Skip to content

ci: test matrix initial push #82

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
MxNxPx wants to merge 3 commits into
base: main
Choose a base branch
from
Open

ci: test matrix initial push #82

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e66f0b8
ci: test matrix initial push
MxNxPx Mar 15, 2025
a0f0780
ci: on any push, run ci
MxNxPx Mar 15, 2025
316aabe
ci: add missing job
MxNxPx Mar 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
89 changes: 89 additions & 0 deletions .github/workflows/callable-artifact-copy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
## Update the image list and target registry below to run workflow
#name: Trigger Transfers of Images
#
#on:
# push:
# branches:
# - main
# # Chainguard images appear to update every morning around 0300 EST
# # so this will get the latest images pushed to ECR
# schedule:
# - cron: '0 10 * * *' # 0500 EST daily
#
#permissions:
# contents: read
# id-token: write # This is needed for OIDC federation.
#
#jobs:
# check_changes:
# runs-on: ubuntu-latest
# outputs:
# image_changes: ${{ steps.changes.outputs.image }}
# steps:
# - name: Checkout repository
# uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
#
# - name: Check paths
# uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
# id: changes
# with:
# filters: |
# image:
# - '.github/workflows/trigger-docker-image.yaml'
# - '.github/actions/transfer-docker-image/**'
#
# transfer-images:
# needs: check_changes
# if: needs.check_changes.outputs.image_changes == 'true' || github.event_name == 'schedule'
# runs-on: static-ip-ubuntu-2-core
# environment: valid-eval-stg
# strategy:
# matrix:
# source_image:
# ### UPDATE THIS ###
# - "cgr.dev/du-uds-defenseunicorns/ruby-fips:3.4.2-dev"
# - "cgr.dev/du-uds-defenseunicorns/go-fips:1.23.7-dev"
# - "cgr.dev/du-uds-defenseunicorns/go-fips:1.23.7"
# - "cgr.dev/du-uds-defenseunicorns/node-fips:23.9.0"
# - "cgr.dev/du-uds-defenseunicorns/node-fips:23.9.0-dev"
# - "cgr.dev/du-uds-defenseunicorns/nginx:1.27.4"
# - "cgr.dev/du-uds-defenseunicorns/nginx:1.27.4-dev"
# - "cgr.dev/du-uds-defenseunicorns/nginx-fips:1.27.4"
# - "cgr.dev/du-uds-defenseunicorns/nginx-fips:1.27.4-dev"
# - "cgr.dev/du-uds-defenseunicorns/prometheus-postgres-exporter-fips:0.17.1"
# - "cgr.dev/du-uds-defenseunicorns/valkey-fips:8.0.2"
# - "cgr.dev/du-uds-defenseunicorns/prometheus-redis-exporter-fips:1.67.0"
# - "cgr.dev/du-uds-defenseunicorns/python-fips:3.13.2"
# - "cgr.dev/du-uds-defenseunicorns/python-fips:3.13.2-dev"
# - "cgr.dev/du-uds-defenseunicorns/bash-fips:5.2.37"
# - "cgr.dev/du-uds-defenseunicorns/chainguard-base-fips:20230214"
# - "cgr.dev/du-uds-defenseunicorns/chromium:133.0.6943.141-dev"
# - "cgr.dev/du-uds-defenseunicorns/chromium:133.0.6943.141"
# - "cgr.dev/du-uds-defenseunicorns/neo4j:5.26.3-dev"
# ### UPDATE THIS ###
#
# steps:
# - name: Checkout repository
# uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
#
# - name: Set target image from source image
# id: set_target_image
# run: |
# export SHORT_IMAGE=$(echo "${{ matrix.source_image }}" | sed "s/cgr.dev\/du-uds-defenseunicorns\///")
# export TARGET_REGISTRY="${{ vars.CONTAINER_REGISTRY }}"
# export SOURCE_IMAGE="${{ matrix.source_image }}"
# echo "source_image=$SOURCE_IMAGE" >> $GITHUB_ENV
# export TARGET_IMAGE="$TARGET_REGISTRY/unicorn/cgr/$SHORT_IMAGE"
# echo "Target image is: $TARGET_IMAGE"
# echo "target_image=$TARGET_IMAGE" >> $GITHUB_ENV
#
#
# - name: Call local actions workflow for transfer
# uses: ./.github/actions/transfer-docker-image
# with:
# source_image: ${{ matrix.source_image }}
# target_image: ${{ env.target_image }}
# chainguard_identity: ${{ secrets.CHAINGUARD_IDENTITY }}
# aws_ecr_account: ${{ vars.AWS_ECR_ACCOUNT }}
# aws_ecr_region: ${{ vars.AWS_ECR_REGION }}
# aws_role_to_assume: ${{ vars.AWS_ROLE_TO_ASSUME }}
71 changes: 71 additions & 0 deletions .github/workflows/trigger-artifact-copy-test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
# Update the image list and target registry below to run workflow
name: Trigger Transfers of Images

