File tree Expand file tree Collapse file tree 5 files changed +82
-0
lines changed
Expand file tree Collapse file tree 5 files changed +82
-0
lines changed Original file line number Diff line number Diff line change 1+ name : ci
2+
3+ on :
4+ workflow_dispatch :
5+ pull_request :
6+ push :
7+ branches :
8+ - main
9+
10+ permissions :
11+ actions : read
12+ contents : write
13+ id-token : write
14+ packages : write
15+ security-events : write
16+
17+ jobs :
18+ image :
19+ uses : vexxhost/github-actions/.github/workflows/image.yml@main
20+ with :
21+ image-ref : ghcr.io/${{ github.repository_owner }}/kubernetes-entrypoint
22+ push : ${{ github.event_name == 'push' }}
Original file line number Diff line number Diff line change 1+ name : periodic
2+
3+ on :
4+ schedule :
5+ - cron : " 0 0 * * *"
6+
7+ permissions :
8+ contents : read
9+ security-events : write
10+
11+ jobs :
12+ scan :
13+ runs-on : ubuntu-latest
14+ steps :
15+ - uses : vexxhost/github-actions/scan-image@main
16+ with :
17+ image-ref : ghcr.io/${{ github.repository_owner }}/kubernetes-entrypoint:edge
Original file line number Diff line number Diff line change 1+ FROM golang:1.23.1 AS build
2+ # renovate: name=airship/kubernetes-entrypoint repo=https://opendev.org/airship/kubernetes-entrypoint.git branch=master
3+ ARG KUBERNETES_ENTRYPOINT_GIT_REF=cc2737be5285951ac08b32e76dfd375e1a0ab81f
4+ ADD https://opendev.org/airship/kubernetes-entrypoint.git#${KUBERNETES_ENTRYPOINT_GIT_REF} /src
5+ WORKDIR /src
6+ RUN CGO_ENABLED=0 GOOS=linux go build -o /main
7+
8+ FROM scratch
9+ COPY --from=build /main /kubernetes-entrypoint
10+ USER 65534
11+ ENTRYPOINT ["/kubernetes-entrypoint" ]
Original file line number Diff line number Diff line change 1+ # ` docker-kubernetes-entrypoint `
2+
3+ This is a build of the ` kubernetes-entrypoint ` component for Atmosphere
4+ which is built on top of ` scratch ` .
5+
6+ - Security scanning via Trivy
7+ - Periodic vulnerability scanning via Trivy
8+ - Automatic dependency updates via Renovate
9+
10+ The image is published to the following GitHub Container Registry:
11+
12+ - ` ghcr.io/vexxhost/kubernetes-entrypoint:edge `
13+ - ` ghcr.io/vexxhost/kubernetes-entrypoint:edge-<timestamp> `
14+ - ` ghcr.io/vexxhost/kubernetes-entrypoint:sha-<short-sha> `
Original file line number Diff line number Diff line change 1+ {
2+ "$schema" : " https://docs.renovatebot.com/renovate-schema.json"
3+ "extends" : [
4+ " config:recommended"
5+ " docker:pinDigests"
6+ " helpers:pinGitHubActionDigestsToSemver"
7+ ],
8+ "customManagers" : [
9+ {
10+ "customType" : " regex"
11+ "fileMatch" : [" Dockerfile"
12+ "matchStrings" : [
13+ " # renovate: name=(?<depName>.+?) repo=(?<packageName>.+?) branch=(?<currentValue>.+?)\n ARG .+?_GIT_REF=(?<currentDigest>.+?)\n "
14+ ],
15+ "datasourceTemplate" : " git-refs"
16+ }
17+ ]
18+ }
You can’t perform that action at this time.
0 commit comments