mirror of
https://github.com/falcosecurity/falco.git
synced 2025-10-21 19:44:57 +00:00
2a22189222
Signed-off-by: Federico Di Pierro <nierro92@gmail.com> Co-authored-by: Luca Guerra <luca@guerra.sh>
170 lines
7.4 KiB
YAML
170 lines
7.4 KiB
YAML
# This is a reusable workflow used by master and release CI
|
|
on:
|
|
workflow_call:
|
|
|
|
permissions:
|
|
id-token: write
|
|
contents: read
|
|
|
|
env:
|
|
AWS_S3_REGION: eu-west-1
|
|
|
|
jobs:
|
|
publish-docker:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
|
|
- name: Download images tarballs
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: falco-images
|
|
path: /tmp
|
|
|
|
- name: Load all images
|
|
run: |
|
|
for img in /tmp/falco-images/falco-*.tar; do docker load --input $img; done
|
|
|
|
- name: Login to Docker Hub
|
|
uses: docker/login-action@v2
|
|
with:
|
|
username: ${{ secrets.DOCKERHUB_USER }}
|
|
password: ${{ secrets.DOCKERHUB_SECRET }}
|
|
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@v2
|
|
with:
|
|
role-to-assume: "arn:aws:iam::292999226676:role/github_actions-falco-ecr"
|
|
aws-region: ${{ env.AWS_S3_REGION }}
|
|
|
|
- name: Login to Amazon ECR
|
|
id: login-ecr-public
|
|
uses: aws-actions/amazon-ecr-login@2f9f10ea3fa2eed41ac443fee8bfbd059af2d0a4 # v1.6.0
|
|
with:
|
|
registry-type: public
|
|
|
|
- name: Login to Amazon ECR Public
|
|
run: |
|
|
aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/falcosecurity
|
|
|
|
- name: Create and push no-driver manifest
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: falcosecurity/falco-no-driver:${{ github.ref_name }}
|
|
images: falcosecurity/falco-no-driver:aarch64-${{ github.ref_name }},falcosecurity/falco-no-driver:x86_64-${{ github.ref_name }}
|
|
push: true
|
|
|
|
- name: Create and push slim manifest
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: falcosecurity/falco:${{ github.ref_name }}-slim
|
|
images: falcosecurity/falco:aarch64-${{ github.ref_name }}-slim,falcosecurity/falco:x86_64-${{ github.ref_name }}-slim
|
|
push: true
|
|
|
|
- name: Create and push no-driver manifest for ecr
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: public.ecr.aws/falcosecurity/falco-no-driver:${{ github.ref_name }}
|
|
images: public.ecr.aws/falcosecurity/falco-no-driver:aarch64-${{ github.ref_name }},public.ecr.aws/falcosecurity/falco-no-driver:x86_64-${{ github.ref_name }}
|
|
push: true
|
|
|
|
- name: Create and push slim manifest for ecr
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: public.ecr.aws/falcosecurity/falco:${{ github.ref_name }}-slim
|
|
images: public.ecr.aws/falcosecurity/falco:aarch64-${{ github.ref_name }}-slim,public.ecr.aws/falcosecurity/falco:x86_64-${{ github.ref_name }}-slim
|
|
push: true
|
|
|
|
- name: Create and push no-driver latest manifest
|
|
if: ${{ github.ref_name != 'master' }}
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: falcosecurity/falco-no-driver:latest
|
|
images: falcosecurity/falco-no-driver:aarch64-latest,falcosecurity/falco-no-driver:x86_64-latest
|
|
push: true
|
|
|
|
- name: Create and push slim latest manifest
|
|
if: ${{ github.ref_name != 'master' }}
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: falcosecurity/falco:latest-slim
|
|
images: falcosecurity/falco:aarch64-latest-slim,falcosecurity/falco:x86_64-latest-slim
|
|
push: true
|
|
|
|
- name: Create and push no-driver latest manifest for ecr
|
|
if: ${{ github.ref_name != 'master' }}
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: public.ecr.aws/falcosecurity/falco-no-driver:latest
|
|
images: public.ecr.aws/falcosecurity/falco-no-driver:aarch64-latest,public.ecr.aws/falcosecurity/falco-no-driver:x86_64-latest
|
|
push: true
|
|
|
|
- name: Create and push slim latest manifest for ecr
|
|
if: ${{ github.ref_name != 'master' }}
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: public.ecr.aws/falcosecurity/falco:latest-slim
|
|
images: public.ecr.aws/falcosecurity/falco:aarch64-latest-slim,public.ecr.aws/falcosecurity/falco:x86_64-latest-slim
|
|
push: true
|
|
|
|
- name: Create and push falco manifest
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: falcosecurity/falco:${{ github.ref_name }}
|
|
images: falcosecurity/falco:aarch64-${{ github.ref_name }},falcosecurity/falco:x86_64-${{ github.ref_name }}
|
|
push: true
|
|
|
|
- name: Create and push falco manifest for ecr
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: public.ecr.aws/falcosecurity/falco:${{ github.ref_name }}
|
|
images: public.ecr.aws/falcosecurity/falco:aarch64-${{ github.ref_name }},public.ecr.aws/falcosecurity/falco:x86_64-${{ github.ref_name }}
|
|
push: true
|
|
|
|
- name: Create and push falco latest manifest
|
|
if: ${{ github.ref_name != 'master' }}
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: falcosecurity/falco:latest
|
|
images: falcosecurity/falco:aarch64-latest,falcosecurity/falco:x86_64-latest
|
|
push: true
|
|
|
|
- name: Create and push falco latest manifest for ecr
|
|
if: ${{ github.ref_name != 'master' }}
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: public.ecr.aws/falcosecurity/falco:latest
|
|
images: public.ecr.aws/falcosecurity/falco:aarch64-latest,public.ecr.aws/falcosecurity/falco:x86_64-latest
|
|
push: true
|
|
|
|
- name: Create and push falco-driver-loader manifest
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: falcosecurity/falco-driver-loader:${{ github.ref_name }}
|
|
images: falcosecurity/falco-driver-loader:aarch64-${{ github.ref_name }},falcosecurity/falco-driver-loader:x86_64-${{ github.ref_name }}
|
|
push: true
|
|
|
|
- name: Create and push falco-driver-loader manifest for ecr
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: public.ecr.aws/falcosecurity/falco-driver-loader:${{ github.ref_name }}
|
|
images: public.ecr.aws/falcosecurity/falco-driver-loader:aarch64-${{ github.ref_name }},public.ecr.aws/falcosecurity/falco-driver-loader:x86_64-${{ github.ref_name }}
|
|
push: true
|
|
|
|
- name: Create and push falco-driver-loader latest manifest
|
|
if: ${{ github.ref_name != 'master' }}
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: falcosecurity/falco-driver-loader:latest
|
|
images: falcosecurity/falco-driver-loader:aarch64-latest,falcosecurity/falco-driver-loader:x86_64-latest
|
|
push: true
|
|
|
|
- name: Create and push falco-driver-loader latest manifest for ecr
|
|
if: ${{ github.ref_name != 'master' }}
|
|
uses: Noelware/docker-manifest-action@master
|
|
with:
|
|
inputs: public.ecr.aws/falcosecurity/falco-driver-loader:latest
|
|
images: public.ecr.aws/falcosecurity/falco-driver-loader:aarch64-latest,public.ecr.aws/falcosecurity/falco-driver-loader:x86_64-latest
|
|
push: true
|