Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expand parameters for container image building #426

Merged
merged 4 commits into from
Mar 18, 2024
Merged

Expand parameters for container image building #426

merged 4 commits into from
Mar 18, 2024

Conversation

JAORMX
Copy link
Contributor

@JAORMX JAORMX commented Feb 8, 2024
edited
Loading

This adds the following:

  • Expanded container metadata for the built image.
  • multi-architecture builds
  • Docker SBOM generation
  • Provenance information generation

The intention is to keep a similar set of tags generated as before.

this also separates the pre-existing docker workflow into two jobs:

  • One that builds the image on each PR
  • Another one intended for the release.

This ensures that we get test coverage for image builds while keeping the GitHub actions permissions minimal.

@JAORMX JAORMX force-pushed the image-build-revamp branch 2 times, most recently from bc19ebe to 28f63b4 Compare February 8, 2024 13:28
@JAORMX
Expand parameters for container image building
ac69dbc 
This adds the following:

* Expanded container metadata for the built image.
* multi-architecture builds
* Docker SBOM generation
* Provenance information generation

The intention is to keep a similar set of tags generated as before.

Signed-off-by: Juan Antonio Osorio <[email protected]>
@JAORMX JAORMX force-pushed the image-build-revamp branch from 28f63b4 to ac69dbc Compare February 8, 2024 13:31
@JAORMX
Separate image build from push
ba72609 
Signed-off-by: Juan Antonio Osorio <[email protected]>
@JAORMX JAORMX force-pushed the image-build-revamp branch from 4a958e0 to ba72609 Compare February 8, 2024 13:56
@JAORMX
Add a signing step
ac931e4 
Signed-off-by: Juan Antonio Osorio <[email protected]>
@JAORMX JAORMX force-pushed the image-build-revamp branch from f3791d4 to ac931e4 Compare February 9, 2024 08:48
lukehinds
lukehinds approved these changes Feb 19, 2024
View reviewed changes
Copy link

@lukehinds lukehinds left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A NB LGTM @JAORMX , but needs an approved commiter

@calebbrown are you able to review?

calebbrown
calebbrown reviewed Feb 20, 2024
View reviewed changes
.github/workflows/release.yaml
Comment on lines +68 to +69
tags: ${{ steps.docker-metadata.outputs.tags }}
labels: ${{ steps.docker-metadata.outputs.labels }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How does the output of this differ when compared the previous implementation for the value of $VERSION?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should be quite similar as it uses the tag as well, and it strips the v prefix just using github action options. This adds even more metadata to the image.

@calebbrown calebbrown merged commit 4f4a9f1 into ossf:main Mar 18, 2024
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukehinds lukehinds lukehinds approved these changes

@calebbrown calebbrown calebbrown approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JAORMX @calebbrown @lukehinds