From 2a1a052465c64f9ab200c3805cbd4f553148281a Mon Sep 17 00:00:00 2001 From: bishal7679 Date: Sun, 19 May 2024 11:43:24 +0530 Subject: [PATCH 1/9] add docker image support with docker publish gh_action Signed-off-by: bishal7679 --- .github/workflows/docker_publish.yml | 42 ++++++++++++++++++++++++++++ Dockerfile | 23 +++++++++++++++ 2 files changed, 65 insertions(+) create mode 100644 .github/workflows/docker_publish.yml create mode 100644 Dockerfile diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml new file mode 100644 index 00000000..2756dfb8 --- /dev/null +++ b/.github/workflows/docker_publish.yml @@ -0,0 +1,42 @@ +name: Publishing Docker image + +on: + push: + branches: [ "main" ] + paths-ignore: + - 'README.md' + - '**/*_test.go' + pull_request: + branches: [ "main" ] + paths-ignore: + - 'README.md' + - '**/*_test.go' + +jobs: + push_to_registry: + name: Push Docker image to Docker Hub + runs-on: ubuntu-latest + steps: + - name: Check out the repo + uses: actions/checkout@v4 + + - name: Log in to Docker Hub + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + with: + images: goharbor/harbor-cli + + - name: Build and push Docker image + uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 + with: + context: . + file: ./Dockerfile + tags: goharbor/harbor-cli:latest + push: true + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..f9e2fb05 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,23 @@ +# Stage 1: Build the Go binary +FROM golang:1.21-alpine AS builder + +WORKDIR /app + +COPY go.mod go.sum ./ + +# Download all dependencies. Dependencies will be cached if the go.mod and go.sum files are not changed +RUN go mod download + +COPY . . + +RUN go build -o harbor ./cmd/harbor + +# Stage 2: Create a small image for the Go binary +FROM alpine:latest + +WORKDIR /root/ + +# Copy the Pre-built binary file from the previous stage +COPY --from=builder /app/harbor . + +CMD ["./harbor"] \ No newline at end of file From 33712d42df215a116c0b2370ee58ede36d592ff7 Mon Sep 17 00:00:00 2001 From: Bishal Das <70086051+bishal7679@users.noreply.github.com> Date: Fri, 31 May 2024 10:52:13 +0530 Subject: [PATCH 2/9] Update docker_publish.yml Signed-off-by: bishal7679 --- .github/workflows/docker_publish.yml | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 2756dfb8..82fcb4ce 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -20,23 +20,18 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Log in to Docker Hub - uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a + - name: Log in to Harbor + uses: docker/login-action@v3 with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 - with: - images: goharbor/harbor-cli + registry: demo.goharbor.io + username: ${{ secrets.REGISTRY_GOHARBOR_USERNAME }} + password: ${{ secrets.REGISTRY_GOHARBOR_PASSWORD }} - name: Build and push Docker image uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 with: context: . file: ./Dockerfile - tags: goharbor/harbor-cli:latest + tags: demo.goharbor.io/library/harbor-cli:1.2.3 push: true - labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file + labels: ${{ steps.meta.outputs.labels }} From 321f342689fdeea84aaac73876f97293df60675e Mon Sep 17 00:00:00 2001 From: Bishal Das <70086051+bishal7679@users.noreply.github.com> Date: Fri, 31 May 2024 10:53:28 +0530 Subject: [PATCH 3/9] Update docker_publish.yml Signed-off-by: bishal7679 --- .github/workflows/docker_publish.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 82fcb4ce..87961c80 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -2,7 +2,7 @@ name: Publishing Docker image on: push: - branches: [ "main" ] + branches: [ "docker" ] paths-ignore: - 'README.md' - '**/*_test.go' @@ -35,3 +35,4 @@ jobs: tags: demo.goharbor.io/library/harbor-cli:1.2.3 push: true labels: ${{ steps.meta.outputs.labels }} + From 56620a49f74424a5d7d5890d296c61c46915f440 Mon Sep 17 00:00:00 2001 From: Bishal Das <70086051+bishal7679@users.noreply.github.com> Date: Fri, 31 May 2024 13:27:16 +0530 Subject: [PATCH 4/9] Update docker_publish.yml Signed-off-by: bishal7679 --- .github/workflows/docker_publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 87961c80..c3b9c3ee 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -23,7 +23,7 @@ jobs: - name: Log in to Harbor uses: docker/login-action@v3 with: - registry: demo.goharbor.io + registry: demo.goharbor.io/library username: ${{ secrets.REGISTRY_GOHARBOR_USERNAME }} password: ${{ secrets.REGISTRY_GOHARBOR_PASSWORD }} @@ -32,7 +32,7 @@ jobs: with: context: . file: ./Dockerfile - tags: demo.goharbor.io/library/harbor-cli:1.2.3 + tags: harbor-cli:1.2.4 push: true labels: ${{ steps.meta.outputs.labels }} From 03e5be6f2127976c91845c951f2afd3e73656f08 Mon Sep 17 00:00:00 2001 From: Bishal Das <70086051+bishal7679@users.noreply.github.com> Date: Fri, 31 May 2024 13:29:09 +0530 Subject: [PATCH 5/9] Update docker_publish.yml Signed-off-by: bishal7679 --- .github/workflows/docker_publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index c3b9c3ee..872c1007 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -23,7 +23,7 @@ jobs: - name: Log in to Harbor uses: docker/login-action@v3 with: - registry: demo.goharbor.io/library + registry: demo.goharbor.io username: ${{ secrets.REGISTRY_GOHARBOR_USERNAME }} password: ${{ secrets.REGISTRY_GOHARBOR_PASSWORD }} @@ -32,7 +32,7 @@ jobs: with: context: . file: ./Dockerfile - tags: harbor-cli:1.2.4 + tags: library/harbor-cli:1.2.4 push: true labels: ${{ steps.meta.outputs.labels }} From 20a304cf5777c0aa8c1a8995e68ffeb5aa0c946d Mon Sep 17 00:00:00 2001 From: Bishal Das <70086051+bishal7679@users.noreply.github.com> Date: Fri, 31 May 2024 13:30:32 +0530 Subject: [PATCH 6/9] Update docker_publish.yml Signed-off-by: bishal7679 --- .github/workflows/docker_publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 872c1007..20115bd7 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -32,7 +32,7 @@ jobs: with: context: . file: ./Dockerfile - tags: library/harbor-cli:1.2.4 + tags: demo.goharbor.io/library/harbor-cli:1.2.4 push: true labels: ${{ steps.meta.outputs.labels }} From 2eb8e9a04832d9a947c994663b52afe31b1dabf5 Mon Sep 17 00:00:00 2001 From: Bishal Das <70086051+bishal7679@users.noreply.github.com> Date: Fri, 31 May 2024 13:48:46 +0530 Subject: [PATCH 7/9] Update docker_publish.yml Signed-off-by: bishal7679 --- .github/workflows/docker_publish.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 20115bd7..afaa1871 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -26,7 +26,10 @@ jobs: registry: demo.goharbor.io username: ${{ secrets.REGISTRY_GOHARBOR_USERNAME }} password: ${{ secrets.REGISTRY_GOHARBOR_PASSWORD }} - + + - name: Install Cosign + uses: sigstore/cosign-installer@v3.1.1 + - name: Build and push Docker image uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 with: @@ -36,3 +39,10 @@ jobs: push: true labels: ${{ steps.meta.outputs.labels }} + - name: Sign image with a key + run: | + cosign sign --yes --key env://COSIGN_PRIVATE_KEY demo.goharbor.io/library/harbor-cli:1.2.5 + env: + COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} + COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} + From 88bc5acb20c6530996d29cdb0b1cce14dd97eed6 Mon Sep 17 00:00:00 2001 From: Bishal Das <70086051+bishal7679@users.noreply.github.com> Date: Fri, 31 May 2024 13:54:12 +0530 Subject: [PATCH 8/9] Update docker_publish.yml Signed-off-by: bishal7679 --- .github/workflows/docker_publish.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index afaa1871..270a2a1e 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -31,18 +31,22 @@ jobs: uses: sigstore/cosign-installer@v3.1.1 - name: Build and push Docker image - uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 + uses: docker/build-push-action@v3 with: context: . file: ./Dockerfile - tags: demo.goharbor.io/library/harbor-cli:1.2.4 + tags: demo.goharbor.io/library/harbor-cli:1.2.5 push: true labels: ${{ steps.meta.outputs.labels }} + - name: Get the image digest + id: image_digest + run: | + echo "IMAGE_DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' demo.goharbor.io/library/harbor-cli:1.2.5)" >> $GITHUB_ENV + - name: Sign image with a key run: | - cosign sign --yes --key env://COSIGN_PRIVATE_KEY demo.goharbor.io/library/harbor-cli:1.2.5 + cosign sign --yes --key env://COSIGN_PRIVATE_KEY ${{ env.IMAGE_DIGEST }} env: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - From 3877867a2ce6531cfa95fcfe8aeaae7ed8c1aa69 Mon Sep 17 00:00:00 2001 From: bishal7679 Date: Fri, 31 May 2024 15:48:54 +0530 Subject: [PATCH 9/9] updated docker publish Signed-off-by: bishal7679 --- .github/workflows/docker_publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml index 270a2a1e..39a3031b 100644 --- a/.github/workflows/docker_publish.yml +++ b/.github/workflows/docker_publish.yml @@ -2,7 +2,7 @@ name: Publishing Docker image on: push: - branches: [ "docker" ] + branches: [ "main" ] paths-ignore: - 'README.md' - '**/*_test.go' @@ -35,7 +35,7 @@ jobs: with: context: . file: ./Dockerfile - tags: demo.goharbor.io/library/harbor-cli:1.2.5 + tags: demo.goharbor.io/library/harbor-cli:0.0.1 push: true labels: ${{ steps.meta.outputs.labels }}