Add: Build container images for openvas-smb

Create and upload an image to build openvas-smb and an image that contains the build libraries of openvas-smb.
greenbone · Sep 2, 2022 · 4d3cd56 · 4d3cd56
1 parent 455f964
commit 4d3cd56
Show file tree

Hide file tree

Showing 5 changed files with 152 additions and 1 deletion.
diff --git a/.docker/build.Dockerfile b/.docker/build.Dockerfile
@@ -0,0 +1,14 @@
+FROM debian:stable-slim
+
+RUN apt-get update && apt-get install --no-install-recommends --no-install-suggests -y \
+    build-essential \
+    cmake \
+    pkg-config \
+    gcc-mingw-w64 \
+    libgnutls28-dev \
+    perl-base \
+    heimdal-dev \
+    libpopt-dev \
+    libglib2.0-dev \
+    libunistring-dev \
+    && rm -rf /var/lib/apt/lists/*
diff --git a/.docker/prod.Dockerfile b/.docker/prod.Dockerfile
@@ -0,0 +1,24 @@
+ARG VERSION=latest
+
+FROM greenbone/openvas-smb-build:$VERSION AS build
+
+COPY . /source
+
+RUN cmake -DCMAKE_BUILD_TYPE=Release -B/build /source
+RUN DESTDIR=/install cmake --build /build -- install
+
+FROM debian:stable-slim
+
+RUN apt-get update && apt-get install --no-install-recommends --no-install-suggests -y \
+    libgnutls30 \
+    libgssapi3-heimdal \
+    libkrb5-26-heimdal \
+    libasn1-8-heimdal \
+    libroken18-heimdal \
+    libhdb9-heimdal \
+    libpopt0 \
+    && rm -rf /var/lib/apt/lists/*
+
+COPY --from=build /install/ /
+
+RUN ldconfig
diff --git a/.github/workflows/build-container.yml b/.github/workflows/build-container.yml
@@ -0,0 +1,62 @@
+name: Build Container
+
+on:
+  push:
+    branches: [ main ]
+    tags: ["v*"]
+    paths:
+      - .github/workflows/build-container.yml
+      - .docker/build.Dockerfile
+  pull_request:
+    branches: [ main ]
+    paths:
+      - .github/workflows/build-container.yml
+      - .docker/build.Dockerfile
+  workflow_dispatch:
+  repository_dispatch:
+  schedule:
+    # rebuild image every sunday
+    - cron: "0 0 * * 0"
+
+jobs:
+  build:
+    name: Upload images for building openvas-smb
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Setup container meta information
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ github.repository }}-build
+          labels: |
+            org.opencontainers.image.vendor=Greenbone
+            org.opencontainers.image.base.name=debian:stable-slim
+          flavor: latest=false # no latest container tag for git tags
+          tags: |
+            # create container tag for git tags
+            type=ref,event=tag
+            type=ref,event=pr
+            # use latest for main branch
+            type=raw,value=latest,enable={{is_default_branch}}
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - run: echo "Build and push ${{ steps.meta.outputs.tags }}"
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          file: .docker/build.Dockerfile
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -9,7 +9,7 @@ on:
 jobs:
   compile:
     runs-on: ubuntu-latest
-    container: ${{ github.repository }}-build:unstable
+    container: ${{ github.repository }}-build:latest
     steps:
       - name: Check out openvas-smb
         uses: actions/checkout@v3

diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
@@ -0,0 +1,51 @@
+name: Container
+
+on:
+  push:
+    branches: [ main ]
+    tags: ["v*"]
+  pull_request:
+    branches: [ main ]
+  workflow_dispatch:
+
+jobs:
+  main:
+    name: Upload production image
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Setup container meta information
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ github.repository }}
+          labels: |
+            org.opencontainers.image.vendor=Greenbone
+            org.opencontainers.image.base.name=debian:stable-slim
+          flavor: latest=false # no latest container tag for git tags
+          tags: |
+            # create container tag for git tags
+            type=ref,event=tag
+            type=ref,event=pr
+            # use latest for main branch
+            type=raw,value=latest,enable={{is_default_branch}}
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          file: .docker/prod.Dockerfile
+          platforms: linux/amd64,linux/arm64
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}