on:
push:
# branches:
# - main
# Chainguard images appear to update every morning around 0300 EST
# so this will get the latest images pushed to ECR
schedule:
- cron: '0 10 * * *' # 0500 EST daily

permissions:
contents: read
id-token: write # This is needed for OIDC federation.

jobs:
check_changes:
runs-on: ubuntu-latest
outputs:
image_changes: ${{ steps.changes.outputs.image }}
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Check paths
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: check_changes
with:
filters: |
image:
- '.github/workflows/trigger-docker-image.yaml'
- '.github/actions/transfer-docker-image/**'

- name: Find Images
id: find-images
run: |
images=$(awk '{printf "%s\"%s\"", (NR==1?"":", "), $0}' images.txt)
echo "images=[$images]" >> "$GITHUB_OUTPUT"

define-matrix:
runs-on: ubuntu-latest
outputs:
images: ${{ steps.find-images.outputs.images }}
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Find Images
id: find-images
run: |
images=$(awk '{printf "%s\"%s\"", (NR==1?"":", "), $0}' images.txt)
echo "images=[$images]" >> "$GITHUB_OUTPUT"

transfer-images:
needs: define-matrix
runs-on: ubuntu-latest
strategy:
matrix:
source_image: ${{ fromJSON(needs.define-matrix.outputs.images) }}

steps:
- name: Set target image from source image
id: set_target_image
run: |
export SHORT_IMAGE=$(echo "${{ matrix.source_image }}" | sed "s/cgr.dev\/du-uds-defenseunicorns\///")
export TARGET_REGISTRY="CONTAINER_REGISTRY_GOES_HERE"
export SOURCE_IMAGE="${{ matrix.source_image }}"
export TARGET_IMAGE="$TARGET_REGISTRY/unicorn/cgr/$SHORT_IMAGE"
echo "Source image is: $SOURCE_IMAGE"
echo "Short image is: $SHORT_IMAGE"
echo "Target image is: $TARGET_IMAGE"
19 changes: 19 additions & 0 deletions images.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
cgr.dev/du-uds-defenseunicorns/ruby-fips:3.4.2-dev
cgr.dev/du-uds-defenseunicorns/go-fips:1.23.7-dev
cgr.dev/du-uds-defenseunicorns/go-fips:1.23.7
cgr.dev/du-uds-defenseunicorns/node-fips:23.9.0
cgr.dev/du-uds-defenseunicorns/node-fips:23.9.0-dev
cgr.dev/du-uds-defenseunicorns/nginx:1.27.4
cgr.dev/du-uds-defenseunicorns/nginx:1.27.4-dev
cgr.dev/du-uds-defenseunicorns/nginx-fips:1.27.4
cgr.dev/du-uds-defenseunicorns/nginx-fips:1.27.4-dev
cgr.dev/du-uds-defenseunicorns/prometheus-postgres-exporter-fips:0.17.1
cgr.dev/du-uds-defenseunicorns/valkey-fips:8.0.2
cgr.dev/du-uds-defenseunicorns/prometheus-redis-exporter-fips:1.67.0
cgr.dev/du-uds-defenseunicorns/python-fips:3.13.2
cgr.dev/du-uds-defenseunicorns/python-fips:3.13.2-dev
cgr.dev/du-uds-defenseunicorns/bash-fips:5.2.37
cgr.dev/du-uds-defenseunicorns/chainguard-base-fips:20230214
cgr.dev/du-uds-defenseunicorns/chromium:133.0.6943.141-dev
cgr.dev/du-uds-defenseunicorns/chromium:133.0.6943.141
cgr.dev/du-uds-defenseunicorns/neo4j:5.26.3-dev