From b3727c075a90d405372176c7c15563f2e8769b1d Mon Sep 17 00:00:00 2001 From: Harshal Sheth Date: Thu, 29 Aug 2024 12:45:36 -0700 Subject: [PATCH] test out depot.dev --- .../docker-custom-build-and-push/action.yml | 21 ++++++++----------- .github/workflows/docker-unified.yml | 4 ++++ 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/.github/actions/docker-custom-build-and-push/action.yml b/.github/actions/docker-custom-build-and-push/action.yml index f8e5d08a4e9895..d39d2759faddb2 100644 --- a/.github/actions/docker-custom-build-and-push/action.yml +++ b/.github/actions/docker-custom-build-and-push/action.yml @@ -40,7 +40,6 @@ outputs: image_tag: description: "Docker image tags" value: ${{ steps.docker_meta.outputs.tags }} - # image_name: ${{ env.DATAHUB_GMS_IMAGE }} runs: using: "composite" @@ -74,10 +73,8 @@ runs: load: true push: false cache-from: | - type=gha,scope=${{ inputs.file }}-${{ inputs.flavor }} type=registry,ref=${{ steps.docker_meta.outputs.tags }} cache-to: | - type=gha,scope=${{ inputs.file }}-${{ inputs.flavor }} type=inline - name: Single Tag if: ${{ inputs.publish != 'true' }} @@ -98,12 +95,12 @@ runs: image: ${{ steps.single_tag.outputs.SINGLE_TAG }} # Code for building multi-platform images and pushing to Docker Hub. - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - if: ${{ inputs.publish == 'true' }} - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - if: ${{ inputs.publish == 'true' }} + # - name: Set up QEMU + # uses: docker/setup-qemu-action@v3 + # if: ${{ inputs.publish == 'true' }} + # - name: Set up Docker Buildx + # uses: docker/setup-buildx-action@v3 + # if: ${{ inputs.publish == 'true' }} - name: Login to DockerHub uses: docker/login-action@v3 if: ${{ inputs.publish == 'true' }} @@ -111,9 +108,11 @@ runs: username: ${{ inputs.username }} password: ${{ inputs.password }} - name: Build and Push Multi-Platform image - uses: docker/build-push-action@v6 + # uses: docker/build-push-action@v6 + uses: depot/build-push-action@v1 if: ${{ inputs.publish == 'true' }} with: + project: s0gr1cr3jd context: ${{ inputs.context }} file: ${{ inputs.file }} platforms: ${{ inputs.platforms }} @@ -122,10 +121,8 @@ runs: target: ${{ inputs.target }} push: true cache-from: | - type=gha,scope=${{ inputs.file }}-${{ inputs.flavor }} type=registry,ref=${{ steps.docker_meta.outputs.tags }} cache-to: | - type=gha,scope=${{ inputs.file }}-${{ inputs.flavor }} type=inline # TODO add code for vuln scanning? diff --git a/.github/workflows/docker-unified.yml b/.github/workflows/docker-unified.yml index 2fe73a31eeb03e..9ac200cb1dfdce 100644 --- a/.github/workflows/docker-unified.yml +++ b/.github/workflows/docker-unified.yml @@ -33,6 +33,10 @@ env: DATAHUB_INGESTION_BASE_IMAGE: "acryldata/datahub-ingestion-base" DATAHUB_INGESTION_IMAGE: "acryldata/datahub-ingestion" +permissions: + contents: read + id-token: write + jobs: setup: runs-on: ubuntu-latest