Make pods/containers security context configurable (#193) #229
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build images | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| OCI_CLI_FINGERPRINT: ${{ secrets.OCI_CLI_FINGERPRINT }} | |
| OCI_CLI_KEY_CONTENT: ${{ secrets.OCI_CLI_KEY_CONTENT }} | |
| OCI_CLI_REGION: ${{ secrets.OCI_CLI_REGION }} | |
| OCI_CLI_TENANCY: ${{ secrets.OCI_CLI_TENANCY }} | |
| OCI_CLI_USER: ${{ secrets.OCI_CLI_USER }} | |
| jobs: | |
| build-ocg-dbmigrator-image: | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v5 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-2 | |
| - name: Login to AWS ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Login to OCI Registry | |
| id: login-ocir | |
| uses: oracle-actions/[email protected] | |
| with: | |
| auth_token: ${{ secrets.OCI_AUTH_TOKEN }} | |
| - name: Get ocg-dbmigrator OCIR repository | |
| id: get-ocir-repository-dbmigrator | |
| uses: oracle-actions/[email protected] | |
| with: | |
| name: ocg/dbmigrator | |
| compartment: ${{ secrets.OCI_COMPARTMENT_OCID }} | |
| - name: Build and push ocg-dbmigrator image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| OCIR_REGISTRY: ${{ steps.login-ocir.outputs.ocir_endpoint }} | |
| OCIR_REPOSITORY: ${{ steps.get-ocir-repository-dbmigrator.outputs.repo_path }} | |
| run: | | |
| docker build \ | |
| -f database/migrations/Dockerfile \ | |
| -t $ECR_REGISTRY/ocg/dbmigrator:$GITHUB_SHA \ | |
| -t $OCIR_REPOSITORY:$GITHUB_SHA \ | |
| . | |
| docker push $ECR_REGISTRY/ocg/dbmigrator:$GITHUB_SHA | |
| docker push $OCIR_REPOSITORY:$GITHUB_SHA | |
| build-ocg-server-image: | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v5 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-2 | |
| - name: Login to AWS ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: Login to OCI Registry | |
| id: login-ocir | |
| uses: oracle-actions/[email protected] | |
| with: | |
| auth_token: ${{ secrets.OCI_AUTH_TOKEN }} | |
| - name: Get ocg-server OCIR repository | |
| id: get-ocir-repository-server | |
| uses: oracle-actions/[email protected] | |
| with: | |
| name: ocg/server | |
| compartment: ${{ secrets.OCI_COMPARTMENT_OCID }} | |
| - name: Build and push ocg-server image | |
| env: | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| OCIR_REGISTRY: ${{ steps.login-ocir.outputs.ocir_endpoint }} | |
| OCIR_REPOSITORY: ${{ steps.get-ocir-repository-server.outputs.repo_path }} | |
| run: | | |
| docker build \ | |
| -f ocg-server/Dockerfile \ | |
| -t $ECR_REGISTRY/ocg/server:$GITHUB_SHA \ | |
| -t $OCIR_REPOSITORY:$GITHUB_SHA \ | |
| . | |
| docker push $ECR_REGISTRY/ocg/server:$GITHUB_SHA | |
| docker push $OCIR_REPOSITORY:$GITHUB_SHA |