Skip to content

Commit

Permalink
Rename container images
Browse files Browse the repository at this point in the history
bifrost image contains all binaries.
bifrost-ca is issuer set up to run on AWS Lambda.
  • Loading branch information
ananthb committed May 4, 2023
1 parent 9f4ffbd commit 56144c0
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 28 deletions.
27 changes: 13 additions & 14 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -81,47 +81,46 @@ jobs:
run: echo "LATEST_TAG=latest" >>"$GITHUB_ENV"
- if: github.event_name == 'pull_request'
run: echo "PR_TAG=pr-${{ github.event.pull_request.number }}" >>"$GITHUB_ENV"
- name: Build bouncer
- name: Build CA
uses: redhat-actions/buildah-build@v2
id: build_bouncer
id: build_ca
with:
image: ${{ github.repository }}-bouncer
image: ${{ github.repository }}-issuer
build-args: GO_VERSION=${{ env.GO_VERSION }}
extra-args: --target=bouncer
extra-args: --target=ca
tags: >
${{ env.LATEST_TAG }}
${{ env.SHORT_SHA }}
${{ github.sha }}
${{ env.PR_TAG }}
${{ github.event.release.tag_name }}
containerfiles: Dockerfile
- name: Build issuer
- name: Build bifrost
uses: redhat-actions/buildah-build@v2
id: build_issuer
id: build_bifrost
with:
image: ${{ github.repository }}-issuer
image: ${{ github.repository }}
build-args: GO_VERSION=${{ env.GO_VERSION }}
extra-args: --target=issuer
tags: >
${{ env.LATEST_TAG }}
${{ env.SHORT_SHA }}
${{ github.sha }}
${{ env.PR_TAG }}
${{ github.event.release.tag_name }}
containerfiles: Dockerfile
- name: Push bouncer to ghcr.io
- name: Push issuer to ghcr.io
uses: redhat-actions/push-to-registry@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
image: ${{ steps.build_bouncer.outputs.image }}
tags: ${{ steps.build_bouncer.outputs.tags }}
- name: Push issuer to ghcr.io
image: ${{ steps.build_ca.outputs.image }}
tags: ${{ steps.build_ca.outputs.tags }}
- name: Push bifrost to ghcr.io
uses: redhat-actions/push-to-registry@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
image: ${{ steps.build_issuer.outputs.image }}
tags: ${{ steps.build_issuer.outputs.tags }}
image: ${{ steps.build_bifrost.outputs.image }}
tags: ${{ steps.build_bifrost.outputs.tags }}
13 changes: 7 additions & 6 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,7 @@ ENV GOPRIVATE="github.com/RealImage/*"
RUN mkdir /build
RUN go build -o /build ./...

FROM gcr.io/distroless/base-debian11 as bouncer
COPY --from=builder /build/bouncer /
ENV PORT=8080
ENTRYPOINT ["/bouncer"]

FROM gcr.io/distroless/base-debian11 as issuer
FROM gcr.io/distroless/base-debian11 as ca
# uses lambda-web-adapter to run our standard HTTP app in a lambda
# https://github.com/awslabs/aws-lambda-web-adapter
# for configuration see https://github.com/awslabs/aws-lambda-web-adapter#configurations
Expand All @@ -28,3 +23,9 @@ ENV PORT=8080
ENV READINESS_CHECK_PATH="/metrics"
ENV REMOVE_BASE_PATH=""
ENTRYPOINT ["/issuer"]

FROM gcr.io/distroless/base-debian11 as bifrost
COPY --from=builder /build/bfid /
COPY --from=builder /build/bouncer /
COPY --from=builder /build/issuer /
ENTRYPOINT ["/bouncer"]
19 changes: 11 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,19 @@ Bifrost binaries are available on the [releases](https://github.com/RealImage/bi
page.
Container images are on ghcr.io.

[bifrost-bouncer](ghcr.io/realimage/bifrost-bouncer):
[bifrost](ghcr.io/realimage/bifrost) contains all binaries.
Its intended for local development.

```console
podman pull ghcr.io/realimage/bifrost-bouncer
podman pull ghcr.io/realimage/bifrost
```

[bifrost-issuer](ghcr.io/realimage/bifrost-issuer):
[bifrost-ca](ghcr.io/realimage/bifrost-ca) contains the issuer binary.
The image has the [AWS Lambda Web Adapter](github.com/awslabs/aws-lambda-web-adapter)
extension installed.

```console
podman pull ghcr.io/realimage/bifrost-issuer
podman pull ghcr.io/realimage/bifrost-ca
```

## Identity
Expand Down Expand Up @@ -115,16 +118,16 @@ go build -o build ./...

### Containers

bouncer:
issuer:

```console
podman build -t gcr.io/realimage/bifrost-bouncer --target=bouncer .
podman build -t ghcr.io/realimage/bifrost-ca --target=ca .
```

issuer:
bifrost:

```console
podman build -t ghcr.io/realimage/bifrost-issuer --target=issuer .
podman build -t gcr.io/realimage/bifrost .
```

## Run Issuer CA
Expand Down

0 comments on commit 56144c0

Please sign in to comment.