Skip to content

Commit a0d785c

Browse files
committed
Build and publish images
Add a Dockerfile and Github Action workflow to build an image and publish it on Github Container Registry.
1 parent 56dff8e commit a0d785c

File tree

3 files changed

+83
-0
lines changed

3 files changed

+83
-0
lines changed

.dockerignore

+2
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
.git
2+
target

.github/workflows/container-image.yml

+57
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
on:
2+
push:
3+
branches:
4+
- main
5+
tags:
6+
- 'v*'
7+
8+
name: build container image
9+
10+
jobs:
11+
build:
12+
name: Build container image
13+
runs-on: ubuntu-latest
14+
steps:
15+
-
16+
name: Checkout code
17+
uses: actions/checkout@v2
18+
-
19+
name: Set up QEMU
20+
uses: docker/setup-qemu-action@v1
21+
-
22+
name: Set up Docker Buildx
23+
uses: docker/setup-buildx-action@v1
24+
-
25+
name: Login to GitHub Container Registry
26+
uses: docker/login-action@v1
27+
with:
28+
registry: ghcr.io
29+
username: ${{ github.repository_owner }}
30+
password: ${{ secrets.CR_PAT }}
31+
-
32+
name: Build and push development container image
33+
if: ${{ startsWith(github.ref, 'refs/heads/') }}
34+
uses: docker/build-push-action@v2
35+
with:
36+
context: .
37+
file: ./Dockerfile
38+
platforms: linux/amd64 #,linux/arm64 <- build fails on arm64 because of libwasmtime missing
39+
push: true
40+
tags: |
41+
ghcr.io/chimera-kube/policy-server:latest
42+
-
43+
name: Retrieve tag name
44+
if: ${{ startsWith(github.ref, 'refs/tags/') }}
45+
run: |
46+
echo TAG_NAME=$(echo $GITHUB_REF | sed -e "s|refs/tags/||") >> $GITHUB_ENV
47+
-
48+
name: Build and push tagged container image
49+
if: ${{ startsWith(github.ref, 'refs/tags/') }}
50+
uses: docker/build-push-action@v2
51+
with:
52+
context: .
53+
file: ./Dockerfile
54+
platforms: linux/amd64 #,linux/arm64 <- build fails on arm64 because of libwasmtime missing
55+
push: true
56+
tags: |
57+
ghcr.io/chimera-kube/policy-server:${{ env.TAG_NAME }}

Dockerfile

+24
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
# build image
2+
FROM rust:1.49 as builder
3+
4+
WORKDIR /usr/src/policy-server
5+
COPY . .
6+
RUN cargo install --path .
7+
8+
# final image
9+
FROM rust:1.49-slim
10+
COPY --from=builder /usr/local/cargo/bin/policy-server /usr/local/bin/policy-server
11+
12+
RUN adduser \
13+
--disabled-password \
14+
--gecos "" \
15+
--no-create-home \
16+
--home "/none" \
17+
--shell "/sbin/nologin" \
18+
--uid 2000 \
19+
chimera
20+
USER chimera
21+
22+
EXPOSE 3000
23+
24+
ENTRYPOINT ["/usr/local/bin/policy-server"]

0 commit comments

Comments
 (0)