From 17a0fecba572e306cfb6493b63e551cc9977c3b0 Mon Sep 17 00:00:00 2001 From: Lucas Fontes Date: Wed, 31 Jul 2024 18:24:36 -0400 Subject: [PATCH] feat: Github Workflow for Kubernetes Secrets Signed-off-by: Lucas Fontes --- .github/workflows/secrets-kubernetes.yml | 109 +++++++++++++++++++++++ 1 file changed, 109 insertions(+) create mode 100644 .github/workflows/secrets-kubernetes.yml diff --git a/.github/workflows/secrets-kubernetes.yml b/.github/workflows/secrets-kubernetes.yml new file mode 100644 index 0000000..e01dcc7 --- /dev/null +++ b/.github/workflows/secrets-kubernetes.yml @@ -0,0 +1,109 @@ +name: Secrets Kubernetes + +permissions: + contents: read + +on: + push: + branches: + - "main" + paths: + - "secrets/secrets-kubernetes/**" + - ".github/workflows/secrets-kubernetes.yml" + pull_request: + branches: + - "main" + paths: + - "secrets/secrets-kubernetes/**" + - ".github/workflows/secrets-kubernetes.yml" + +env: + REGISTRY: ghcr.io + IMAGE_NAME: wasmcloud/contrib/secrets-kubernetes + +defaults: + run: + shell: bash + working-directory: ./secrets/secrets-kubernetes + +jobs: + check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Fetch deps + run: | + go mod download + + - name: Lint + run: | + test -z $(gofmt -l .) + + - name: Test + run: | + go test -cover ./... + + - name: Build + run: | + go install + + release: + if: startswith(github.ref, 'refs/tags/secrets-kubernetes-v') # Only run on tag push + runs-on: ubuntu-latest + needs: + - check + permissions: + contents: read + packages: write + steps: + - uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log into GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) + id: meta_release + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=match,pattern=secrets-kubernetes-v(.*),group=1 + + - name: Extract metadata (tags, labels) + id: meta_debug + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=match,pattern=secrets-kubernetes-v(.*),group=1,suffix=-debug + + - name: Build and push the release image + uses: docker/build-push-action@v6 + with: + target: release + push: true + context: secrets/secrets-kubernetes/ + tags: ${{ steps.meta_release.outputs.tags }} + labels: ${{ steps.meta_release.outputs.labels }} + platforms: linux/amd64,linux/arm64 + + - name: Build and push the debug image + uses: docker/build-push-action@v6 + with: + target: debug + push: true + context: secrets/secrets-kubernetes/ + tags: ${{ steps.meta_debug.outputs.tags }} + labels: ${{ steps.meta_debug.outputs.labels }} + platforms: linux/amd64,linux/arm64