mirror of
https://github.com/geoserver/geoserver-cloud.git
synced 2025-12-08 20:16:08 +00:00
214 lines
5.8 KiB
YAML
214 lines
5.8 KiB
YAML
# Builds and pushes docker images on main and tags
|
|
|
|
name: Build and Push Docker images
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- "release/**"
|
|
paths:
|
|
- "Makefile"
|
|
- "pom.xml"
|
|
- ".github/workflows/build-and-push.yaml"
|
|
- "docker-build/**"
|
|
- "config"
|
|
- "src/**"
|
|
tags:
|
|
- '*'
|
|
# cancel in-progress jobs or runs for the current workflow
|
|
# see https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/control-the-concurrency-of-workflows-and-jobs#example-only-cancel-in-progress-jobs-or-runs-for-the-current-workflow
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
base-images:
|
|
if: github.repository == 'geoserver/geoserver-cloud'
|
|
name: Build and Push Base Images
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 60
|
|
steps:
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
with:
|
|
platforms: linux/amd64,linux/arm64
|
|
install: true
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
submodules: recursive
|
|
|
|
- name: Setup Java
|
|
uses: actions/setup-java@v4
|
|
with:
|
|
distribution: 'temurin'
|
|
java-version: '21'
|
|
cache: 'maven'
|
|
|
|
- name: Package base images
|
|
run: |
|
|
make package-base-images
|
|
|
|
- name: Build and push base images
|
|
run: |
|
|
REPACKAGE=false make build-base-images-multiplatform
|
|
|
|
- name: Clean up Maven project artifacts
|
|
run: |
|
|
rm -rf ~/.m2/repository/org/geoserver
|
|
find ~/.m2/repository -name "*SNAPSHOT*" -type d -exec rm -rf {} + 2>/dev/null || true
|
|
|
|
infrastructure-images:
|
|
needs: base-images
|
|
if: github.repository == 'geoserver/geoserver-cloud'
|
|
name: Build infrastructure images
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 60
|
|
steps:
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
with:
|
|
platforms: linux/amd64,linux/arm64
|
|
install: true
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
submodules: recursive
|
|
|
|
- name: Setup Java
|
|
uses: actions/setup-java@v4
|
|
with:
|
|
distribution: 'temurin'
|
|
java-version: '21'
|
|
cache: 'maven'
|
|
|
|
- name: Package infrastructure apps
|
|
run: |
|
|
make package-infrastructure-images
|
|
|
|
- name: Build and push infrastructure images
|
|
run: |
|
|
REPACKAGE=false make build-image-infrastructure-multiplatform
|
|
|
|
- name: Clean up Maven project artifacts
|
|
run: |
|
|
rm -rf ~/.m2/repository/org/geoserver
|
|
find ~/.m2/repository -name "*SNAPSHOT*" -type d -exec rm -rf {} + 2>/dev/null || true
|
|
|
|
geoserver-images:
|
|
needs: base-images
|
|
if: github.repository == 'geoserver/geoserver-cloud'
|
|
name: Build GeoServer image
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 60
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
# matches app folder names in src/apps/geoserver/* and docker compose service names
|
|
app: [ 'wms', 'wfs', 'wcs', 'wps', 'gwc', 'restconfig', 'webui' ]
|
|
steps:
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
|
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v3
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
with:
|
|
platforms: linux/amd64,linux/arm64
|
|
install: true
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
submodules: recursive
|
|
|
|
- name: Setup Java
|
|
uses: actions/setup-java@v4
|
|
with:
|
|
distribution: 'temurin'
|
|
java-version: '21'
|
|
cache: 'maven'
|
|
|
|
- name: Package GeoServer apps
|
|
run: |
|
|
./mvnw clean package -DskipTests -T1C -ntp -am -pl src/apps/geoserver/${{ matrix.app }}
|
|
|
|
- name: Build and push GeoServer images
|
|
run: |
|
|
REPACKAGE=false make build-image-geoserver-multiplatform ${{ matrix.app }}
|
|
|
|
- name: Clean up Maven project artifacts
|
|
run: |
|
|
rm -rf ~/.m2/repository/org/geoserver
|
|
find ~/.m2/repository -name "*SNAPSHOT*" -type d -exec rm -rf {} + 2>/dev/null || true
|
|
|
|
sign-images:
|
|
needs: [base-images, infrastructure-images, geoserver-images]
|
|
if: github.repository == 'geoserver/geoserver-cloud'
|
|
name: Sign and Verify Images
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 30
|
|
steps:
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v3
|
|
with:
|
|
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
submodules: recursive
|
|
|
|
- name: Setup Java
|
|
uses: actions/setup-java@v4
|
|
with:
|
|
distribution: 'temurin'
|
|
java-version: '21'
|
|
|
|
- name: Pull all images
|
|
run: |
|
|
make pull-images
|
|
|
|
- name: Install Cosign
|
|
uses: sigstore/cosign-installer@v3.5.0
|
|
|
|
- name: Sign images
|
|
env:
|
|
COSIGN_KEY: ${{ secrets.COSIGN_KEY }}
|
|
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
|
|
run: |
|
|
make sign-image
|
|
|
|
- name: Verify image signatures
|
|
env:
|
|
COSIGN_PUB_KEY: ${{ secrets.COSIGN_PUB_KEY }}
|
|
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
|
|
run: |
|
|
make verify-image
|