| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to you under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| name: Docker Publish |
| |
| on: |
| push: |
| branches: |
| - master |
| tags: |
| - 'v*' |
| workflow_dispatch: |
| |
| jobs: |
| docker: |
| runs-on: ubuntu-latest |
| steps: |
| - name: Checkout |
| uses: actions/checkout@v4 |
| |
| - name: Setup Java |
| uses: actions/setup-java@v4 |
| with: |
| java-version: '17' |
| distribution: 'temurin' |
| cache: maven |
| |
| - name: Login to Docker Hardened Images |
| run: | |
| echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login \ |
| -u "${{ secrets.DOCKERHUB_USER }}" --password-stdin dhi.io |
| |
| - name: Build with Maven |
| run: | |
| mvn -Dforbiddenapis.skip=true -Denforcer.skip -Dpmd.failOnViolation=false \ |
| -Dcheckstyle.skip=true -Dspotbugs.skip=true -Ddependency-check.skip=true \ |
| -Dmaven.test.skip=true -U clean verify install -Prelease,package,docker |
| |
| - name: Extract project version |
| id: project-version |
| run: | |
| echo "version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> "$GITHUB_OUTPUT" |
| |
| - name: Set up QEMU |
| run: | |
| docker run --rm --privileged multiarch/qemu-user-static --reset -p yes |
| |
| - name: Set up Docker Buildx |
| run: | |
| docker buildx rm multiarch-builder 2>/dev/null || true |
| docker buildx create --use --name multiarch-builder |
| docker buildx inspect --bootstrap |
| |
| - name: Login to DockerHub |
| run: | |
| echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login \ |
| -u "${{ secrets.DOCKERHUB_USER }}" --password-stdin |
| |
| - name: Generate Docker tags |
| id: meta |
| run: | |
| TAGS="apache/knox:latest" |
| if [[ "$GITHUB_REF" == refs/tags/v* ]]; then |
| VERSION="${GITHUB_REF#refs/tags/v}" |
| MAJOR=$(echo "$VERSION" | cut -d. -f1) |
| MINOR=$(echo "$VERSION" | cut -d. -f2 -s) |
| TAGS="$TAGS,apache/knox:$VERSION,apache/knox:$MAJOR" |
| if [[ -n "$MINOR" && "$VERSION" != "$MAJOR.$MINOR" ]]; then |
| TAGS="$TAGS,apache/knox:$MAJOR.$MINOR" |
| fi |
| fi |
| echo "tags=$TAGS" >> "$GITHUB_OUTPUT" |
| |
| - name: Build and push |
| run: | |
| TAG_ARGS=$(echo "${{ steps.meta.outputs.tags }}" | tr ',' '\n' | sed 's/^/--tag /' | tr '\n' ' ') |
| docker buildx build \ |
| --push \ |
| --platform linux/amd64,linux/arm64 \ |
| $TAG_ARGS \ |
| --build-arg RELEASE_FILE=knox-${{ steps.project-version.outputs.version }}.zip \ |
| --build-arg ENTRYPOINT=gateway-entrypoint.sh \ |
| --build-arg EXPOSE_PORT=8443 \ |
| gateway-docker/target/classes/docker |
