From 2c09f8898cc7e6dfedac771097f965e7b78cbf64 Mon Sep 17 00:00:00 2001 From: Emmanuel T Odeke Date: Fri, 5 Aug 2022 09:25:44 -0700 Subject: [PATCH] all: update Docker image and built to use Informal Systems (#31) A search and replace of securego/gosec to informalsystems/gosec, plus updates to the .github/workflows/*.yaml files. Updates #26 --- .github/workflows/release.yml | 54 +++++++++++++++++++++-------------- .goreleaser.yml | 2 +- Dockerfile | 5 ++-- Makefile | 2 +- action.yml | 2 +- install.sh | 6 ++-- 6 files changed, 40 insertions(+), 31 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a8676df..e963eca 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,13 +1,21 @@ name: Release + on: - push: - tags: - - 'v*' + release: + types: [published] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + GO111MODULE: on + jobs: build: runs-on: ubuntu-latest - env: - GO111MODULE: on + permissions: + contents: read + packages: write + steps: - name: Checkout Source uses: actions/checkout@v2 @@ -17,22 +25,24 @@ jobs: uses: actions/setup-go@v2 with: go-version: 1.17.x - - name : Get release version - id: get_version - run: echo ::set-env name=RELEASE_VERSION::$(echo ${GITHUB_REF:10}) - - name: Release Binaries - uses: goreleaser/goreleaser-action@v2 + + - name: Log in to the Container registry + uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 with: - version: latest - args: release --rm-dist - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Release Docker Image - uses: elgohr/Publish-Docker-Github-Action@master + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 with: - name: securego/gosec - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - buildargs: GO_VERSION=1.17 - tags: "latest,${{ env.RELEASE_VERSION }}" - tag_names: true + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.goreleaser.yml b/.goreleaser.yml index 4f8fc41..93a0cc6 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -3,7 +3,7 @@ project_name: gosec release: github: - owner: securego + owner: informalsystems name: gosec builds: diff --git a/Dockerfile b/Dockerfile index c937d52..1c0332d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,4 @@ -ARG GO_VERSION -FROM golang:${GO_VERSION}-alpine AS builder +FROM golang:1.17-alpine AS builder RUN apk add --update --no-cache ca-certificates make git curl gcc libc-dev RUN mkdir -p /build WORKDIR /build @@ -7,7 +6,7 @@ COPY . /build/ RUN go mod download RUN make build-linux -FROM golang:${GO_VERSION}-alpine +FROM golang:1.17-alpine RUN apk add --update --no-cache ca-certificates bash git gcc libc-dev ENV GO111MODULE on COPY --from=builder /build/gosec /bin/gosec diff --git a/Makefile b/Makefile index 5ac0596..cfd8bec 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ GIT_TAG?= $(shell git describe --always --tags) BIN = gosec FMT_CMD = $(gofmt -s -l -w $(find . -type f -name '*.go' -not -path './vendor/*') | tee /dev/stderr) -IMAGE_REPO = securego +IMAGE_REPO = informalsystems BUILDFLAGS := '-w -s' CGO_ENABLED = 0 GO := GO111MODULE=on go diff --git a/action.yml b/action.yml index aab6c80..2eeb7e8 100644 --- a/action.yml +++ b/action.yml @@ -10,7 +10,7 @@ inputs: runs: using: 'docker' - image: 'docker://securego/gosec' + image: 'docker://informalsystems/gosec' args: - ${{ inputs.args }} diff --git a/install.sh b/install.sh index 37bed0a..fae855d 100644 --- a/install.sh +++ b/install.sh @@ -6,13 +6,13 @@ set -e usage() { this=$1 cat <