From 7ad528fef58157b32157e88320576d95c87d0aa9 Mon Sep 17 00:00:00 2001 From: Travis Groth Date: Sun, 12 Apr 2020 14:42:03 -0400 Subject: [PATCH] Update docker master/latest tag handling (#598) * Ensure latest is actually latest semver and not last published * Resume publishing master snapshot * Build master image off debug gcr.io/distroless/base:debug --- .github/goreleaser.yaml | 4 ---- .github/workflows/docker-master.yaml | 19 +++++++++++++++++++ .github/workflows/release.yaml | 25 +++++++++++++++++++++++++ Dockerfile | 2 +- 4 files changed, 45 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/docker-master.yaml diff --git a/.github/goreleaser.yaml b/.github/goreleaser.yaml index f76c0c14b..e8753c575 100644 --- a/.github/goreleaser.yaml +++ b/.github/goreleaser.yaml @@ -93,7 +93,6 @@ snapshot: dockers: - image_templates: - "pomerium/pomerium:{{ .Tag }}" - - "pomerium/pomerium:latest" dockerfile: .github/Dockerfile-release binaries: - pomerium @@ -111,7 +110,6 @@ dockers: - goarch: arm64 image_templates: - "pomerium/pomerium:arm64v8-{{ .Tag }}" - - "pomerium/pomerium:arm64v8-latest" dockerfile: .github/Dockerfile-release.arm64v8 binaries: - pomerium @@ -130,7 +128,6 @@ dockers: goarm: 7 image_templates: - "pomerium/pomerium:arm32v7-{{ .Tag }}" - - "pomerium/pomerium:arm32v7-latest" dockerfile: .github/Dockerfile-release.arm32v7 binaries: - pomerium @@ -150,7 +147,6 @@ dockers: goarm: 6 image_templates: - "pomerium/pomerium:arm32v6-{{ .Tag }}" - - "pomerium/pomerium:arm32v6-latest" dockerfile: .github/Dockerfile-release.arm32v6 binaries: - pomerium diff --git a/.github/workflows/docker-master.yaml b/.github/workflows/docker-master.yaml new file mode 100644 index 000000000..42f283e81 --- /dev/null +++ b/.github/workflows/docker-master.yaml @@ -0,0 +1,19 @@ +name: Docker Tag - Master +on: + push: + branches: + - master + +jobs: + publish: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Docker Publish - Master + uses: zenato/docker-action@master + with: + username: ${{ secrets.DOCKERHUB_USER }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + repository: pomerium/pomerium + tag: master diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f8ca67bf4..65a873b31 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -30,3 +30,28 @@ jobs: args: release --config .github/goreleaser.yaml env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Get tag name + id: tagName + uses: olegtarasov/get-tag@v1 + + - name: Find latest tag + id: latestTag + run: | + LATEST_TAG=$(git tag | sort --version-sort | tail -1) + echo "::set-env name=LATEST_TAG::$LATEST_TAG" + + - name: Publish latest tag + if: "env.LATEST_TAG == steps.tagName.outputs.tag" + run: | + docker tag pomerium/pomerium:${{ env.LATEST_TAG }} pomerium/pomerium:latest + docker push pomerium/pomerium:latest + + docker tag pomerium/pomerium:arm32v7-${{ env.LATEST_TAG }} pomerium/pomerium:arm32v7-latest + docker push pomerium/pomerium:arm32v7-latest + + docker tag pomerium/pomerium:arm32v6-${{ env.LATEST_TAG }} pomerium/pomerium:arm32v6-latest + docker push pomerium/pomerium:arm32v6-latest + + docker tag pomerium/pomerium:arm64v8-${{ env.LATEST_TAG }} pomerium/pomerium:arm64v8-latest + docker push pomerium/pomerium:arm64v8-latest diff --git a/Dockerfile b/Dockerfile index 95f7ce5e8..81a21b736 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ COPY . . RUN make RUN touch /config.yaml -FROM gcr.io/distroless/static +FROM gcr.io/distroless/base:debug WORKDIR /pomerium COPY --from=build /go/src/github.com/pomerium/pomerium/bin/* /bin/ COPY --from=build /config.yaml /pomerium/config.yaml