More CI workflow fixes #4
This commit is contained in:
parent
64524010a0
commit
ab801dfe89
1 changed files with 29 additions and 7 deletions
|
|
@ -1,5 +1,7 @@
|
||||||
name: CI/CD Pipeline with Secure Ephemeral PiP
|
name: CI/CD Pipeline with Secure Ephemeral PiP
|
||||||
|
|
||||||
|
x-podman-client: &podman_client quay.io/podman/stable@sha256:482bce3a829893f0dc3bf497c9a7609341fca11b34e35a92d308eb971ad61adb
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches: [main]
|
branches: [main]
|
||||||
|
|
@ -23,14 +25,17 @@ env:
|
||||||
RUST_IMG_DIGEST: ${{ secrets.RUST_IMG_DIGEST }} # e.g., docker.io/library/rust@sha256:...
|
RUST_IMG_DIGEST: ${{ secrets.RUST_IMG_DIGEST }} # e.g., docker.io/library/rust@sha256:...
|
||||||
NODE_IMG_DIGEST: ${{ secrets.NODE_IMG_DIGEST }} # e.g., docker.io/library/node@sha256:...
|
NODE_IMG_DIGEST: ${{ secrets.NODE_IMG_DIGEST }} # e.g., docker.io/library/node@sha256:...
|
||||||
POSTGRES_IMG_DIGEST: ${{ secrets.POSTGRES_IMG_DIGEST }} # e.g., docker.io/library/postgres@sha256:...
|
POSTGRES_IMG_DIGEST: ${{ secrets.POSTGRES_IMG_DIGEST }} # e.g., docker.io/library/postgres@sha256:...
|
||||||
PODMAN_CLIENT_IMG_DIGEST: ${{ secrets.PODMAN_CLIENT_IMG_DIGEST }} # e.g., quay.io/podman/stable@sha256:...
|
|
||||||
PODMAN_SOCK: /run/user/999/podman/podman.sock
|
PODMAN_SOCK: /run/user/999/podman/podman.sock
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
test-backend:
|
test-backend:
|
||||||
runs-on: [ci]
|
runs-on: [ci]
|
||||||
|
|
||||||
container: ${{ secrets.PODMAN_CLIENT_IMG_DIGEST }}
|
container:
|
||||||
|
image: *podman_client
|
||||||
|
|
||||||
|
env:
|
||||||
|
PODMAN_CLIENT_IMG_DIGEST: *podman_client
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
|
|
@ -55,7 +60,7 @@ jobs:
|
||||||
|
|
||||||
- name: Setup ephemeral PiP container
|
- name: Setup ephemeral PiP container
|
||||||
env:
|
env:
|
||||||
PODMAN_CLIENT_IMG_DIGEST: ${{ secrets.PODMAN_CLIENT_IMG_DIGEST }}
|
PODMAN_CLIENT_IMG_DIGEST: quay.io/podman/stable@sha256:482bce3a829893f0dc3bf497c9a7609341fca11b34e35a92d308eb971ad61adb
|
||||||
SOCKET_PATH: ${{ env.PODMAN_SOCK }}
|
SOCKET_PATH: ${{ env.PODMAN_SOCK }}
|
||||||
run: |
|
run: |
|
||||||
chmod +x ./secure_pip_setup.sh
|
chmod +x ./secure_pip_setup.sh
|
||||||
|
|
@ -136,7 +141,11 @@ jobs:
|
||||||
runs-on: [ci]
|
runs-on: [ci]
|
||||||
needs: test-backend
|
needs: test-backend
|
||||||
|
|
||||||
container: ${{ secrets.PODMAN_CLIENT_IMG_DIGEST }}
|
container:
|
||||||
|
image: *podman_client
|
||||||
|
|
||||||
|
env:
|
||||||
|
PODMAN_CLIENT_IMG_DIGEST: *podman_client
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
|
|
@ -194,7 +203,11 @@ jobs:
|
||||||
runs-on: [ci]
|
runs-on: [ci]
|
||||||
needs: test-frontend
|
needs: test-frontend
|
||||||
|
|
||||||
container: ${{ secrets.PODMAN_CLIENT_IMG_DIGEST }}
|
container:
|
||||||
|
image: *podman_client
|
||||||
|
|
||||||
|
env:
|
||||||
|
PODMAN_CLIENT_IMG_DIGEST: *podman_client
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
|
|
@ -261,7 +274,11 @@ jobs:
|
||||||
runs-on: [ci]
|
runs-on: [ci]
|
||||||
needs: test-frontend
|
needs: test-frontend
|
||||||
|
|
||||||
container: ${{ secrets.PODMAN_CLIENT_IMG_DIGEST }}
|
container:
|
||||||
|
image: *podman_client
|
||||||
|
|
||||||
|
env:
|
||||||
|
PODMAN_CLIENT_IMG_DIGEST: *podman_client
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
|
|
@ -328,7 +345,12 @@ jobs:
|
||||||
runs-on: [prod]
|
runs-on: [prod]
|
||||||
needs: [build-backend, build-frontend]
|
needs: [build-backend, build-frontend]
|
||||||
if: success()
|
if: success()
|
||||||
container: ${{ secrets.PODMAN_CLIENT_IMG_DIGEST }}
|
|
||||||
|
container:
|
||||||
|
image: *podman_client
|
||||||
|
|
||||||
|
env:
|
||||||
|
PODMAN_CLIENT_IMG_DIGEST: *podman_client
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue