From a5834aa5525c127c9ceafcc2a26a49199286b51c Mon Sep 17 00:00:00 2001 From: Noelia Melina Urruchua Date: Thu, 3 Jul 2025 12:45:06 -0300 Subject: [PATCH 1/2] Add ECR docker registry --- .github/workflows/docker.yml | 40 +++++++++++++++++++++++++++------- .github/workflows/unstable.yml | 36 +++++++++++++++++++++++++----- 2 files changed, 62 insertions(+), 14 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 2348b9b..4373c9e 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -5,6 +5,10 @@ on: branches: - main +permissions: + contents: read + id-token: write + jobs: build-docker-image: name: Build and push Docker image @@ -13,25 +17,45 @@ jobs: matrix: fips_mode: [enabled, disabled] steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Login to DockerHub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_RO_TOKEN }} + + - name: Configure AWS credentials + if: ${{ github.event_name == 'push' }} + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ vars.ECR_TESTING_ROLE_ARN }} + aws-region: us-east-1 + + - name: Login to Amazon ECR + if: ${{ github.event_name == 'push' }} + uses: aws-actions/amazon-ecr-login@v2 + - name: Login to Artifactory + if: ${{ github.event_name == 'push' }} uses: docker/login-action@v3 with: - registry: splitio-docker.jfrog.io - username: ${{ secrets.ARTIFACTORY_DOCKER_USER }} + registry: ${{ vars.ARTIFACTORY_DOCKER_REGISTRY }} + username: ${{ vars.ARTIFACTORY_DOCKER_USER }} password: ${{ secrets.ARTIFACTORY_DOCKER_PASS }} - - name: Checkout code - uses: actions/checkout@v4 - - name: Set VERSION env run: echo "VERSION=$(cat splitio/version.go | grep 'Version =' | awk '{print $4}' | tr -d '"')" >> $GITHUB_ENV - - name: Docker build and push - uses: docker/build-push-action@v5 + - name: Docker Build and Push + uses: docker/build-push-action@v6 with: context: . file: "infra/sidecar.Dockerfile" push: true - tags: splitio-docker.jfrog.io/splitd/sidecar${{ matrix.fips_mode == 'enabled' && '-fips' || ''}}:${{ env.VERSION }} + tags: | + ${{ vars.ARTIFACTORY_DOCKER_REGISTRY }}/splitd/sidecar${{ matrix.fips_mode == 'enabled' && '-fips' || ''}}:${{ env.VERSION }} + ${{ vars.ECR_TESTING_URL }}/splitd/sidecar${{ matrix.fips_mode == 'enabled' && '-fips' || ''}}:${{ env.VERSION }} build-args: | FIPS_MODE=${{ matrix.fips_mode }} diff --git a/.github/workflows/unstable.yml b/.github/workflows/unstable.yml index 02c8c7a..decb7c3 100644 --- a/.github/workflows/unstable.yml +++ b/.github/workflows/unstable.yml @@ -4,6 +4,10 @@ on: branches-ignore: - main +permissions: + contents: read + id-token: write + jobs: push-docker-image: name: Build and Push Docker Image @@ -12,25 +16,45 @@ jobs: matrix: fips_mode: [enabled, disabled] steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Login to DockerHub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_RO_TOKEN }} + + - name: Configure AWS credentials + if: ${{ github.event_name == 'push' }} + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ vars.ECR_TESTING_ROLE_ARN }} + aws-region: us-east-1 + + - name: Login to Amazon ECR + if: ${{ github.event_name == 'push' }} + uses: aws-actions/amazon-ecr-login@v2 + - name: Login to Artifactory + if: ${{ github.event_name == 'push' }} uses: docker/login-action@v3 with: registry: splitio-docker-dev.jfrog.io - username: ${{ secrets.ARTIFACTORY_DOCKER_USER }} + username: ${{ vars.ARTIFACTORY_DOCKER_USER }} password: ${{ secrets.ARTIFACTORY_DOCKER_PASS }} - - name: Checkout code - uses: actions/checkout@v4 - - name: Get short hash run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - name: Docker Build and Push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . file: "infra/sidecar.Dockerfile" push: true - tags: splitio-docker-dev.jfrog.io/splitd/sidecar${{ matrix.fips_mode == 'enabled' && '-fips' || '' }}:${{ env.SHORT_SHA }} + tags: | + splitio-docker-dev.jfrog.io/splitd/sidecar${{ matrix.fips_mode == 'enabled' && '-fips' || '' }}:${{ env.SHORT_SHA }} + ${{ vars.ECR_TESTING_URL }}/splitd/sidecar${{ matrix.fips_mode == 'enabled' && '-fips' || '' }}:${{ env.SHORT_SHA }} build-args: | FIPS_MODE=${{ matrix.fips_mode }} From 0646912a3dda297c0e83b9125f2a814cfeabd1ba Mon Sep 17 00:00:00 2001 From: Noelia Melina Urruchua Date: Thu, 3 Jul 2025 13:00:16 -0300 Subject: [PATCH 2/2] version --- .github/workflows/unstable.yml | 2 +- splitio/version.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/unstable.yml b/.github/workflows/unstable.yml index decb7c3..70f9222 100644 --- a/.github/workflows/unstable.yml +++ b/.github/workflows/unstable.yml @@ -32,7 +32,7 @@ jobs: role-to-assume: ${{ vars.ECR_TESTING_ROLE_ARN }} aws-region: us-east-1 - - name: Login to Amazon ECR + - name: Login to ECR if: ${{ github.event_name == 'push' }} uses: aws-actions/amazon-ecr-login@v2 diff --git a/splitio/version.go b/splitio/version.go index 16afa17..e26e46e 100644 --- a/splitio/version.go +++ b/splitio/version.go @@ -1,3 +1,3 @@ package splitio -const Version = "1.6.0" +const Version = "1.6.1"