Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

github: No more docker workflow

Browse source
This commit is contained in:
Arne Welzel 2023-01-18 15:18:58 +01:00
parent f3eb7cc0c1
commit f9b0681c98
1 changed files with 0 additions and 195 deletions
Download patch file Download diff file Expand all files Collapse all files

195
.github/workflows/docker.yml vendored
View file

@ -1,195 +0,0 @@
name: Check and publish Docker images
on:
pull_request:
push:
branches: [master]
tags:
- 'v*'
- '!v*-dev'
- 'release'
defaults:
run:
shell: bash
env:
IMAGE_NAME: zeek-image.tar
IMAGE_FILE: /tmp/zeek-image.tar
IMAGE_PATH: /tmp
permissions:
contents: read
jobs:
docker-build:
runs-on: ubuntu-latest
env:
TEST_TAG: zeek:latest
CONFFLAGS: --generator=Ninja --build-type=Release
steps:
- uses: actions/checkout@v3
with:
submodules: "recursive"
# Create and boot a loader. This will e.g., provide caching
# so we avoid rebuilds of the same image after this step.
- uses: docker/setup-buildx-action@v2
- name: Build image
uses: docker/build-push-action@v3
with:
context: ./
file: docker/Dockerfile
build-args: |
CONFFLAGS=${{ env.CONFFLAGS }}
load: true
tags: ${{ env.TEST_TAG }}
- name: Run btests
run: make -C docker/btest
- name: Save image tarball
run: docker save -o ${{ env.IMAGE_FILE }} ${{ env.TEST_TAG }}
- name: Get version
id: version
run: echo "RELEASE_VERSION=$(cat VERSION)" >> $GITHUB_OUTPUT
- name: Compute target tag
id: target
env:
RELEASE_VERSION: ${{ steps.version.outputs.RELEASE_VERSION }}
run: |
# Translate the GitHub reference into a tag name.
#
# - `release` tag maps to `zeek:latest`
# - `v*` tag (excluding `v*-dev` tags) maps to `zeek:RELEASE_VERSION`
# - `master` branch maps to `zeek-dev:latest`
#
# Any other refs are not published below.
if [ "${GITHUB_REF}" = "refs/tags/release" ]; then
echo "tag=zeek:latest" >> $GITHUB_OUTPUT
elif [ "${GITHUB_REF}" = "refs/heads/master" ]; then
echo "tag=zeek-dev:latest" >> $GITHUB_OUTPUT
elif [[ "${GITHUB_REF}" = refs/tags/v* ]] && [[ "${GITHUB_REF}" != refs/tags/v*-dev ]]; then
echo "tag=zeek:${RELEASE_VERSION}" >> $GITHUB_OUTPUT
fi
- name: Login to ECR
# Don't publish on forks. Also note that secrets for the login are not
# available for pull requests, so trigger on pushes only.
if: github.repository == 'zeek/zeek' && github.event_name == 'push'
uses: docker/login-action@v1
with:
registry: public.ecr.aws
username: ${{ secrets.AWS_ACCESS_KEY_ID }}
password: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- name: Login to DockerHub
uses: docker/login-action@v2
# Don't publish on forks. Also note that secrets for the login are not
# available for pull requests, so trigger on pushes only.
if: github.repository == 'zeek/zeek' && github.event_name == 'push'
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Push image
# Only publish if we did compute a tag.
if: github.repository == 'zeek/zeek' && github.event_name == 'push' && steps.target.outputs.tag != ''
uses: docker/build-push-action@v3
with:
context: ./
file: docker/Dockerfile
build-args: |
CONFFLAGS=${{ env.CONFFLAGS }}
push: true
tags: |
public.ecr.aws/zeek/${{ steps.target.outputs.tag }}
docker.io/zeekurity/${{ steps.target.outputs.tag }}
docker.io/zeek/${{ steps.target.outputs.tag }}
- name: Preserve image artifact
uses: actions/upload-artifact@v3
with:
name: ${{ env.IMAGE_NAME }}
path: ${{ env.IMAGE_FILE }}
retention-days: 1
- name: Preserve btest artifacts
uses: actions/upload-artifact@v3
if: failure()
with:
name: docker-btest
path: docker/btest/.tmp
if-no-files-found: ignore
cluster-testing:
# We need the Zeek Docker image build job to complete first, since we need
# the resulting image for our docker-compose setup.
needs: docker-build
runs-on: ubuntu-latest
steps:
# Grab the sources so we have access to btest. Could also use pip, but it
# seems appealing to be using the in-tree version of btest. btest is in a
# submodule; we check it out selectively to save time.
- uses: actions/checkout@v3
- name: Check out btest
run: git submodule update --init ./auxil/btest
- name: Download Docker image artifact
uses: actions/download-artifact@v3
with:
name: ${{ env.IMAGE_NAME }}
path: ${{ env.IMAGE_PATH }}
- name: Load Docker image
run: |
docker load --input ${{ env.IMAGE_FILE }}
docker tag zeek:latest zeektest:latest
# The testsuite ref to use for this version of Zeek is stored in a file in
# the Zeek source tree.
- name: Get testsuite version
run: |
echo "TESTSUITE_COMMIT=$(cat ./testing/external/commit-hash.zeek-testing-cluster)" >> $GITHUB_ENV
- name: Retrieve cluster testsuite
uses: actions/checkout@v3
with:
repository: zeek/zeek-testing-cluster
path: testing/external/zeek-testing-cluster
ref: ${{ ENV.TESTSUITE_COMMIT }}
- name: Run testsuite
run: make -C testing/external/zeek-testing-cluster
# upload-artifact balks at certain characters in artifact
# filenames, so substitute them for dots.
- name: Sanitize artifacts
if: failure()
run: |
sudo apt-get -q update && sudo apt-get install -q -y rename
find testing/external/zeek-testing-cluster/.tmp -depth -execdir rename 's/[":<>|*?\r\n]/./g' "{}" \;
- name: Preserve btest artifacts
uses: actions/upload-artifact@v3
if: failure()
with:
name: cluster-btest
path: testing/external/zeek-testing-cluster/.tmp
if-no-files-found: ignore
# To save storage space, truncate the Docker image artifact
# when this run was successful.
- name: Truncate Docker image
run: |
truncate -s0 ${{ env.IMAGE_FILE }}
- name: Store truncated image artifact
uses: actions/upload-artifact@v3
with:
name: ${{ env.IMAGE_NAME }}
path: ${{ env.IMAGE_FILE }}
retention-days: 1