Setup multi platform build

dksifoua · Oct 10, 2024 · 956efc7 · 956efc7
1 parent 3d21c9f
commit 956efc7
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 24 deletions.
diff --git a/.github/workflows/java.yaml b/.github/workflows/java.yaml
@@ -30,13 +30,13 @@ jobs:
           username: ${{ vars.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
 
-      - name: Setup Task
+      - name: Set up Task
         uses: arduino/setup-task@v2
         with:
           version: 3.x
           repo-token: ${{ secrets.GH_TOKEN }}
 
-      - name: Setup Dockle
+      - name: Set up Dockle
         run: |
           VERSION=$(
            curl --silent "https://api.github.com/repos/goodwithtech/dockle/releases/latest" | \
@@ -45,29 +45,19 @@ jobs:
           ) && curl -L -o dockle.deb https://github.com/goodwithtech/dockle/releases/download/v${VERSION}/dockle_${VERSION}_Linux-64bit.deb
           sudo dpkg -i dockle.deb && rm dockle.deb
 
-      - name: Setup Trivy
+      - name: Set up Trivy
         run: |
           sudo apt-get install wget apt-transport-https gnupg
           wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
           echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
           sudo apt-get update
           sudo apt-get install trivy
 
-      - name: Build Java Image
-        run: |
-          docker buildx create --name my-builder --use
-          docker buildx build \
-            --platform linux/amd64,linux/arm64 \
-            --tag java:21-graalvm \
-            --file java/Dockerfile \
-            .
+      - name: Build & Push Java Image
+        run: task java:build -- --push
 
       - name: Verify the built image follows the best practises
         run: task java:verify
 
       - name: Scan the built image for vulnerabilities
-        run: task java:scan
-
-      - name: Push the built image to docker hub
-        if: success()
-        run: task java:push
+        run: task java:scan
diff --git a/java/Dockerfile → java/21.Dockerfile b/java/Dockerfile → java/21.Dockerfile
diff --git a/java/Taskfile.yaml b/java/Taskfile.yaml
@@ -9,22 +9,20 @@ tasks:
     desc: Build Java image
     cmd: |
       docker buildx build \
-        --tag java:21-graalvm \
-        --file java/Dockerfile \
-        .
+        --tag dksifoua/java:21-graalvm \
+        --file java/21.Dockerfile \
+        . {{ .CLI_ARGS }}
     silent: true
 
   push:
     desc: Push java image to docker hub
-    cmds:
-      - docker tag java:21-graalvm dksifoua/java:21-graalvm
-      - docker push dksifoua/java:21-graalvm
+    cmd: docker push dksifoua/java:21-graalvm
 
   scan:
     desc: Scan built image for vulnerabilities
-    cmd: trivy image java:21-graalvm
+    cmd: trivy image dksifoua/java:21-graalvm
 
   verify:
     desc: Check docker image best practices has been followed
-    cmd: dockle --exit-code 1 --exit-level info java:21-graalvm
+    cmd: dockle --exit-code 1 --exit-level info dksifoua/java:21-graalvm
     silent: true