Skip to content

Migrate to distroless to reduce attack surface and image size #6

Migrate to distroless to reduce attack surface and image size

Migrate to distroless to reduce attack surface and image size #6

Workflow file for this run

---
name: Docker Build Action
on:
pull_request:
branches:
- master
release:
types:
- published
push:
branches:
- master
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
build:
name: Docker Build
runs-on: ubuntu-latest
steps:
- name: Log in to the container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.DOCKER_REGISTRY_USER }}
password: ${{ secrets.DOCKER_REGISTRY_TOKEN }}
- name: Install libsystemd headers
run: sudo apt-get update && sudo apt-get install libsystemd-dev
- name: Checkout
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
cache: false
- name: Lint
uses: golangci/golangci-lint-action@v6
with:
args: --build-tags integration -p bugs -p unused -D protogetter --timeout=5m
- name: Make tag
run: |
[ "${GITHUB_EVENT_NAME}" == 'pull_request' ] && echo "tag=${GITHUB_HEAD_REF##*/}" >> $GITHUB_ENV || true
[ "${GITHUB_EVENT_NAME}" == 'release' ] && echo "tag=${GITHUB_REF##*/}" >> $GITHUB_ENV || true
[ "${GITHUB_EVENT_NAME}" == 'push' ] && echo "tag=latest" >> $GITHUB_ENV || true
- name: Push server image
uses: docker/build-push-action@v5
with:
context: .
push: true
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.tag }}
- name: Push client image
uses: docker/build-push-action@v5
with:
context: .
file: Dockerfile.client
push: true
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}-client:${{ env.tag }}