[awsreset-365]: updated workflow

.github/workflows/php-base-image-build-pr-main.yml

@@ -82,10 +82,9 @@ jobs:
               repoName=$(echo "$results" | jq -r '.repoName') 
               tag=$(echo "$results" | jq -r '.tag') 
               build=$(echo "$results" | jq -r '.build')
-              registry=$(echo "$results" | jq -r '.registry')
           
               if [ "$build" == "true" ]; then
-                  snyk container test $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$registry/$repoName:$tag-$SHA --severity-threshold=critical
+                  snyk container test $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$repoName:$tag-$SHA --severity-threshold=critical
               else
                   echo "Not scanning - $repoName, build parameter equal to false"
               fi

.github/workflows/php-base-image-push-main.yml

@@ -66,10 +66,9 @@ jobs:
               repoName=$(echo "$results" | jq -r '.repoName') 
               tag=$(echo "$results" | jq -r '.tag') 
               build=$(echo "$results" | jq -r '.build')
-              registry=$(echo "$results" | jq -r '.registry')
    
               if [ "$build" == "true" ]; then
-                  docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$registry/$repoName:$tag-$SHA
+                  docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$repoName:$tag-$SHA
               else
                   echo "Not pushing - $repoName, build parameter equal to false"
               fi
@@ -82,7 +81,7 @@ jobs:
             repoName=$(echo "$results" | jq -r '.repoName')
             dockerFile=$(echo "$results" | jq -r '.dockerFile') 
             if [ "$build" == "true" ]; then
-              notation sign $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$registry/$repoName:$tag-$SHA --plugin "com.amazonaws.signer.notation.plugin" --id "${{ secrets.DEV_VOL_IMAGE_SIGNING_PROFILE }}" 
+              notation sign $AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$repoName:$tag-$SHA --plugin "com.amazonaws.signer.notation.plugin" --id "${{ secrets.DEV_VOL_IMAGE_SIGNING_PROFILE }}" 
             else
               echo "Not linting - $repoName, build parameter equal to false"
             fi

README.md

@@ -4,8 +4,38 @@ Docker base Images for use in DVSA projects
 The images will be used by all the base images used in the project. The github repo is structured to cater the multiple docker builds in a single repo 
 
 `build` - Contains the the repo name for instance `vol-php-fpm` , if you want to create another docker image, create another folder and have your dockerfile in that folder along with any required files etc.
-`scripts` - Scripts used in the workflow
-`.github/workflows` - It contians 2 workflows,
+
+`scripts` - Scripts used in the workflow lives here
+
+`.github/workflows` - It contians 2 workflows :
+
     `php-base-image-build-pr-main` runs on the PR request to main branch and perform the linting, security check and docker build
+
     `php-base-image-push-main` runs on the PR merge to main branch and performs the image signing, docker build and docker push
-`build.json` - This is the file used by the workflow to perform the operation on multiple docker build operations, the workflow loop through the file and look for the parameter `build` if set to `true` the workflow performs the operation on only those images. so, please make sure to set this parameter as either `true | false`
+
+`build.json` - This is the file used by the workflow to perform the operation on multiple docker build operations, the workflow loop through the file and look for the parameter `build` if set to `true` the workflow performs the operation on only those images. so, please make sure to set this parameter as either `true | false`
+
+###FAQ:
+- How do I build another image in this repo ?
+    Create a folder under build foder and name it with your repo name, place you place the dockerfile and other artifiacts required for building the image
+    update the build.json file as follows :
+    ```
+    [
+        {
+            "registry": "php-base",
+            "repoName": "vol-php-fpm",
+            "dockerFile": "dockerfile",
+            "tag": "7.4.0-alpine-fpm",
+            "build": true
+        },
+        {
+            "registry": "php-base",
+            "repoName": "myreponame",
+            "dockerFile": "dockerfile",
+            "tag": "<mytag>",
+            "build": true
+        },
+   ] 
+   ```
+   commit and test
+

build.json

@@ -1,7 +1,6 @@
 [
     {
-        "registry": "php-base",
-        "repoName": "vol-php-fpm",
+        "repoName": "php-base",
         "dockerFile": "dockerfile",
         "tag": "7.4.0-alpine-fpm",
         "build": true

scripts/docker-build.sh

@@ -7,11 +7,10 @@ jq -c '.[]' build.json | while read -r results; do
     dockerFile=$(echo "$results" | jq -r '.dockerFile') 
     tag=$(echo "$results" | jq -r '.tag') 
     build=$(echo "$results" | jq -r '.build')
-    registry=$(echo "$results" | jq -r '.registry')
 
     if [ "$build" == "true" ]; then
         echo "Building $repoName ..."
-        buildTag="$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$registry/$repoName:$tag-$SHA"
+        buildTag="$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/$repoName:$tag-$SHA"
         docker build -t "$buildTag" --file "./build/$repoName/$dockerFile" build/.
     else
         echo "Not building - $repoName, build parameter equal to false"