[CI-Only] Support per-commit dev images and fossa scanning (#2255)

4 years ago · e7a32ebd68
parent a17e973712
commit e7a32ebd68
2 changed files with 45 additions and 7 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -16,6 +16,7 @@ jobs:
    runs-on: ubuntu-latest
    outputs:
      product-version: ${{ steps.get-product-version.outputs.product-version }}
+      product-minor-version: ${{ steps.get-product-version.outputs.product-minor-version }}
    steps:
      - uses: actions/checkout@v3
      - name: Setup go
@ -25,8 +26,19 @@ jobs:
      - name: get product version
        id: get-product-version
        run: |
-          make version
-          echo "::set-output name=product-version::$(make version)"
+          VERSION=$(make version)
+          MINOR_VERSION=${VERSION%.*}
+          echo "::set-output name=product-version::$VERSION"
+          echo "::set-output name=product-minor-version::$MINOR_VERSION"
+
+  verify-product-version:
+    needs: get-product-version
+    runs-on: ubuntu-latest
+    steps:
+      - name: Verify version strings
+        run: |
+          echo product-version: ${{ needs.get-product-version.outputs.product-version }}
+          echo minor-version: ${{ needs.get-product-version.outputs.product-minor-version }}

  generate-metadata-file:
    needs: get-product-version
@ -291,11 +303,9 @@ jobs:
    env:
      repo: ${{ github.event.repository.name }}
      version: ${{ needs.get-product-version.outputs.product-version }}
+      minor-version: ${{ needs.get-product-version.outputs.product-minor-version }}
    steps:
      - uses: actions/checkout@v3
-      - name: Replace + in version
-        run: |
-          echo "dockerversion=$(echo ${{ needs.get-product-version.outputs.product-version }} | sed 's/+ent/-ent/g')" >> $GITHUB_ENV
      - name: Docker Build (Action)
        uses: hashicorp/actions-docker-build@v1
        with:
@ -303,5 +313,10 @@ jobs:
          target: default
          arch: ${{ matrix.arch }}
          tags: |
-            docker.io/hashicorp/${{ env.repo }}:${{ env.dockerversion }}
-            public.ecr.aws/hashicorp/${{ env.repo }}:${{ env.dockerversion }}
+            docker.io/hashicorp/${{ env.repo }}:${{ env.version }}
+            public.ecr.aws/hashicorp/${{ env.repo }}:${{ env.version }}
+          # Per-commit dev images follow the naming convention MAJOR.MINOR-dev
+          # And MAJOR.MINOR-dev-$COMMITSHA
+          dev_tags: |
+            docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor-version }}-dev
+            docker.io/hashicorppreview/${{ env.repo }}:${{ env.minor-version }}-dev-${{ github.sha }}
--- a/.release/ci.hcl
+++ b/.release/ci.hcl
@ -174,6 +174,29 @@ event "verify" {
  }
 }

+event "promote-dev-docker" {
+  depends = ["verify"]
+  action "promote-dev-docker" {
+    organization = "hashicorp"
+    repository = "crt-workflows-common"
+    workflow = "promote-dev-docker"
+    depends = ["verify"]
+  }
+
+  notification {
+    on = "fail"
+  }
+}
+
+event "fossa-scan" {
+  depends = ["promote-dev-docker"]
+  action "fossa-scan" {
+    organization = "hashicorp"
+    repository = "crt-workflows-common"
+    workflow = "fossa-scan"
+  }
+}
+
 ## These are promotion and post-publish events
 ## they should be added to the end of the file after the verify event stanza.