Build and Push Containers #34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Build and Push Containers | |
| ## Notes | |
| # Building SeaBee requires vmlinux for your kernel | |
| # vmlinux.h requires bpftool, which is also kernel specific | |
| # This means that the container must be build on the same system that is going to run them in order to build correctly | |
| on: | |
| schedule: | |
| - cron: "11 11 * * 6" # Choosing an random non-peak time: every Saturday at 11:11 UTC | |
| workflow_dispatch: | |
| env: | |
| REPO: nationalsecurityagency/seabee | |
| REGISTRY: ghcr.io | |
| permissions: | |
| packages: write | |
| jobs: | |
| build: | |
| # changing the runner will break the build | |
| runs-on: ubuntu-24.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| distro: | |
| - { name: "fedora-41", dockerfile: "ci/fedora-41.Dockerfile" } | |
| - { name: "fedora-42", dockerfile: "ci/fedora-42.Dockerfile" } | |
| - { name: "ubuntu-jammy", dockerfile: "ci/ubuntu-jammy.Dockerfile" } | |
| - { name: "ubuntu-noble", dockerfile: "ci/ubuntu-noble.Dockerfile" } | |
| - { name: "rocky-9", dockerfile: "ci/rocky-9.Dockerfile" } | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v4 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build image | |
| run: | | |
| docker build \ | |
| -f ${{ matrix.distro.dockerfile }} \ | |
| -t ${{ env.REGISTRY }}/${{ env.REPO }}-build-${{ matrix.distro.name }}:latest . | |
| - name: Push image | |
| run: | | |
| docker push ${{ env.REGISTRY }}/${{ env.REPO }}-build-${{ matrix.distro.name }}:latest |