-
-
Notifications
You must be signed in to change notification settings - Fork 551
122 lines (107 loc) · 4.16 KB
/
master-container-publish.yml
File metadata and controls
122 lines (107 loc) · 4.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
name: Build and Publish Master Container
on:
push:
branches:
- master
workflow_dispatch:
permissions:
contents: read
packages: write
jobs:
build-and-publish:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v5
- name: Set up JDK 25
uses: actions/setup-java@v5
with:
java-version: "25"
distribution: "temurin"
cache: "maven"
- name: Extract version from pom.xml
id: extract-version
run: |
echo "Extracting version from pom.xml..."
chmod +x ./mvnw
VERSION=$(./mvnw help:evaluate -Dexpression=project.version -q -DforceStdout)
DOCKER_VERSION=${VERSION%-SNAPSHOT}
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "docker_version=$DOCKER_VERSION" >> $GITHUB_OUTPUT
echo "Detected version: $VERSION"
echo "Docker version: $DOCKER_VERSION"
- name: Build application
run: ./mvnw --no-transfer-progress clean package -DskipTests
- name: Verify JAR file was created
run: |
echo "Checking target directory..."
ls -la target/
echo "Looking for JAR files..."
find target/ -name "*.jar" -type f
echo "Verifying specific JAR exists..."
JAR_FILE="target/wrongsecrets-${{ steps.extract-version.outputs.version }}.jar"
if [ -f "$JAR_FILE" ]; then
echo "✅ JAR file found: $JAR_FILE"
ls -la "$JAR_FILE"
else
echo "❌ Expected JAR file not found: $JAR_FILE"
echo "Available JAR files:"
find target/ -name "*.jar" -type f || echo "No JAR files found"
exit 1
fi
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}/wrongsecrets-master
tags: |
type=ref,event=branch
type=raw,value=latest-master
type=sha,prefix={{branch}}-
- name: Build and push Docker image
id: build
uses: docker/build-push-action@v6
with:
platforms: linux/amd64,linux/arm64
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
argBasedVersion=${{ steps.extract-version.outputs.docker_version }}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Verify Docker image was built
run: |
echo "Verifying Docker image was built successfully..."
echo "Image tags: ${{ steps.meta.outputs.tags }}"
echo "Image digest: ${{ steps.build.outputs.digest }}"
- name: Create Release Summary
run: |
echo "## 🚀 Master Container Published" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**📦 Container Images Published:**" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Convert multi-line tags to individual entries
TAGS="${{ steps.meta.outputs.tags }}"
echo "$TAGS" | while read -r tag; do
if [ ! -z "$tag" ]; then
echo "- \`$tag\`" >> $GITHUB_STEP_SUMMARY
fi
done
echo "" >> $GITHUB_STEP_SUMMARY
echo "**🐳 Try the bleeding-edge version:**" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`bash" >> $GITHUB_STEP_SUMMARY
echo "docker pull ghcr.io/${{ github.repository }}/wrongsecrets-master:latest-master" >> $GITHUB_STEP_SUMMARY
echo "docker run -p 8080:8080 -p 8090:8090 ghcr.io/${{ github.repository }}/wrongsecrets-master:latest-master" >> $GITHUB_STEP_SUMMARY
echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "Then visit: http://localhost:8080" >> $GITHUB_STEP_SUMMARY