workflows: Update scorecard workflow and remove Dockerfile warnings #403
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build images for all architectures | |
on: | |
pull_request: | |
types: | |
- opened | |
- reopened | |
- synchronize | |
paths: | |
- 'dockerfiles/Dockerfile' | |
- 'dockerfiles/Dockerfile.windows' | |
- 'conf/**' | |
workflow_dispatch: | |
jobs: | |
pr-image-tests-build-images: | |
name: PR - Buildkit docker build test | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
# We do not push and this allows simpler workflow running for forks too | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Extract metadata from Github | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ github.repository }}/pr-${{ github.event.pull_request.number }} | |
tags: | | |
type=sha | |
- name: Build the multi-arch images | |
id: build | |
uses: docker/build-push-action@v6 | |
with: | |
file: ./dockerfiles/Dockerfile | |
context: . | |
platforms: linux/amd64 | |
target: production | |
provenance: false | |
push: false | |
load: true | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
- name: Sanity check it runs | |
# We do this for a simple check of dependencies | |
run: | | |
docker run --rm -t ${{ steps.meta.outputs.tags }} --help | |
shell: bash | |
- name: Build the debug multi-arch images | |
uses: docker/build-push-action@v6 | |
with: | |
file: ./dockerfiles/Dockerfile | |
context: . | |
platforms: linux/amd64 | |
target: debug | |
provenance: false | |
push: false | |
load: false | |
pr-image-tests-classic-docker-build: | |
name: PR - Classic docker build test | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Build the classic test image | |
# We only want to confirm it builds with classic mode, nothing else | |
run: | | |
docker build -f ./dockerfiles/Dockerfile . | |
env: | |
# Ensure we disable buildkit | |
DOCKER_BUILDKIT: 0 | |
shell: bash | |
pr-image-tests-build-windows-images: | |
name: PR - Docker windows build test, windows 2019 and 2022 | |
runs-on: windows-${{ matrix.windows-base-version }} | |
strategy: | |
fail-fast: true | |
matrix: | |
windows-base-version: | |
# https://github.com/fluent/fluent-bit/blob/1d366594a889624ec3003819fe18588aac3f17cd/dockerfiles/Dockerfile.windows#L3 | |
- '2019' | |
- '2022' | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Extract metadata from Github | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: ${{ github.repository }}/pr-${{ github.event.pull_request.number }} | |
tags: | | |
type=sha | |
flavor: | | |
suffix=-windows-${{ matrix.windows-base-version }} | |
- name: Build the windows images | |
id: build | |
run: | | |
docker build -t ${{ steps.meta.outputs.tags }} --build-arg WINDOWS_VERSION=ltsc${{ matrix.windows-base-version }} -f ./dockerfiles/Dockerfile.windows . | |
- name: Sanity check it runs | |
# We do this for a simple check of dependencies | |
run: | | |
docker run --rm -t ${{ steps.meta.outputs.tags }} --help | |
shell: bash | |