add plus credentials to single image build (#6099)

nginxinc · Aug 6, 2024 · 58e9350 · 58e9350
1 parent 5f68f1b
commit 58e9350
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 5 deletions.
diff --git a/.github/workflows/build-single-image.yml b/.github/workflows/build-single-image.yml
@@ -9,7 +9,7 @@ on:
  required: true
  type: string
  prefix:
- description: 'Image prefix to use in GCR, e.g. nginx-ic'
+ description: 'Image prefix to use in GCR, e.g. nginx-ic/nginx-ingress'
  required: true
  type: string
  tag:
@@ -50,6 +50,17 @@ jobs:
  ref: ${{ inputs.branch }}
  fetch-depth: 0
 
+ - name: Output Variables
+ id: vars
+ run: |
+ ./.github/scripts/variables.sh go_code_md5 >> $GITHUB_OUTPUT
+ cat $GITHUB_OUTPUT
+
+ - name: Setup Golang Environment
+ uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+ with:
+ go-version-file: go.mod
+
  - name: Authenticate to Google Cloud
  id: auth
  uses: google-github-actions/auth@71fee32a0bb7e97b4d33d548e7d957010649d8fa # v2.1.3
@@ -65,8 +76,25 @@ jobs:
  username: oauth2accesstoken
  password: ${{ steps.auth.outputs.access_token }}
 
- - name: Docker Buildx
- uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+ - name: Setup plus credentials
+ run: |
+ printf '%s\n' "${CERT}" > nginx-repo.crt
+ printf '%s\n' "${KEY}" > nginx-repo.key
+ if [[ "${{ inputs.target }}" =~ ubi ]]; then
+ printf '%s\n' "${RHEL}" > rhel_license
+ fi
+ env:
+ CERT: ${{ secrets.NGINX_CRT }}
+ KEY: ${{ secrets.NGINX_KEY }}
+ RHEL: ${{ secrets.RHEL_LICENSE }}
+ if: ${{ contains(inputs.target, 'plus') }}
+
+ - name: Fetch Cached Binary Artifacts
+ id: binary-cache
+ uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
+ with:
+ path: ${{ github.workspace }}/dist
+ key: nginx-ingress-${{ steps.vars.outputs.go_code_md5 }}
 
  - name: Build Image
  run: |
@@ -76,7 +104,12 @@ jobs:
  PREFIX: ${{ inputs.prefix }}
  TAG: ${{ inputs.tag }}
  PLUS_REPO: ${{ inputs.plus_repo }}
+ TARGET: goreleaser
 
  - name: Push image
  run:
- docker push gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/${{ github.actor }}-dev/${{ inputs.prefix }}:${{ inputs.tag }}
+ docker push ${REGISTRY}/${PREFIX}:${TAG}
+ env:
+ REGISTRY: gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/${{ github.actor }}-dev
+ PREFIX: ${{ inputs.prefix }}
+ TAG: ${{ inputs.tag }}
diff --git a/Makefile b/Makefile
@@ -5,6 +5,7 @@ VERSION = $(VER)-SNAPSHOT
 PLUS_ARGS = --secret id=nginx-repo.crt,src=nginx-repo.crt --secret id=nginx-repo.key,src=nginx-repo.key
 
 # Variables that can be overridden
+REGISTRY ?= ## The registry where the image is located.
 PREFIX ?= nginx/nginx-ingress ## The name of the image. For example, nginx/nginx-ingress
 TAG ?= $(VERSION:v%=%) ## The tag of the image. For example, 2.0.0
 TARGET ?= local ## The target of the build. Possible values: local, container and download
@@ -23,8 +24,14 @@ GO_LINKER_FLAGS = $(GO_LINKER_FLAGS_OPTIONS) $(GO_LINKER_FLAGS_VARS)
 DEBUG_GO_LINKER_FLAGS = $(GO_LINKER_FLAGS_VARS)
 DEBUG_GO_GC_FLAGS = all=-N -l
 
+ifeq (${REGISTRY},)
+BUILD_IMAGE := $(strip $(PREFIX)):$(strip $(TAG))
+else
+BUILD_IMAGE := $(strip $(REGISTRY))/$(strip $(PREFIX)):$(strip $(TAG))
+endif
+
 # final docker build command
-DOCKER_CMD = docker build --platform linux/$(strip $(ARCH)) $(strip $(DOCKER_BUILD_OPTIONS)) --target $(strip $(TARGET)) -f build/Dockerfile -t $(strip $(PREFIX)):$(strip $(TAG)) .
+DOCKER_CMD = docker build --platform linux/$(strip $(ARCH)) $(strip $(DOCKER_BUILD_OPTIONS)) --target $(strip $(TARGET)) -f build/Dockerfile -t $(BUILD_IMAGE) .
 
 export DOCKER_BUILDKIT = 1