@@ -10,31 +10,24 @@ description: |
1010
1111inputs :
1212 docker :
13- type : boolean
1413 description : |
1514 Package the binary into a Docker container suitable for the Docker and AWS registries. We'll
1615 automatically determine the correct tags and target depending on the vault edition.
17- default : true
16+ default : ' true'
1817 goarch :
19- type : string
2018 description : The Go GOARCH value environment variable to set during the build.
2119 goos :
22- type : string
2320 description : The Go GOOS value environment variable to set during the build.
2421 redhat :
25- type : boolean
2622 description : Package the binary into a UBI container suitable for the Redhat Quay registry.
27- default : false
23+ default : ' false'
2824 vault-binary-path :
29- type : string
3025 description : The path to the vault binary.
3126 default : dist/vault
3227 vault-edition :
33- type : string
3428 description : The edition of vault to build.
3529 default : ce
3630 vault-version :
37- type : string
3831 description : The vault version.
3932
4033outputs :
@@ -48,31 +41,52 @@ runs:
4841 - id : vars
4942 shell : bash
5043 run : |
51- if [[ '${{ inputs.vault-edition }}' =~ 'ce' ]]; then
52- # CE containers
53- container_version='${{ inputs.vault-version }}'
54- docker_container_tags='docker.io/hashicorp/vault:${{ inputs.vault-version }} public.ecr.aws/hashicorp/vault:${{ inputs.vault-version }}'
55- docker_container_target='default'
56- redhat_container_tags='quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{ inputs.vault-version }}-ubi'
57- redhat_container_target='ubi'
58- else
59- # Ent containers
60- container_version='${{ inputs.vault-version }}+${{ inputs.vault-edition }}'
61-
62- if [[ '${{ inputs.vault-edition }}' =~ 'fips' ]]; then
63- # Ent FIPS 140-2 containers
64- docker_container_tags='docker.io/hashicorp/vault-enterprise-fips:${{ inputs.vault-version }}-${{ inputs.vault-edition }} public.ecr.aws/hashicorp/vault-enterprise-fips:${{ inputs.vault-version }}-${{ inputs.vault-edition }}'
65- docker_container_target='ubi-fips'
66- redhat_container_tags='quay.io/redhat-isv-containers/6283f645d02c6b16d9caeb8e:${{ inputs.vault-version }}-${{ inputs.vault-edition }}-ubi'
67- redhat_container_target='ubi-fips'
68- else
69- # All other Ent containers
44+ case '${{ inputs.vault-edition }}' in
45+ "ce")
46+ container_version='${{ inputs.vault-version }}'
47+ docker_container_tags='docker.io/hashicorp/vault:${{ inputs.vault-version }} public.ecr.aws/hashicorp/vault:${{ inputs.vault-version }}'
48+ docker_container_target='default'
49+ redhat_container_tags='quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{ inputs.vault-version }}-ubi'
50+ redhat_container_target='ubi'
51+ ;;
52+ "ent")
53+ container_version='${{ inputs.vault-version }}+${{ inputs.vault-edition }}'
7054 docker_container_tags='docker.io/hashicorp/vault-enterprise:${{ inputs.vault-version }}-${{ inputs.vault-edition}} public.ecr.aws/hashicorp/vault-enterprise:${{ inputs.vault-version }}-${{ inputs.vault-edition }}'
7155 docker_container_target='default'
7256 redhat_container_tags='quay.io/redhat-isv-containers/5f89bb9242e382c85087dce2:${{ inputs.vault-version }}-${{ inputs.vault-edition }}-ubi'
7357 redhat_container_target='ubi'
74- fi
75- fi
58+ ;;
59+ "ent.hsm")
60+ container_version='${{ inputs.vault-version }}+${{ inputs.vault-edition }}'
61+ docker_container_tags='docker.io/hashicorp/vault-enterprise:${{ inputs.vault-version }}-${{ inputs.vault-edition}} public.ecr.aws/hashicorp/vault-enterprise:${{ inputs.vault-version }}-${{ inputs.vault-edition }}'
62+ docker_container_target='ubi-hsm'
63+ redhat_container_tags='quay.io/redhat-isv-containers/5f89bb9242e382c85087dce2:${{ inputs.vault-version }}-${{ inputs.vault-edition }}-ubi'
64+ redhat_container_target='ubi-hsm'
65+ ;;
66+ "ent.hsm.fips1402")
67+ container_version='${{ inputs.vault-version }}+${{ inputs.vault-edition }}'
68+ docker_container_tags='docker.io/hashicorp/vault-enterprise:${{ inputs.vault-version }}-${{ inputs.vault-edition}} public.ecr.aws/hashicorp/vault-enterprise:${{ inputs.vault-version }}-${{ inputs.vault-edition }}'
69+ docker_container_target='ubi-hsm-fips'
70+ redhat_container_tags='quay.io/redhat-isv-containers/5f89bb9242e382c85087dce2:${{ inputs.vault-version }}-${{ inputs.vault-edition }}-ubi'
71+ redhat_container_target='ubi-hsm-fips'
72+ ;;
73+ "ent.fips1402")
74+ # NOTE: For compatibility we still publish the ent.fips1402 containers to different
75+ # namespaces. All ent, ent.hsm, and ent.hsm.fips1402 containers are released in the
76+ # enterprise namespaces. After we've updated the upstream docker action to support
77+ # multiple tags we can start to tag images with both namespaces, publish to both, and
78+ # eventually sunset the fips1402 specific namespaces.
79+ container_version='${{ inputs.vault-version }}+${{ inputs.vault-edition }}'
80+ docker_container_tags='docker.io/hashicorp/vault-enterprise-fips:${{ inputs.vault-version }}-${{ inputs.vault-edition }} public.ecr.aws/hashicorp/vault-enterprise-fips:${{ inputs.vault-version }}-${{ inputs.vault-edition }}'
81+ docker_container_target='ubi-fips'
82+ redhat_container_tags='quay.io/redhat-isv-containers/6283f645d02c6b16d9caeb8e:${{ inputs.vault-version }}-${{ inputs.vault-edition }}-ubi'
83+ redhat_container_target='ubi-fips'
84+ ;;
85+ *)
86+ echo "Cannot generate container tags for unknown vault edition: ${{ inputs.vault-edition }}" 2>&1
87+ exit 1
88+ ;;
89+ esac
7690 {
7791 echo "container-version=${container_version}"
7892 echo "docker-container-tags=${docker_container_tags}"
0 commit comments