diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..b801063 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,58 @@ +name: Build image + +on: + workflow_call: + inputs: + image_name: + required: true + type: string + +env: + REGISTRY: ghcr.io + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + attestations: write + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ inputs.image_name}} + tags: | + type=sha + env: + DOCKER_METADATA_SHORT_SHA_LENGTH: 8 + + - name: Build and push Docker image + id: push + uses: docker/build-push-action@v6 + with: + context: packages/mosip-mock + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ inputs.image_name}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true diff --git a/.github/workflows/docker-publish-mock.yml b/.github/workflows/docker-publish-mock.yml index a6bede9..b9e8fc3 100644 --- a/.github/workflows/docker-publish-mock.yml +++ b/.github/workflows/docker-publish-mock.yml @@ -6,54 +6,10 @@ on: push: branches: - main - -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }}-mock + - figure_out_builds # FIXME: remove, just here for debug jobs: - build-and-push-image: - runs-on: ubuntu-latest - - permissions: - contents: read - packages: write - attestations: write - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Log in to the Container registry - uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=sha,prefix= - env: - DOCKER_METADATA_SHORT_SHA_LENGTH: 8 - - - name: Build and push Docker image - id: push - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 - with: - context: packages/mosip-mock - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - - name: Generate artifact attestation - uses: actions/attest-build-provenance@v1 - with: - subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - subject-digest: ${{ steps.push.outputs.digest }} - push-to-registry: true + build-and-push: + uses: ./.github/workflows/build.yml + with: + image_name: ${{ github.repository }}-mock \ No newline at end of file diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index fae1bbd..2787866 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -7,53 +7,8 @@ on: branches: - main -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - jobs: - build-and-push-image: - runs-on: ubuntu-latest - - permissions: - contents: read - packages: write - attestations: write - id-token: write - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Log in to the Container registry - uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=sha,prefix= - env: - DOCKER_METADATA_SHORT_SHA_LENGTH: 8 - - - name: Build and push Docker image - id: push - uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 - with: - context: packages/server - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - - name: Generate artifact attestation - uses: actions/attest-build-provenance@v1 - with: - subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - subject-digest: ${{ steps.push.outputs.digest }} - push-to-registry: true + build-and-push: + uses: ./.github/workflows/build.yml + with: + image_name: ${{ github.repository }}-mock \ No newline at end of file diff --git a/packages/mosip-mock/Dockerfile b/packages/mosip-mock/Dockerfile index 167a30f..ebb605f 100644 --- a/packages/mosip-mock/Dockerfile +++ b/packages/mosip-mock/Dockerfile @@ -3,9 +3,8 @@ WORKDIR /usr/src/app COPY package.json package.json COPY yarn.lock yarn.lock -COPY src/ src/ RUN yarn install --production --frozen-lockfile -EXPOSE 2024 +COPY src/ src/ CMD ["yarn", "start"] \ No newline at end of file diff --git a/packages/server/Dockerfile b/packages/server/Dockerfile index 167a30f..ebb605f 100644 --- a/packages/server/Dockerfile +++ b/packages/server/Dockerfile @@ -3,9 +3,8 @@ WORKDIR /usr/src/app COPY package.json package.json COPY yarn.lock yarn.lock -COPY src/ src/ RUN yarn install --production --frozen-lockfile -EXPOSE 2024 +COPY src/ src/ CMD ["yarn", "start"] \ No newline at end of file