From 357280afedbaf54e8a75e50f3a608d478351405c Mon Sep 17 00:00:00 2001 From: getlarge Date: Thu, 9 May 2024 09:28:14 +0200 Subject: [PATCH] ci: build 2 RabbitMQ images --- .github/workflows/ci.yaml | 33 ++++++++++++++++++++++++++++++--- Dockerfile.dev | 4 +++- 2 files changed, 33 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 495b091..d8df68e 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -5,6 +5,7 @@ on: env: REGISTRY: ghcr.io + BASE_IMAGE_NAME: ${{ github.repository }}-base IMAGE_NAME: ${{ github.repository }} jobs: @@ -15,6 +16,7 @@ jobs: contents: read packages: write attestations: write + id-token: write steps: - name: Checkout repository @@ -33,22 +35,47 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Extract metadata (tags, labels) for Docker + - name: Extract metadata (tags, labels) for Base RabbitMQ Docker image + id: meta-base + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.BASE_IMAGE_NAME }} + + - name: Build and push Base RabbitMQ Docker image + id: push-base + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ${{ steps.meta-base.outputs.tags }} + labels: ${{ steps.meta-base.outputs.labels }} + + - name: Generate artifact attestation for Base RabbitMQ Docker image + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.BASE_IMAGE_NAME}} + subject-digest: ${{ steps.push-base.outputs.digest }} + push-to-registry: true + + - name: Extract metadata (tags, labels) for RabbitMQ Docker image id: meta uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - name: Build and push + - name: Build and push RabbitMQ Docker image id: push uses: docker/build-push-action@v5 with: + build-args: | + BASE_IMAGE_TAG=${{ env.REGISTRY }}/${{ env.BASE_IMAGE_NAME}}:${{ steps.push-base.outputs.digest }} context: . + file: Dockerfile.dev push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - - name: Generate artifact attestation + - name: Generate artifact attestation for RabbitMQ Docker image uses: actions/attest-build-provenance@v1 with: subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} diff --git a/Dockerfile.dev b/Dockerfile.dev index 803ba21..d50bae3 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -1,4 +1,6 @@ -FROM ghcr.io/innovation-system/on-board-rabbitmq/rabbitmq-base:3.12.13 +ARG BASE_IMAGE_TAG=ghcr.io/innovation-system/on-board-rabbitmq-base:main + +FROM ${BASE_IMAGE_TAG} # FROM rabbitmq:3.12.4-management-alpine ARG RABBITMQ_PLUGINS="rabbitmq_management_agent rabbitmq_management rabbitmq_mqtt rabbitmq_web_mqtt rabbitmq_prometheus rabbitmq_web_dispatch rabbitmq_auth_backend_http rabbitmq_auth_backend_cache rabbitmq_event_exchange rabbitmq_mqtt_retained_msg_store_redis rabbitmq_stream"