ramius #47

Workflow file for this run

	---

	name: ramius
	on:
	workflow_dispatch:

	jobs:

	job_setup:
	runs-on: ubuntu-latest
	steps:
	- name: retrieve ${{ github.event.repository.name }} project
	uses: actions/checkout@v5

	- id: sbom
	name: retrieve and interpolate versions and tags for upstream dependencies
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|

	# retrieve equivalent semantic version (x.y) of almalinux image latest tag
	read -r almalinux <<< $(
	echo '{}' \
	\| jq -r \
	--compact-output \
	--arg version_latest "$(./utils/equate_tag_semver "docker.io/library/almalinux:9")" \
	'{almalinux: {version: $version_latest }}'
	)

	# retrieve equivalent version of coverity image latest tag
	read -r coverity <<< $(
	echo '{}' \
	\| jq -r \
	--compact-output \
	--arg version_latest "$(./utils/equate_tag "ghcr.io/mantidproject/cov-analysis-linux64:latest" \| jq -r '.[]')" \
	'{coverity: {version: $version_latest }}'
	)

	# retrieve version and download_url for github actions runner
	read -r gha_runner <<< $(
	curl -s https://api.github.com/repos/actions/runner/releases/latest \
	\| jq -r \
	--compact-output \
	'{
	gha_runner: {
	download_url: (.assets[] \| select(.name \| test("linux-x64")) \| .browser_download_url),
	version: (.name)
	}
	}'
	)

	echo -n "JSON=" >> $GITHUB_OUTPUT
	(
	echo -n "${almalinux}"
	echo -n "${coverity}"
	echo -n "${gha_runner}"
	) \
	\| jq -r -s --compact-output '. \| add' >> $GITHUB_OUTPUT

	outputs:
	sbom: ${{ steps.sbom.outputs.JSON }}

	job_debug:
	needs: job_setup
	runs-on: ubuntu-latest
	steps:
	- name: Extract metadata
	id: meta
	uses: docker/metadata-action@v6
	with:
	images: almalinux:9.7

	- name: debug
	run: \|
	echo "${{ toJSON(needs.job_setup.outputs.sbom) }} \| jq -r '.'"
	echo "${{ toJSON(steps.meta.outputs) }} \| jq -r '.'"

	job_docker:
	needs: job_setup
	runs-on: ubuntu-latest
	steps:
	- name: retrieve ${{ github.event.repository.name }} project
	uses: actions/checkout@v5

	- name: setup buildx
	uses: docker/setup-buildx-action@v3

	- name: Log into registry ghcr.io
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: build and push - github runner w/ coverity
	uses: docker/build-push-action@v6
	with:
	push: false
	context: Linux/coverity/docker
	tags: ghcr.io/${{ github.repository_owner }}/github-runner-coverity:${{ fromJSON(needs.job_setup.outputs.sbom).coverity.version }}
	build-args: \|
	"ALMALINUX_VERSION=${{ fromJSON(needs.job_setup.outputs.sbom).almalinux.version }}"
	"COVERITY_VERSION=${{ fromJSON(needs.job_setup.outputs.sbom).coverity.version }}"
	"GHA_RUNNER_VERSION=${{ fromJSON(needs.job_setup.outputs.sbom).gha_runner.version }}"
	"GHA_RUNNER_DOWNLOAD=${{ fromJSON(needs.job_setup.outputs.sbom).gha_runner.download_url }}"
	secrets: \|
	"GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}"
	outputs: \|
	type=image,name=target,annotation-index.org.opencontainers.image.description=Github Runner w/ Coverity v${{ fromJSON(needs.job_setup.outputs.sbom).coverity.version }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ramius #47

Workflow file

ramius #47

Uh oh!

Workflow file for this run