGISTRY_REPO }}/kube-egress-gateway-daemon
tags: |
type=semver,pattern={{raw}}
bake-target: daemon-tags
- name: Docker meta
id: controller # you'll use this in the next step
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
${{ secrets.AZURE_REGISTRY }}/${{ env.REGISTRY_REPO }}/kube-egress-gateway-controller
tags: |
type=semver,pattern={{raw}}
bake-target: controller-tags
- name: Docker meta
id: cnimanager # you'll use this in the next step
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
${{ secrets.AZURE_REGISTRY }}/${{ env.REGISTRY_REPO }}/kube-egress-gateway-cnimanager
tags: |
type=semver,pattern={{raw}}
bake-target: cnimanager-tags
- name: Docker meta
id: cniplugin # you'll use this in the next step
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
${{ secrets.AZURE_REGISTRY }}/${{ env.REGISTRY_REPO }}/kube-egress-gateway-cni
tags: |
type=semver,pattern={{raw}}
bake-target: cni-tags
- name: Docker meta
id: cniipamplugin # you'll use this in the next step
uses: docker/metadata-action@v5
with:
# list of Docker images to use as base name for tags
images: |
${{ secrets.AZURE_REGISTRY }}/${{ env.REGISTRY_REPO }}/kube-egress-gateway-cni-ipam
tags: |
type=semver,pattern={{raw}}
bake-target: cni-ipam-tags
- name: Build and push
uses: docker/bake-action@v4
with:
push: ${{ github.event_name != 'pull_request' }}
files: |
docker-bake.hcl
${{ steps.daemon.outputs.bake-file }}
${{ steps.controller.outputs.bake-file }}
${{ steps.cnimanager.outputs.bake-file }}
${{ steps.cniplugin.outputs.bake-file }}
${{ steps.cniipamplugin.outputs.bake-file }}