Skip to content

chore(ci): Publish container images via CI/CD #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(ci): Publish container images via CI/CD #5

wants to merge 1 commit into from

Conversation

hairmare
Copy link
Member

@hairmare hairmare commented Nov 19, 2024
edited
Loading

Publish container images to ghcr.io based on rabe actions.

After merge this will:

  • publish each change to the main branch as ghcr.io/radiorabe/website-stack/next:latest
  • publish tags as ghcr.io/radiorabe/website-stack/next:<tag>
  • run a daily container image security scan on the latest image and upload the results to the GitHub security tab

This reflects our container image build best-practices. In this type of image build, we recommend using a pull-request based approach with conventional commits and semantic-release to ensure that every change is automatically tagged and released, I'll followup on this in #13.

@hairmare hairmare force-pushed the chore/ci-configuration branch 5 times, most recently from e26e5a7 to e2e6c8b Compare November 19, 2024 21:27
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@hairmare hairmare force-pushed the chore/ci-configuration branch from e2e6c8b to 161c52c Compare November 19, 2024 21:35
hairmare
hairmare commented Nov 19, 2024
View reviewed changes
@hairmare hairmare force-pushed the chore/ci-configuration branch 5 times, most recently from b3f2583 to 900db84 Compare November 24, 2024 13:45
@hairmare hairmare force-pushed the chore/ci-configuration branch 3 times, most recently from 1f2268c to ee61e96 Compare December 2, 2024 15:52
@hairmare hairmare force-pushed the chore/ci-configuration branch 2 times, most recently from 84c4c0e to f85708b Compare December 9, 2024 13:25
@hairmare hairmare force-pushed the chore/ci-configuration branch 12 times, most recently from 24800bc to fc91cc3 Compare December 19, 2024 16:01
@hairmare hairmare force-pushed the chore/ci-configuration branch 7 times, most recently from 0a772de to 9fc13c0 Compare January 16, 2025 15:18
@hairmare hairmare force-pushed the chore/ci-configuration branch 4 times, most recently from bf5092c to f588182 Compare January 25, 2025 11:14
@hairmare hairmare changed the title chore(ci): Create continuous integration and delivery pipelines chore(ci): Publish container images via CI/CD Jan 25, 2025
@hairmare hairmare marked this pull request as ready for review January 25, 2025 11:35
@hairmare hairmare self-assigned this Jan 25, 2025
@hairmare hairmare requested a review from AareFabrik January 25, 2025 11:39
@hairmare hairmare force-pushed the chore/ci-configuration branch 2 times, most recently from cd1095b to cdbb90a Compare January 25, 2025 12:13
@hairmare hairmare mentioned this pull request Jan 25, 2025
Draft
3 tasks
@hairmare hairmare force-pushed the chore/ci-configuration branch from cdbb90a to 612d76d Compare January 26, 2025 09:45
@AareFabrik
Copy link
Contributor

Hi @hairmare
Thanks for the PR, I will look into that. Looks promising

@hairmare hairmare force-pushed the chore/ci-configuration branch 2 times, most recently from 2e07692 to 7f05f5a Compare February 9, 2025 10:59
@hairmare hairmare force-pushed the chore/ci-configuration branch from 7f05f5a to 6f513b8 Compare February 16, 2025 09:03
@hairmare hairmare force-pushed the chore/ci-configuration branch 2 times, most recently from 92c5a15 to 2961f15 Compare March 12, 2025 20:26
@hairmare
Copy link
Member Author

@AareFabrik the docker docs currently mention 1. April as the target date for these rate limits:

  • Unauthenticated users: 10 pulls/hour
  • Authenticated users with a free account: 100 pulls/hour

I don't think we need to panic considering our current usage pattern, but merging this would certainly be a step towards having some more security.

hairmare
hairmare commented Mar 12, 2025
View reviewed changes
.github/workflows/release.yaml
dockerfile: './next/Dockerfile.prod'
push-default-branch: true
build-args: |
IMAGES_HOSTNAME=data.rabe.ch
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

question (non-blocking): this value might need updating to whatever is currently on prod, it's current value seems to be in the .env file

@hairmare hairmare force-pushed the chore/ci-configuration branch from 2961f15 to a16c9f7 Compare April 19, 2025 15:21
@hairmare hairmare force-pushed the chore/ci-configuration branch from a16c9f7 to 749f3b3 Compare May 28, 2025 20:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AareFabrik AareFabrik Awaiting requested review from AareFabrik

Assignees

@hairmare hairmare

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Publish container nextjs images to ghcr.io/radiorabe
2 participants
@hairmare @AareFabrik