-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* feat/creating enigma bake command to build, scan and tag in a single command * feat:removed tag code as build command was making tag also * feat:Improved readme * feat:Added .DS_Store in .gitignore * feat:Added .DS_Store in .gitignore * feat:Added .DS_Store in .gitignore * feat:Added .DS_Store in .gitignore * feat/created publish command to Push Image on Dockerhub and cleanup images will be done on based of CLEANUP parameter in .enigma * feat/created publish command to Push Image on Dockerhub and cleanup images will be done on based of CLEANUP parameter in .enigma * feat:passed dummy values in readme.md * feat:Publish for aws and gcp also ready * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * feat:custom workflow for enigma docker * removed sarif file in go code * commented scan code to test * added .enigma file * testing workflow * removed /n * modified code * removed unwanted code * added aws creds parameters * feat:added aws inputs * modified entrypoint.sh * changed Dockerfile * modified Dockerfile * testing by commenting entrypoint.sh * commented some lines * modified full correct Dockerfile and action.yml * modified entrypoint.sh * changed entrypoint.sh * modfied entry point.sh * feat:modified action.yml * modified scout command * removed vaues from .enigma * commented cleanup part * modified action.yml * modified action.yml * added aws cli install part * commented login part from custom workflow * added auth part in entrypoint.sh: * commented aws login in entrypoint * added auth part in entrypoint.sh * modified entrypoint file * added aws in dockerfile * added aws in dockerfile * added cleanup * modifed entrypoint.sh * modified readme * Update entrypoint.sh * Update readme.md * feat: modified entrypoint.sh and release.yml * feat:changed tag to v1 * feat:changed release.yml file
- Loading branch information
1 parent
80dd024
commit 6f0e524
Showing
8 changed files
with
127 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
DOCKER_IMAGE | ||
DOCKER_TAG | ||
CLEANUP | ||
DOCKER_IMAGE= | ||
DOCKER_TAG= | ||
CLEANUP= | ||
SCAN= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,33 @@ | ||
ARG GO_VERSION=1.23 | ||
FROM golang:${GO_VERSION} as builder | ||
ARG PROGRAM=nothing | ||
ARG VERSION=development | ||
FROM golang:1.23 | ||
|
||
RUN mkdir /src /output | ||
# Install Docker CLI and other dependencies | ||
RUN apt-get update && apt-get install -y \ | ||
apt-transport-https \ | ||
ca-certificates \ | ||
curl \ | ||
gnupg \ | ||
lsb-release \ | ||
unzip | ||
|
||
WORKDIR /src | ||
# Add Docker's official GPG key | ||
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg | ||
|
||
COPY . . | ||
RUN GOBIN=/output make install VERSION=$VERSION | ||
RUN PROGRAM=$(ls /output); echo "#!/bin/sh\nexec '/usr/bin/$PROGRAM' \"\$@\"" > /docker-entrypoint.sh && chmod +x /docker-entrypoint.sh | ||
# Set up the Docker repository | ||
RUN echo \ | ||
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \ | ||
$(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null | ||
|
||
# Install Docker CE CLI | ||
RUN apt-get update && apt-get install -y docker-ce-cli | ||
|
||
# Install AWS CLI v2 | ||
RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && \ | ||
unzip awscliv2.zip && \ | ||
./aws/install && \ | ||
rm -rf aws awscliv2.zip | ||
|
||
FROM gcr.io/distroless/base:latest | ||
ARG PROGRAM=nothing | ||
WORKDIR /go/src/app | ||
COPY . . | ||
RUN go build -o enigma main.go | ||
|
||
COPY --from=builder /output/${PROGRAM} / | ||
USER 1000 | ||
ENTRYPOINT [""] | ||
ENTRYPOINT ["/go/src/app/entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
name: 'Enigma Docker Build and Publish' | ||
description: 'Builds, scans, tags, and pushes Docker images using the Enigma tool' | ||
inputs: | ||
command: | ||
description: 'Command to run (bake or publish)' | ||
required: true | ||
DOCKER_IMAGE: | ||
description: 'Docker image name' | ||
required: true | ||
DOCKER_TAG: | ||
description: 'Docker image tag' | ||
required: true | ||
CLEANUP: | ||
description: 'Cleanup after push (true or false)' | ||
required: false | ||
default: 'false' | ||
AWS_REGION: | ||
description: 'AWS Region' | ||
required: true | ||
AWS_ACCOUNT_ID: | ||
description: 'AWS Account ID' | ||
required: true | ||
runs: | ||
using: 'docker' | ||
image: 'Dockerfile' | ||
env: | ||
DOCKER_IMAGE: ${{ inputs.DOCKER_IMAGE }} | ||
DOCKER_TAG: ${{ inputs.DOCKER_TAG }} | ||
AWS_ACCOUNT_ID: ${{ inputs.AWS_ACCOUNT_ID }} | ||
AWS_REGION: ${{ inputs.AWS_REGION }} | ||
CLEANUP: ${{ inputs.AWS_REGION }} | ||
|
||
args: | ||
- ${{ inputs.command }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
#!/bin/sh | ||
set -e | ||
|
||
# Check if provider is AWS | ||
if [ "$PROVIDER" = "aws" ]; then | ||
aws ecr get-login-password --region "$AWS_REGION" | docker login --username AWS --password-stdin "$AWS_ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com" | ||
|
||
else | ||
echo "Please pass a valid provider" | ||
fi | ||
|
||
exec "/go/src/app/enigma" "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -41,4 +41,4 @@ func main() { | |
fmt.Println("Unknown command:", command) | ||
fmt.Println("Commands: bake, publish") | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters