Skip to content

fix: refactor LLM model selection and attack surface analysis #87

fix: refactor LLM model selection and attack surface analysis

fix: refactor LLM model selection and attack surface analysis #87

Workflow file for this run

name: Docker Image CI
on:
pull_request:
paths:
- 'docker/**'
push:
branches:
- "master"
- "release/**"
paths:
- 'docker/**'
tags:
- "v*.*.*"
release:
types: [published]
workflow_dispatch:
inputs:
push_image:
description: 'Push image to registry'
required: true
default: 'false'
type: choice
options:
- 'true'
- 'false'
env:
REGISTRY: ghcr.io
OWNER: security-tools-alliance
PROJECT: rengine-ng
jobs:
build-and-push:
runs-on: ubuntu-latest
strategy:
matrix:
image: [celery, web, postgres, redis, ollama, certs, proxy]
platform: [linux/amd64, linux/arm64]
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Get version
id: get_version
run: |
if [[ $GITHUB_REF == refs/tags/* ]]; then
echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
else
echo "VERSION=latest" >> $GITHUB_OUTPUT
fi
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GHCR
if: github.event_name != 'pull_request' || github.event.inputs.push_image == 'true'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ vars.GHCR_USERNAME }}
password: ${{ secrets.GHCR_PAT }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: ./docker/${{ matrix.image }}
file: ./docker/${{ matrix.image }}/Dockerfile
push: ${{ github.event_name != 'pull_request' || github.event.inputs.push_image == 'true' }}
tags: |
${{ env.REGISTRY }}/${{ env.OWNER }}/${{ env.PROJECT }}:rengine-${{ matrix.image }}-${{ steps.get_version.outputs.VERSION }}
${{ env.REGISTRY }}/${{ env.OWNER }}/${{ env.PROJECT }}:rengine-${{ matrix.image }}-latest
platforms: ${{ matrix.platform }}
update-release:
needs: build-and-push
if: github.event_name == 'release' && github.event.action == 'published'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Update release description
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
release_id=$(curl -s -H "Authorization: token $GITHUB_TOKEN" \
"https://api.github.com/repos/${{ github.repository }}/releases/latest" | \
jq -r .id)
images="celery web postgres redis ollama certs proxy"
image_list=""
for image in $images; do
image_list="${image_list}- ghcr.io/${{ env.OWNER }}/${{ env.PROJECT }}:rengine-${image}-${{ github.ref_name }}\n"
done
body="Docker images for this release:\n${image_list}"
curl -X PATCH -H "Authorization: token $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/repos/${{ github.repository }}/releases/${release_id}" \
-d "{\"body\": \"$body\"}"