ramius #69

Workflow file for this run

	---

	name: ramius
	on:
	workflow_dispatch:

	jobs:

	job_setup:
	runs-on: ubuntu-latest
	steps:
	- name: retrieve ${{ github.event.repository.name }} project
	uses: actions/checkout@v5

	- id: sbom
	name: retrieve and interpolate versions and tags for upstream dependencies
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|

	# retrieve equivalent semantic version (x.y) of almalinux image latest tag
	read -r almalinux <<< $(
	echo '{}' \
	\| jq -r \
	--compact-output \
	--arg version_latest "$(./utils/equate_tag_semver "docker.io/library/almalinux:9")" \
	'{almalinux: {version: $version_latest }}'
	)

	# retrieve equivalent version of coverity image latest tag
	read -r coverity <<< $(
	echo '{}' \
	\| jq -r \
	--compact-output \
	--arg version_latest "$(./utils/equate_tag "ghcr.io/mantidproject/cov-analysis-linux64:latest" \| jq -r '.[]')" \
	'{coverity: {version: $version_latest }}'
	)

	# retrieve version and download_url for github actions runner
	gha_runner=$(
	curl -s https://api.github.com/repos/actions/runner/releases/latest
	)
	if ! parsed=$(jq -e --compact-output '{
	gha_runner: {
	download_url: (.assets[] \| select(.name \| test("linux-x64")) \| .browser_download_url),
	version: (.name)
	}
	}' <<< "${gha_runner}" 2>/dev/null); then
	echo "Error parsing GitHub API response:" >&2
	echo "${gha_runner}" >&2
	exit 1
	fi
	read -r gha_runner <<< "${parsed}"

	echo -n "JSON=" >> $GITHUB_OUTPUT
	(
	echo -n "${almalinux}"
	echo -n "${coverity}"
	echo -n "${gha_runner}"
	) \
	\| jq -r -s --compact-output '. \| add' >> $GITHUB_OUTPUT

	outputs:
	sbom: ${{ steps.sbom.outputs.JSON }}

	job_debug:
	needs: job_setup
	runs-on: ubuntu-latest
	steps:
	- name: Extract metadata
	if: false
	id: meta
	uses: docker/metadata-action@v6
	with:
	images: almalinux:9.7

	- name: debug
	run: \|
	echo "${{ toJSON(needs.job_setup.outputs.sbom) }}" \| jq -r '.'
	echo "${{ toJSON(steps.meta.outputs) }}" \| jq -r '.'

	job_docker:
	needs: job_setup
	runs-on: ubuntu-latest
	steps:
	- name: retrieve ${{ github.event.repository.name }} project
	uses: actions/checkout@v5

	- name: setup buildx
	uses: docker/setup-buildx-action@v3

	- name: Log into registry ghcr.io
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Extract metadata
	if: false
	id: meta
	uses: docker/metadata-action@v5
	with:
	images: ghcr.io/${{ github.repository_owner }}/github-runner-coverity
	labels: \|
	org.opencontainers.image.title=GitHub Runner with Coverity
	org.opencontainers.image.description=Github Runner w/ Coverity on AlmaLinux ${{ fromJSON(needs.job_setup.outputs.sbom).almalinux.version }}
	org.opencontainers.image.vendor=Mantid Project
	org.opencontainers.image.licenses=GPL-3.0
	org.opencontainers.image.documentation=https://github.com/mantidproject/dockerfiles/blob/main/README.md

	- name: build and push - github runner w/ coverity
	uses: docker/build-push-action@v6
	with:
	labels: \|
	org.opencontainers.image.title=GitHub Runner with Coverity
	org.opencontainers.image.description=Github Runner w/ Coverity on AlmaLinux ${{ fromJSON(needs.job_setup.outputs.sbom).almalinux.version }}
	push: true
	context: Linux/coverity/docker
	tags: ghcr.io/${{ github.repository_owner }}/github-runner-coverity:${{ fromJSON(needs.job_setup.outputs.sbom).coverity.version }}
	provenance: false
	build-args: \|
	"ALMALINUX_VERSION=${{ fromJSON(needs.job_setup.outputs.sbom).almalinux.version }}"
	"COVERITY_VERSION=${{ fromJSON(needs.job_setup.outputs.sbom).coverity.version }}"
	"GHA_RUNNER_VERSION=${{ fromJSON(needs.job_setup.outputs.sbom).gha_runner.version }}"
	"GHA_RUNNER_DOWNLOAD=${{ fromJSON(needs.job_setup.outputs.sbom).gha_runner.download_url }}"
	secrets: \|
	"GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}"

	# outputs: \|
	# "type=image,name=target,annotation-index.org.opencontainers.image.description=Github Runner w/ Coverity v${{ fromJSON(needs.job_setup.outputs.sbom).coverity.version }}
	# annotations: \|
	# index:org.opencontainers.image.description=Github Runner w/ Coverity v${{ fromJSON(needs.job_setup.outputs.sbom).coverity.version }} on AlmaLinux ${{ fromJSON(needs.job_setup.outputs.sbom).almalinux.version }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ramius #69

Workflow file

ramius #69

Uh oh!

Workflow file for this run