Daniel Sy
81b721bb5a
Some checks failed
Build secrets-backup image / build-and-push (push) Failing after 3s
OBS bucket has server-side KMS encryption. Client-side openssl was redundant and caused failures (Alpine CDN unreachable at 03:30 UTC). Changes: - Dockerfile: remove openssl apk install (no longer needed) - CronJob: remove openssl enc step, upload .tar.gz directly - CronJob: remove secrets-backup-config Secret (encryption passphrase) - CronJob: remove ENCRYPTION_PASSPHRASE env var - Bump image tag to 1.0.1, update workflow and manifest reference Flow: kubectl export → tar.gz → upload to OBS (SSE-KMS handles rest) Ref: IPCEICIS-9317
35 lines
912 B
YAML
35 lines
912 B
YAML
name: Build secrets-backup image
|
|
|
|
on:
|
|
push:
|
|
paths:
|
|
- 'build/secrets-backup/Dockerfile'
|
|
branches:
|
|
- main
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
build-and-push:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Log in to registry
|
|
run: |
|
|
echo "${{ secrets.PACKAGES_TOKEN }}" | \
|
|
docker login edp.buildth.ing \
|
|
-u "${{ env.FORGEJO_REPOSITORY_OWNER }}" \
|
|
--password-stdin
|
|
|
|
- name: Build image
|
|
run: |
|
|
docker build \
|
|
-t edp.buildth.ing/devfw-cicd/secrets-backup:1.0.1 \
|
|
-t edp.buildth.ing/devfw-cicd/secrets-backup:latest \
|
|
build/secrets-backup/
|
|
|
|
- name: Push image
|
|
run: |
|
|
docker push edp.buildth.ing/devfw-cicd/secrets-backup:1.0.1
|
|
docker push edp.buildth.ing/devfw-cicd/secrets-backup:latest
|